Nmap Development mailing list archives
XML/Schema Unvalidated
From: Fredrick Paul Eisele <phreed () netarx com>
Date: Tue, 12 Dec 2000 12:50:48 -0500
Fyodor et al. (oops, forgot the attachments. ouch, the mail handler did not like two large attachments.) I have finally gotten around to writing that Draft XSchema for NMAP. This is just a draft but it should be illustrative. The schema has not been fully validated, although it is well formed. I am planning on using the Xerces-J parser to do validation. I did make a couple changes to the XML output format. The only one I have strong feelings about is the xmloutputversion. The version should be defined by the namespace, which is in turn prescribed by the schema name. In other words given that different versions have different schema; the schema name is sufficient to differentiate the version. Also, I am working on a style sheet to convert the XML output into HTML. If you have any ideas about types of HTML presentation I would welcome them. (Not that I am committing to anything.) Finally, I will be working on a set of network topology discovery tools which will use nmap output as a starting point. The first tool will be snmp based.
<?xml version="1.0"?> <xsd:schema xmlns:xsd="http://www.w3.org/2000/10/XMLSchema"; xmlns:nmap="http://www.netarx.com/NMAP-Draft"; targetNamespace="http://www.netarx.com/NMAP-Draft"; elementFormDefault="unqualified" attributeFormDefault="unqualified"> <xsd:annotation> <xsd:documentation> NMAP schema. (Draft) Copyright 2000 Fredrick Paul Eisele. All rights reserved. This is freed software it may not be modified without the express written permission of the Copyright holder. Different versions may be based off of this work provided that the schema name is unique and that it is made available to the NMAP community. Any use of this schema is permitted without warranty of any kind. (Look, what good is it to have a schema if there are multiple versions with the same name :-) </xsd:documentation> </xsd:annotation> <!-- nmap (V. 2.54BETA6) scan initiated Sat Oct 7 23:48:48 2000 as: nmap -sRT -I -O -oX /tmp/nmap2.xml db/24 <xsd:comment/> --> <!-- <nmaprun ... > <scaninfo type="connect" protocol="tcp" numservices="1534"> <services> ... </services> </scaninfo> <verbose level="0" /> <debugging level="0" /> <host> ... </host> <runstats> ... </runstats> </nmaprun> --> <xsd:element name="nmaprun"> <xsd:complexType> <!-- I think that the services/port information should be placed as a text node, if only because there are so many of them. What do you think? Also, using the blank to delimit values is typical (rather than comma) --> <!-- <scaninfo type="connect" protocol="tcp" numservices="1534"> 1-1026 1030-1032 </scaninfo> --> <xsd:sequence> <xsd:element name="scaninfo" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:sequence> <xsd:element name="services"> <xsd:simpleType> <xsd:list itemType="nmap:rangeType"/> </xsd:simpleType> </xsd:element> </xsd:sequence> <xsd:attribute name="type"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="connect"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="protocol" type="nmap:protocolType"/> <xsd:attribute name="numservices" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <!-- <verbose level="0" /> --> <xsd:element name="verbose" type="nonNegativeInteger" minOccurs="1" maxOccurs="1"/> <!-- <debugging level="0" /> --> <xsd:element name="debug" type="nonNegativeInteger" minOccurs="1" maxOccurs="1"/> <!-- Discussion: There are many host types --> <!-- <host> ... </host> <host> ... </host> --> <xsd:element name="host" type="nmap:hostType" minOccurs="0" maxOccurs="unbounded"/> <!-- <runstats><finished time="970987798" /><hosts up="9" down="247" total="256" /> [comment] </runstats> --> <xsd:element name="runstats" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:sequence> <xsd:element name="finished"> <xsd:complexType> <xsd:attribute name="time" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <xsd:element name="hosts"> <xsd:complexType> <xsd:attribute name="up" type="xsd:positiveInteger"/> <xsd:attribute name="down" type="xsd:positiveInteger"/> <xsd:attribute name="total" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <xsd:element name="comment" type="xsd:string"/> </xsd:sequence> </xsd:complexType> </xsd:element> </xsd:sequence> <!-- <nmaprun scanner="nmap" args="nmap -sRT -I -O -oX /tmp/nmap2.xml db/24" start="970987728" version="2.54BETA6" xmloutputversion="1.0"> --> <xsd:attribute name="scanner" type="xsd:string"/> <xsd:attribute name="args" type="xsd:string"/> <xsd:attribute name="start" type="xsd:positiveInteger"/> <xsd:attribute name="version" type="xsd:string"/> <!