RubyGems - intrigue-ident - Versions diffs - 0.2 → 0.9.9 - Mend

intrigue-ident 0.2 → 0.9.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (484) hide show

checksums.yaml +4 -4
data/.circleci/config.yml +21 -0
data/.gitignore +3 -0
data/.ruby-version +1 -0
data/Dockerfile +39 -0
data/Gemfile +10 -3
data/Gemfile.lock +35 -20
data/LICENSE.md +12 -0
data/README.md +79 -0
data/checks/ftp/base.rb +15 -0
data/checks/ftp/filezilla.rb +28 -0
data/checks/ftp/microsoft.rb +27 -0
data/checks/ftp/proftp.rb +28 -0
data/checks/ftp/pureftpd.rb +27 -0
data/checks/ftp/vsftp.rb +28 -0
data/checks/http/123reg.rb +31 -0
data/checks/http/acme.rb +28 -0
data/checks/http/acquia.rb +28 -0
data/checks/http/adeptia.rb +30 -0
data/checks/http/adobe.rb +168 -0
data/checks/http/advantshop.rb +33 -0
data/checks/http/afrihost.rb +29 -0
data/checks/http/aftermarketpl.rb +46 -0
data/checks/http/agility.rb +34 -0
data/checks/http/akamai.rb +88 -0
data/checks/http/alkacon.rb +30 -0
data/checks/http/allegro.rb +28 -0
data/checks/http/almuba.rb +30 -0
data/checks/http/amazon.rb +263 -0
data/checks/http/amirocms.rb +30 -0
data/checks/http/anelectron.rb +29 -0
data/checks/http/anquanbao.rb +32 -0
data/checks/http/aol.rb +29 -0
data/checks/http/apache.rb +358 -0
data/checks/http/appdynamics.rb +43 -0
data/checks/http/arris.rb +30 -0
data/checks/http/artifactory.rb +30 -0
data/checks/http/aruba.rb +27 -0
data/checks/http/atlassian.rb +152 -0
data/checks/http/auth0.rb +44 -0
data/checks/http/automattic.rb +292 -0
data/checks/http/axinom.rb +30 -0
data/checks/http/axios.rb +29 -0
data/checks/http/axis.rb +27 -0
data/checks/http/axway.rb +33 -0
data/checks/http/backdrop.rb +30 -0
data/checks/http/banu.rb +30 -0
data/checks/http/barracuda.rb +99 -0
data/checks/http/base.rb +139 -0
data/checks/http/beehive.rb +30 -0
data/checks/http/bigcartel.rb +33 -0
data/checks/http/bigcommerce.rb +33 -0
data/checks/http/binarysec.rb +47 -0
data/checks/http/bitly.rb +40 -0
data/checks/http/blackboard.rb +44 -0
data/checks/http/blueimp.rb +27 -0
data/checks/http/bomgar.rb +27 -0
data/checks/http/bootstrap.rb +27 -0
data/checks/http/bower.rb +28 -0
data/checks/http/broadcom.rb +29 -0
data/checks/http/brocade.rb +39 -0
data/checks/http/browsermedia.rb +29 -0
data/checks/http/bsm.rb +29 -0
data/checks/http/bynder.rb +31 -0
data/checks/http/calibre.rb +33 -0
data/checks/http/centos.rb +28 -0
data/checks/http/cerberus.rb +28 -0
data/checks/http/charity_engine.rb +27 -0
data/checks/http/checkpoint.rb +56 -0
data/checks/http/cherokee.rb +29 -0
data/checks/http/cisco.rb +134 -0
data/checks/http/citrix.rb +137 -0
data/checks/http/cloud_city.rb +30 -0
data/checks/http/cloudflare.rb +219 -0
data/checks/http/cmsimple.rb +30 -0
data/checks/http/codeigniter.rb +26 -0
data/checks/http/communigate.rb +32 -0
data/checks/http/concrete5.rb +30 -0
data/checks/http/contenido.rb +33 -0
data/checks/http/content/analytics.rb +40 -0
data/checks/http/content/authentication.rb +111 -0
