-
Notifications
You must be signed in to change notification settings - Fork 318
Network Modules
- What are network modules?
- How are network modules used in SecGen?
- Why are network modules useful?
- Where can I get new network modules from?
- What do network modules actually contain?
- What does secgen_metadata.xml actually contain?
- Where can I get more information on creating network modules
TODO re-arrange contents and sections to be similar to services, vulnerabilities and utilities modules
Network modules are modules that control the interaction between different virtual machines and their network interfaces.
Network modules are used to specify thing like network range
Network modules control most networking, so if you want to have a dhcp interface, use the network module for it; want to connect two machines together, use the same network range module for it.
This should show the usefulness and versatility of network modules.
A more complex example where network modules can be used would be where direct attack is not possible so pivoting is needed, the diagram below aims to explain this principle:
IP addresses
/vpn client desktop 192.168.1.14 <- we have access here
/vpn server 192.168.1.29 <- vpn server needs to be compromised in order to jump
192.168.5.12 <- to the internal network the back-end servers are on
/back-end servers 192.168.5.50 <- we want to get here
There currently are not any network module repositories, therefore the only way to get new network modules is by creating them.
However, there should be a growing number of network modules being developed, these will be added to SecGen's main code base, and can be used in custom scenarios.
Network modules contain all information necessary to spawn the selected network structure into a virtual machine using vagrant. A variation on the default module structure is used for base modules. The module structure for network modules is:
\networks
\{network_type:#1}
\{network_name:#1}
\secgen_metadata.xml
\{network_name:#2}
\secgen_metadata.xml
\{network_type:#2}
An example using host_only networks is shown below:
\networks
\host_only
\private_network_1
\secgen_metadata.xml
\private_network_2
\secgen_metadata.xml
\private_network_3
\secgen_metadata.xml
The secgen_metadata.xml files for the network modules are based on following structure:
Minimal network secgen_metadata.xml file
<?xml version="1.0"?>
<network xmlns="http://www.github/cliffe/SecGen/network"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/network">
<name>“”</name>
<author>“”</author>
<module_license>MIT // Apache v2 // GPLv3</module_license>
<description>“”</description>
<type>public_network // private_network</type>
<range>***.***.***.*** where * is 0-9</range>
</network>All values network secgen_metadata.xml file
<?xml version="1.0"?>
<network xmlns="http://www.github/cliffe/SecGen/network"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.github/cliffe/SecGen/network">
<name>“”</name>
<author>“”</author>
<module_license>MIT // Apache v2 // GPLv3</module_license>
<description>“”</description>
<type>public_network // private_network</type>
<range>***.***.***.*** where * is 0-9</range>
<conflict>
<name>“”</name>
<author>“”</author>
<module_license>“”</module_licence>
<description>“”</description>
<type>“”</type>
<range>“”</range>
</conflict>
</network>For in depth detail on what secgen_metadata.xml contains, visit here.
More detailed information about the general structure of modules can be found in: Module development overview.
A detailed analysis of all the different tags and types allowed in the secgen_metadata.xml and scenario files is in: SecGen schemas.
A guide to creating your own networks can be found at: How to create custom networks for SecGen