-- Shouldn't this be ommitted; as the namespace specifies the version? --> <!-- <xsd:attribute name="xmloutputversion" type="xsd:string"/> --> </xsd:complexType> </xsd:element> <!-- ========= MISC TYPES ================================= --> <!-- When a host is discovered to be a smurf address [http://www.pentics.net/denial-of-service/white-papers/smurf.cgi] --> <!-- (IP) Address types --> <xsd:complexType name="nmap:ipAddressType" abstract="true"> <xsd:attribute name="addr" type="nmap:ipAddress"/> </xsd:complexType> <xsd:simpleType name="nmap:ipAddress"> <xsd:restriction base="xsd:string"/> </xsd:simpleType> <xsd:simpleType name="nmap:ipv4Type"> <xsd:restriction base="nmap:ipAddress"> <xsd:pattern value="\d{1,3}\.\d{1,3}\.\d{1,3\.\d{1,3}"/> </xsd:restriction> </xsd:simpleType> <xsd:simpleType name="nmap:ipv6Type"> <xsd:restriction base="nmap:ipAddress"> <xsd:pattern value="\d{1,3}\.\d{1,3}\.\d{1,3\.\d{1,3}:\d{1,3}:\d{1,3}"/> </xsd:restriction> </xsd:simpleType> <!-- Host types --> <!-- <host> <status state="down"/> <address addr="192.168.0.0" xsi:type="nmap:ipv4"/> ... </host> --> <xsd:complexType name="nmap:hostType"> <xsd:sequence> <xsd:element name="status" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:attribute name="state"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="up"/> <xsd:enumeration value="down"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> <xsd:element name="address" type="nmap:ipAddressType" minOccurs="1" maxOccurs="1"/> </xsd:sequence> </xsd:complexType> <!-- <host> ... <smurf responses="5" /> </host> --> <xsd:group name="nmap:smurfHostGroup"> <xsd:sequence> <xsd:element name="smurf" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:attribute name="responses" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> </xsd:sequence> </xsd:group> <!-- When a host is discovered that has ports --> <!-- <host> ... <hostnames> ... </hostnames> <ports> ... </ports> <tcpsequence ... /> <os> ... </os> </host> --> <xsd:group name="nmap:typHostGroup"> <xsd:sequence> <!-- <hostnames> <hostname name="opium.yuma.net" type="PTR" /> </hostnames> --> <xsd:element name="hostnames" minOccurs="0" maxOccurs="1"> <xsd:complexType> <xsd:sequence> <xsd:element name="hostname"> <xsd:complexType> <xsd:attribute name="name" type="dnsNameType"/> <xsd:attribute name="type"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="PTR"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> </xsd:complexType> </xsd:element> </xsd:sequence> </xsd:complexType> </xsd:element> <!-- <ports> <extraports state="closed" count="1532" /> <port ...> ... </port> </ports> --> <xsd:element name="ports" minOccurs="0" maxOccurs="1"> <xsd:complexType> <xsd:sequence> <!-- <extraports state="closed" count="1532" /> --> <xsd:element name="extraports"> <xsd:complexType> <xsd:attribute name="state" type="nmap:portStatusType"/> <xsd:attribute name="count" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <!-- <port ... > <state state="open" /> <owner name="root" /> <service ... /> </port> <port ... > <state state="open" /> <service name="pptp" method="table" conf="3" /> </port> <port ... > <state state="open" /> <owner name="bin" /> <service ... /> </port> --> <xsd:element name="port"> <xsd:complexType> <xsd:sequence> <xsd:element name="state" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:attribute name="state" type="nmap:portStatusType"/> </xsd:complexType> </xsd:element> <xsd:element name="owner" minOccurs="1" maxOccurs="1"> <xsd:complexType> <xsd:attribute name="name" type="xsd:string"/> </xsd:complexType> </xsd:element> <xsd:element name="service" type="nmap:serviceType" minOccurs="1" maxOccurs="1"/> </xsd:sequence> </xsd:complexType> </xsd:element> </xsd:sequence> <!-- <port protocol="tcp" portid="23"> --> <xsd:attribute name="protocol"/> <xsd:attribute name="portid" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <!-- <tcpsequence index="0" class="trivial time dependency" difficulty="Trivial joke" /> --> <xsd:element name="tcpsequence"> <xsd:complexType> <xsd:attribute name="index" type="xsd:positiveInteger"/> <xsd:attribute name="class" type="xsd:string"/> <xsd:attribute name="difficulty" type="xsd:string"/> </xsd:complexType> </xsd:element> <!