From 5b73cc05f87bef965bac2f75d0245712ff162515 Mon Sep 17 00:00:00 2001 From: Frederik Petersen Date: Wed, 29 Jul 2020 15:21:07 +0200 Subject: [PATCH] Changed structure of OpenService draft --- .../development/invalid_openservice.json | 5 ++- .../development/invalid_openservice2json | 34 +++++++++++++++++++ .../invalid_openservice_missing_service.json | 33 ++++++++++++++++++ .../development/openservice_sample.json | 7 ++-- schemas/development/openservice.schema.json | 11 ++---- schemas/development/xarf_shared.schema.json | 12 +++++++ 6 files changed, 91 insertions(+), 11 deletions(-) create mode 100644 samples/negative/development/invalid_openservice2json create mode 100644 samples/negative/development/invalid_openservice_missing_service.json diff --git a/samples/negative/development/invalid_openservice.json b/samples/negative/development/invalid_openservice.json index 4c77005..35e41f7 100644 --- a/samples/negative/development/invalid_openservice.json +++ b/samples/negative/development/invalid_openservice.json @@ -14,7 +14,10 @@ "ReportClass": "Vulnerability", "FirstSeen": "2020-03-15T15:17:10Z", "Date": "2020-07-24T14:17:10Z", - "Service": 6, + "Service": { + "Name": 6, + "Version": 2 + }, "SourceIp": "192.0.2.55", "SourcePort": 54321, "Protocol": "thisisnoprotocol", diff --git a/samples/negative/development/invalid_openservice2json b/samples/negative/development/invalid_openservice2json new file mode 100644 index 0000000..835ecd4 --- /dev/null +++ b/samples/negative/development/invalid_openservice2json @@ -0,0 +1,34 @@ +{ + "Version": "development", + "ReporterInfo": { + "ReporterOrg": "ExampleOrg", + "ReporterOrgDomain": "example.com", + "ReporterOrgEmail": "reports@example.com", + "ReporterContactEmail": "contact@example.com", + "ReporterContactName": "Mr. Example", + "ReporterContactPhone": "+ 01 000 1234567" + }, + "Disclosure": true, + "Report": { + "ReportType": "OpenService", + "ReportClass": "Vulnerability", + "FirstSeen": "2020-03-15T15:17:10Z", + "Date": "2020-07-24T14:17:10Z", + "SourceIp": "192.0.2.55", + "SourcePort": 54321, + "Service": "bla", + "Protocol": "thisisnoprotocol", + "Samples": [ + { + "ContentType": "text/plain", + "Base64Encoded": false, + "Description": "Log line", + "Payload": "EXAMPLE Nmap done: 1 IP address (1 host up) scanned in 5.58 seconds EXAMPLE" + } + ], + "Custom": { + "whatever": "examplevalue", + "whatever2": "examplevalue2" + } + } +} diff --git a/samples/negative/development/invalid_openservice_missing_service.json b/samples/negative/development/invalid_openservice_missing_service.json new file mode 100644 index 0000000..814afb8 --- /dev/null +++ b/samples/negative/development/invalid_openservice_missing_service.json @@ -0,0 +1,33 @@ +{ + "Version": "development", + "ReporterInfo": { + "ReporterOrg": "ExampleOrg", + "ReporterOrgDomain": "example.com", + "ReporterOrgEmail": "reports@example.com", + "ReporterContactEmail": "contact@example.com", + "ReporterContactName": "Mr. Example", + "ReporterContactPhone": "+ 01 000 1234567" + }, + "Disclosure": true, + "Report": { + "ReportType": "OpenService", + "ReportClass": "Vulnerability", + "FirstSeen": "2020-03-15T15:17:10Z", + "Date": "2020-07-24T14:17:10Z", + "SourceIp": "192.0.2.55", + "SourcePort": 54321, + "Protocol": "thisisnoprotocol", + "Samples": [ + { + "ContentType": "text/plain", + "Base64Encoded": false, + "Description": "Log line", + "Payload": "EXAMPLE Nmap done: 1 IP address (1 host up) scanned in 5.58 seconds EXAMPLE" + } + ], + "Custom": { + "whatever": "examplevalue", + "whatever2": "examplevalue2" + } + } +} diff --git a/samples/positive/development/openservice_sample.json b/samples/positive/development/openservice_sample.json index 9ce9cda..6d203c3 100644 --- a/samples/positive/development/openservice_sample.json +++ b/samples/positive/development/openservice_sample.json @@ -14,10 +14,12 @@ "ReportClass": "Vulnerability", "FirstSeen": "2020-03-15T15:17:10Z", "Date": "2020-07-24T14:17:10Z", - "Service": "redis", + "Service": { + "Name": "redis", + "Version": "1.2.4" + }, "SourceIp": "192.0.2.55", "SourcePort": 54321, - "Protocol": "tcp", "Samples": [ { "ContentType": "text/plain", @@ -27,6 +29,7 @@ } ], "Custom": { + "Protocol": "tcp", "whatever": "examplevalue", "whatever2": "examplevalue2" } diff --git a/schemas/development/openservice.schema.json b/schemas/development/openservice.schema.json index 97390f7..b69ee18 100644 --- a/schemas/development/openservice.schema.json +++ b/schemas/development/openservice.schema.json @@ -27,15 +27,10 @@ "enum": ["OpenService"] }, "Service": { - "type": "string", - "description": "name of the service (e.g. redis)" - }, - "Protocol": { - "type": "string", - "enum": ["tcp", "udp"], - "description": "transport protocol" + "$ref": "xarf_shared.schema.json#/Service" } - } + }, + "required": ["Service"] }, { "$ref": "xarf_shared.schema.json#/CommonProps" diff --git a/schemas/development/xarf_shared.schema.json b/schemas/development/xarf_shared.schema.json index dd54228..5d7437b 100644 --- a/schemas/development/xarf_shared.schema.json +++ b/schemas/development/xarf_shared.schema.json @@ -423,5 +423,17 @@ } } ] + }, + "Service": { + "type": "object", + "description": "Describes a service running on the network", + "properties": { + "Name": { + "type": "string" + }, + "Version": { + "type": "string" + } + } } }