data/checks/http/content/content.rb +92 -0
data/checks/http/content/security_headers.rb +70 -0
data/checks/http/cpanel.rb +56 -0
data/checks/http/cradlepoint.rb +30 -0
data/checks/http/craft.rb +42 -0
data/checks/http/crazydomains.rb +31 -0
data/checks/http/crowdstrike.rb +27 -0
data/checks/http/dan.rb +30 -0
data/checks/http/danneo.rb +30 -0
data/checks/http/day.rb +31 -0
data/checks/http/debian.rb +27 -0
data/checks/http/dell.rb +43 -0
data/checks/http/dev_php.rb +30 -0
data/checks/http/discourse.rb +30 -0
data/checks/http/discuz!.rb +30 -0
data/checks/http/distil.rb +27 -0
data/checks/http/django.rb +27 -0
data/checks/http/dmanager.rb +29 -0
data/checks/http/dns_made_easy.rb +29 -0
data/checks/http/docuwiki.rb +27 -0
data/checks/http/docverify.rb +29 -0
data/checks/http/domain_parking_ru.rb +31 -0
data/checks/http/domainname_shop.rb +30 -0
data/checks/http/dosarrest.rb +29 -0
data/checks/http/dreamhost.rb +31 -0
data/checks/http/drupal.rb +91 -0
data/checks/http/duo.rb +45 -0
data/checks/http/dyn.rb +41 -0
data/checks/http/dynamicweb.rb +29 -0
data/checks/http/dynatrace.rb +40 -0
data/checks/http/easyname.rb +44 -0
data/checks/http/eclipse.rb +64 -0
data/checks/http/enservio.rb +29 -0
data/checks/http/envoy.rb +26 -0
data/checks/http/epiccom.rb +31 -0
data/checks/http/ergon.rb +31 -0
data/checks/http/expressjs.rb +27 -0
data/checks/http/ezproxy.rb +28 -0
data/checks/http/f5.rb +122 -0
data/checks/http/facebook.rb +27 -0
data/checks/http/fastly.rb +67 -0
data/checks/http/first_domains.rb +31 -0
data/checks/http/flywheel.rb +30 -0
data/checks/http/forgerock.rb +43 -0
data/checks/http/fortinet.rb +29 -0
data/checks/http/fresh_service.rb +30 -0
data/checks/http/frontify.rb +29 -0
data/checks/http/generic.rb +272 -0
data/checks/http/github.rb +40 -0
data/checks/http/gitlab.rb +30 -0
data/checks/http/glimpse.rb +32 -0
data/checks/http/globalscape.rb +27 -0
data/checks/http/goahead.rb +31 -0
data/checks/http/godaddy.rb +31 -0
data/checks/http/google.rb +164 -0
data/checks/http/google_cloud.rb +27 -0
data/checks/http/grafana.rb +27 -0
data/checks/http/gunicorn.rb +30 -0
data/checks/http/haskell.rb +31 -0
data/checks/http/heroku.rb +77 -0
data/checks/http/hikvision.rb +29 -0
data/checks/http/hp.rb +27 -0
data/checks/http/hubspot.rb +104 -0
data/checks/http/ibm.rb +182 -0
data/checks/http/icewarp.rb +29 -0
data/checks/http/impresspages.rb +30 -0
data/checks/http/imunify360.rb +28 -0
data/checks/http/incapsula.rb +54 -0
data/checks/http/ingram_micro.rb +28 -0
data/checks/http/innovative_interfaces_inc.rb +27 -0
data/checks/http/inside_sales.rb +27 -0
data/checks/http/instra.rb +61 -0
data/checks/http/intercom.rb +27 -0
data/checks/http/ivanti.rb +28 -0
data/checks/http/jamf.rb +31 -0
data/checks/http/jekyll.rb +31 -0
data/checks/http/jenkins.rb +59 -0
data/checks/http/jetbrains.rb +27 -0
data/checks/http/jetty.rb +27 -0
data/checks/http/jforum.rb +27 -0
data/checks/http/jitbit.rb +30 -0
data/checks/http/jive.rb +27 -0
