public static void fWriteChilds(ATTACKPATTERN oAttackPatternMaster, int iColumnIndex) { int iRowIndexTemp = iRowIndex; //Save this value to make sure that we increment it at least once Console.WriteLine("DEBUG in fWriteChilds iColumnIndex=" + iColumnIndex + " " + oAttackPatternMaster.AttackPatternID + " " + oAttackPatternMaster.AttackPatternName); /* * CanAlsoBe * CanFollow * CanPrecede * ChildOf * HasMember * Leverage * ParentOf * PeerOf */ //If we want the parents of the oAttackPatternMaster //To the left //A ParentOf X => write A #region AttackPatternMasterParent foreach (ATTACKPATTERNRELATIONSHIP oAttackPatternRelation in oAttackPatternMaster.ATTACKPATTERNRELATIONSHIP1.Where(o => o.AttackPatternSubjectID == oAttackPatternMaster.AttackPatternID && (o.RelationshipName == "ParentOf" || o.RelationshipName == "HasMember" || o.RelationshipName == "CanPrecede"))) { Console.WriteLine("DEBUG01 " + oAttackPatternRelation.ATTACKPATTERN.capec_id + " (" + oAttackPatternRelation.ATTACKPATTERN.AttackPatternID + ") " + oAttackPatternRelation.RelationshipName + " " + oAttackPatternMaster.capec_id + " (" + oAttackPatternMaster.AttackPatternID + ")"); xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternRelation.ATTACKPATTERN.capec_id + " " + oAttackPatternRelation.ATTACKPATTERN.AttackPatternName; //fWriteChilds(oAttackPatternRelation.ATTACKPATTERN, iColumnIndex + 1); //TODO Review (-1?) iRowIndex++; if (bIncludeCWEs) { //List the CWEs foreach (ATTACKPATTERNCWE oAttackPatternCWE in oAttackPatternRelation.ATTACKPATTERN.ATTACKPATTERNCWE) { Console.WriteLine("DEBUG AttackPatternCWEID=" + oAttackPatternCWE.AttackPatternCWEID); string sAttackPatternCWEID = oAttackPatternCWE.AttackPatternCWEID.ToString(); //Search CWE informations in XORCISM CWE oCWE = null; try { oCWE = model.CWE.Where(o => o.CWEID == sAttackPatternCWEID).FirstOrDefault(); //xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternCWE.CWE.CWEID + " " + oAttackPatternCWE.CWE.CWEName; xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oCWE.CWEID + " " + oCWE.CWEName; iRowIndex++; } catch (Exception exCWE01) { Console.WriteLine("Exception exCWE01 " + exCWE01.Message + " " + exCWE01.InnerException); } } } } #endregion AttackPatternMasterParent //TODO? //PeerOf //CanAlsoBe //To the right //HasMember HARDCODED //A ParentOf X => write X foreach (ATTACKPATTERNRELATIONSHIP oAttackPatternRelation in oAttackPatternMaster.ATTACKPATTERNRELATIONSHIP.Where(o => o.AttackPatternRefID == oAttackPatternMaster.AttackPatternID && (o.RelationshipName == "ParentOf" || o.RelationshipName == "HasMember" || o.RelationshipName == "Leverage" || o.RelationshipName == "CanFollow"))) { Console.WriteLine("DEBUG02 " + oAttackPatternMaster.capec_id + " (" + oAttackPatternMaster.AttackPatternID + ") " + oAttackPatternRelation.RelationshipName + " " + oAttackPatternRelation.ATTACKPATTERN1.capec_id + " (" + oAttackPatternRelation.ATTACKPATTERN1.AttackPatternID + ")"); xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternRelation.ATTACKPATTERN1.capec_id + " " + oAttackPatternRelation.ATTACKPATTERN1.AttackPatternName; fWriteChilds(oAttackPatternRelation.ATTACKPATTERN1, iColumnIndex + 1); iRowIndex++; if (bIncludeCWEs) { //List the CWEs foreach (ATTACKPATTERNCWE oAttackPatternCWE in oAttackPatternRelation.ATTACKPATTERN1.ATTACKPATTERNCWE) { Console.WriteLine("DEBUG AttackPatternCWEID=" + oAttackPatternCWE.AttackPatternCWEID); string sAttackPatternCWEID = oAttackPatternCWE.AttackPatternCWEID.ToString(); //xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternCWE.CWE.CWEID + " " + oAttackPatternCWE.CWE.CWEName; //Search CWE informations in XORCISM CWE oCWE = null; try { oCWE = model.CWE.Where(o => o.CWEID == sAttackPatternCWEID).FirstOrDefault(); xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oCWE.CWEID + " " + oCWE.CWEName; iRowIndex++; } catch (Exception exCWE02) { Console.WriteLine("Exception exCWE02 " + exCWE02.Message + " " + exCWE02.InnerException); } } } } //Leverage HARDCODED /* * foreach (ATTACKPATTERNRELATIONSHIP oAttackPatternRelation in oAttackPatternMaster.ATTACKPATTERNRELATIONSHIP.Where(o => o.RelationshipName == "Leverage" && o.AttackPatternRefID == oAttackPatternMaster.AttackPatternID)) * { * Console.WriteLine("DEBUG " + oAttackPatternMaster.capec_id + " Leverage " + oAttackPatternRelation.ATTACKPATTERN1.capec_id); * xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternRelation.ATTACKPATTERN1.capec_id + " " + oAttackPatternRelation.ATTACKPATTERN1.AttackPatternName; * fWriteChilds(oAttackPatternRelation.ATTACKPATTERN1, iColumnIndex + 1); * iRowIndex++; * //List the CWEs * foreach (ATTACKPATTERNCWE oAttackPatternCWE in oAttackPatternRelation.ATTACKPATTERN1.ATTACKPATTERNCWE) * { * Console.WriteLine("DEBUG AttackPatternCWEID=" + oAttackPatternCWE.AttackPatternCWEID); * xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternCWE.CWE.CWEID + " " + oAttackPatternCWE.CWE.CWEName; * iRowIndex++; * } * } */ //CanAlsoBe //TODO? //ChildOf HARDCODED foreach (ATTACKPATTERNRELATIONSHIP oAttackPatternRelation in oAttackPatternMaster.ATTACKPATTERNRELATIONSHIP1.Where(o => o.AttackPatternSubjectID == oAttackPatternMaster.AttackPatternID && (o.RelationshipName == "ChildOf"))) { Console.WriteLine("DEBUG03 " + oAttackPatternRelation.ATTACKPATTERN.capec_id + " (" + oAttackPatternRelation.ATTACKPATTERN.AttackPatternID + ") " + oAttackPatternRelation.RelationshipName + " " + oAttackPatternMaster.capec_id + " (" + oAttackPatternMaster.AttackPatternID + ")"); xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternRelation.ATTACKPATTERN.capec_id + " " + oAttackPatternRelation.ATTACKPATTERN.AttackPatternName; fWriteChilds(oAttackPatternRelation.ATTACKPATTERN, iColumnIndex + 1); iRowIndex++; if (bIncludeCWEs) { //List the CWEs foreach (ATTACKPATTERNCWE oAttackPatternCWE in oAttackPatternRelation.ATTACKPATTERN.ATTACKPATTERNCWE) { Console.WriteLine("DEBUG AttackPatternCWEID=" + oAttackPatternCWE.AttackPatternCWEID); string sAttackPatternCWEID = oAttackPatternCWE.AttackPatternCWEID.ToString(); //xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oAttackPatternCWE.CWE.CWEID + " " + oAttackPatternCWE.CWE.CWEName; //Search CWE informations in XORCISM CWE oCWE = null; try { oCWE = model.CWE.Where(o => o.CWEID == sAttackPatternCWEID).FirstOrDefault(); xlWorkSheet.Cells[iRowIndex, iColumnIndex] = oCWE.CWEID + " " + oCWE.CWEName; iRowIndex++; } catch (Exception exCWE03) { Console.WriteLine("Exception exCWE03 " + exCWE03.Message + " " + exCWE03.InnerException); } } } } if (iRowIndex == iRowIndexTemp) { //Nothing found but we increment anyway iRowIndex++; } }
/// <summary> /// Copyright (C) 2014-2015 Jerome Athias /// Completely Alpha version Tool to manipulate (old version) of Microsoft Threat Modeling Tool "threat categories database" /// This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. /// /// This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. /// /// You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA /// </summary> static void Main(string[] args) { //Microsoft Threat Modeling Tool (TMT) 2014 XmlDocument doc = new XmlDocument(); doc.Load(@"C:\Program Files (x86)\Microsoft Threat Modeling Tool 2014\KnowledgeBase\ThreatCategories.xml"); //Hardcoded XORCISMEntities model = new XORCISMEntities(); //https://stackoverflow.com/questions/5940225/fastest-way-of-inserting-in-entity-framework model.Configuration.AutoDetectChangesEnabled = false; model.Configuration.ValidateOnSaveEnabled = false; XATTACKEntities attack_model = new XATTACKEntities(); attack_model.Configuration.AutoDetectChangesEnabled = false; attack_model.Configuration.ValidateOnSaveEnabled = false; XmlNodeList nodesThreatCategories = doc.SelectNodes("/ArrayOfThreatCategory/ThreatCategory"); //Hardcoded foreach (XmlNode nodeThreatCategory in nodesThreatCategories) { //(no attributes) foreach (XmlNode nodeThreatCategoryInfo in nodeThreatCategory.ChildNodes) { //Console.WriteLine("DEBUG: " + nodeThreatCategoryInfo.Name); //Name Id ShortDescription LongDescription switch (nodeThreatCategoryInfo.Name) { case "Name": //Search a match in Attack Pattern (CAPEC) string sThreatCategoryNameValue = nodeThreatCategoryInfo.InnerText; Console.WriteLine("DEBUG: " + sThreatCategoryNameValue); //Spoofing Tampering Repudiation try { ATTACKPATTERN oAttackPattern = attack_model.ATTACKPATTERN.FirstOrDefault(o => o.AttackPatternName.Contains(sThreatCategoryNameValue)); if (oAttackPattern != null) { Console.WriteLine("DEBUG: " + oAttackPattern.capec_id + " " + oAttackPattern.AttackPatternName); } } catch (Exception exoAttackPattern) { Console.WriteLine("Exception exoAttackPattern " + exoAttackPattern.Message + " " + exoAttackPattern.InnerException); } break; case "Id": break; case "ShortDescription": break; case "LongDescription": break; default: Console.WriteLine("ERROR: Missing code for " + nodeThreatCategoryInfo.Name); break; } Console.WriteLine("DEBUG: " + nodeThreatCategoryInfo.InnerText); } } }