-- <os> <portused state="open" proto="tcp" portid="23" /> <portused state="closed" proto="tcp" portid="1" /> <osmatch name="Cisco Catalyst 1900 switch or Netopia DSL/ISDN router or Bay 350-450" accuracy="100" /> </os> --> <xsd:element name="os"> <xsd:complexType> <xsd:sequence> <xsd:element name="portused" minOccurs="1" maxOccurs="unbounded"> <xsd:complexType> <xsd:attribute name="state" type="xsd:positiveInteger"/> <xsd:attribute name="proto" type="nmap:protocolType"/> <xsd:attribute name="portid" type="xsd:positiveInteger"/> </xsd:complexType> </xsd:element> <xsd:element name="osmatch"> <xsd:complexType> <xsd:attribute name="name" type="xsd:string"/> <xsd:attribute name="accuracy" type="nmap:positiveInteger"/> </xsd:complexType> </xsd:element> </xsd:sequence> </xsd:complexType> </xsd:element> </xsd:sequence> </xsd:group> <!-- TCP Service Type --> <!-- <service name="rpcbind" ... /> --> <xsd:complexType name="nmap:serviceType"> <xsd:sequence> <xsd:choise> <xsd:group ref="nmap:stdPortGroup"/> <xsd:group ref="nmap:rpcPortGroup"/> </xsd:choise> <xsd:element name="comment" type="xsd:string"/> </xsd:sequence> </xsd:complexType> <!-- <service name="telnet" method="table" conf="3" /> --> <xsd:group name="nmap:stdPortGroup"> <xsd:attribute name="name"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="X11"/> <xsd:enumeration value="auth"/> <xsd:enumeration value="blackice-alerts"/> <xsd:enumeration value="blackice-icecap"/> <xsd:enumeration value="chargen"/> <xsd:enumeration value="daytime"/> <xsd:enumeration value="discard"/> <xsd:enumeration value="domain"/> <xsd:enumeration value="down"/> <xsd:enumeration value="dtspc"/> <xsd:enumeration value="echo"/> <xsd:enumeration value="exec"/> <xsd:enumeration value="finger"/> <xsd:enumeration value="font-service"/> <xsd:enumeration value="ftp"/> <xsd:enumeration value="http"/> <xsd:enumeration value="http-proxy"/> <xsd:enumeration value="listen"/> <xsd:enumeration value="loc-srv"/> <xsd:enumeration value="login"/> <xsd:enumeration value="microsoft-ds"/> <xsd:enumeration value="mountd"/> <xsd:enumeration value="netbios-ssn"/> <xsd:enumeration value="nlockmgr"/> <xsd:enumeration value="pop-3"/> <xsd:enumeration value="postgres"/> <xsd:enumeration value="pptp"/> <xsd:enumeration value="printer"/> <xsd:enumeration value="rpcbind"/> <xsd:enumeration value="shell"/> <xsd:enumeration value="smtp"/> <xsd:enumeration value="snmpXdmid"/> <xsd:enumeration value="ssh"/> <xsd:enumeration value="status"/> <xsd:enumeration value="telnet"/> <xsd:enumeration value="time"/> <xsd:enumeration value="uucp"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="nmap:method"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="table"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="nmap:conf" type="positiveInteger"/> </xsd:group> <!-- <service name="rpcbind" proto="rpc" rpcnum="100000" lowver="2" highver="2" method="detection" conf="5" /> --> <xsd:group name="nmap:rpcPortGroup"> <xsd:attribute name="name"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="sometimes-rpc11"/> <xsd:enumeration value="sometimes-rpc13"/> <xsd:enumeration value="sometimes-rpc15"/> <xsd:enumeration value="sometimes-rpc17"/> <xsd:enumeration value="sometimes-rpc19"/> <xsd:enumeration value="sometimes-rpc21"/> <xsd:enumeration value="sometimes-rpc23"/> <xsd:enumeration value="sometimes-rpc25"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="nmap:proto"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="rpc"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="nmap:rpcnum" type="positiveInteger"/> <xsd:attribute name="nmap:lowver" type="positiveInteger"/> <xsd:attribute name="nmap:highver" type="positiveInteger"/> <xsd:attribute name="nmap:method"> <xsd:simpleType> <xsd:restriction base="xsd:string"> <xsd:enumeration value="detection"/> <xsd:enumeration value="rpc"/> <xsd:enumeration value="table"/> </xsd:restriction> </xsd:simpleType> </xsd:attribute> <xsd:attribute name="nmap:conf" type="positiveInteger"/> </xsd:group> <!-- General purpose types --> <xsd:simpleType name="nmap:dnsNameType"> <xsd:restriction base="string"> <xsd:pattern value="\w+(\.\w+){1,unlimited}"/> </xsd:restriction> </xsd:simpleType> <xsd:simpleType name="nmap:rangeType"> <xsd:restriction base="string"> <xsd:pattern value="\d+(-\d+){0,1}"/> </xsd:restriction> </xsd:simpleType> <xsd:simpleType name="nmap:protocolType"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="tcp"/> <xsd:enumeration value="udp"/> </xsd:restriction> </xsd:simpleType> <xsd:simpleType name="nmap:portStateType"> <xsd:restriction base="xsd:string"> <xsd:enumeration value="open"/> <xsd:enumeration value="closed"/> </xsd:restriction> </xsd:simpleType> </xsd:schema>
--------------------------------------------------------------------- For help using this (nmap-dev) mailing list, send a blank email to nmap-dev-help () insecure org . List run by ezmlm-idx (www.ezmlm.org).
Current thread:
- XML/Schema Unvalidated Fredrick Paul Eisele (Dec 13)
- <Possible follow-ups>
- XML/Schema Unvalidated Fredrick Paul Eisele (Dec 13)