data/checks/http/joomla.rb +43 -0
data/checks/http/jquery.rb +58 -0
data/checks/http/jupyter.rb +28 -0
data/checks/http/kentico.rb +27 -0
data/checks/http/kerio.rb +34 -0
data/checks/http/kibana.rb +56 -0
data/checks/http/kong.rb +32 -0
data/checks/http/kubernetes.rb +66 -0
data/checks/http/laravel.rb +27 -0
data/checks/http/lastpass.rb +27 -0
data/checks/http/lcn.rb +27 -0
data/checks/http/leadpages.rb +29 -0
data/checks/http/lighttpd.rb +31 -0
data/checks/http/limelight_networks.rb +43 -0
data/checks/http/limesuvey.rb +27 -0
data/checks/http/link1.rb +31 -0
data/checks/http/linksys.rb +38 -0
data/checks/http/litespeed.rb +29 -0
data/checks/http/lithium.rb +43 -0
data/checks/http/lotus.rb +55 -0
data/checks/http/magento.rb +96 -0
data/checks/http/magnolia.rb +27 -0
data/checks/http/mailchimp.rb +27 -0
data/checks/http/manage_engine.rb +27 -0
data/checks/http/markmonitor.rb +27 -0
data/checks/http/mbf_bioscience.rb +29 -0
data/checks/http/mcafee.rb +27 -0
data/checks/http/media_temple.rb +27 -0
data/checks/http/mediawiki.rb +54 -0
data/checks/http/mhcsoftwareinc.rb +29 -0
data/checks/http/microsoft.rb +1325 -0
data/checks/http/mikrotik.rb +44 -0
data/checks/http/modwsgi.rb +30 -0
data/checks/http/mojolicious.rb +32 -0
data/checks/http/moodle.rb +28 -0
data/checks/http/mura.rb +30 -0
data/checks/http/nagios.rb +27 -0
data/checks/http/namesilo.rb +31 -0
data/checks/http/nationbuilder.rb +30 -0
data/checks/http/nec.rb +32 -0
data/checks/http/netlify.rb +40 -0
data/checks/http/netobjects_inc.rb +30 -0
data/checks/http/netscape.rb +29 -0
data/checks/http/neustar.rb +29 -0
data/checks/http/new_relic.rb +27 -0
data/checks/http/nexicom.rb +44 -0
data/checks/http/nginx.rb +82 -0
data/checks/http/nisource.rb +29 -0
data/checks/http/nodejs.rb +79 -0
data/checks/http/okta.rb +53 -0
data/checks/http/ookla.rb +28 -0
data/checks/http/openbsd.rb +30 -0
data/checks/http/openresty.rb +41 -0
data/checks/http/openscholar.rb +27 -0
data/checks/http/opensolution.rb +46 -0
data/checks/http/openssl.rb +43 -0
data/checks/http/opentext.rb +46 -0
data/checks/http/openvpn.rb +27 -0
data/checks/http/opscode.rb +43 -0
data/checks/http/oracle.rb +335 -0
data/checks/http/orion_technology.rb +30 -0
data/checks/http/ovh.rb +46 -0
data/checks/http/palo_alto.rb +27 -0
data/checks/http/pantheon.rb +54 -0
data/checks/http/papercut.rb +29 -0
data/checks/http/parallels.rb +44 -0
data/checks/http/pardot.rb +44 -0
data/checks/http/parkingcrew.rb +47 -0
data/checks/http/pbworks.rb +27 -0
data/checks/http/perfectsense.rb +28 -0
data/checks/http/perl.rb +62 -0
data/checks/http/pfsense.rb +27 -0
data/checks/http/php.rb +72 -0
data/checks/http/phpmyadmin.rb +40 -0
data/checks/http/phpwind.rb +30 -0
data/checks/http/phusion.rb +59 -0
data/checks/http/ping_identity.rb +28 -0
data/checks/http/pivotal_software.rb +97 -0
data/checks/http/pjax.rb +40 -0
data/checks/http/plesk.rb +58 -0
data/checks/http/porkbun.rb +31 -0
data/checks/http/progress.rb +30 -0
data/checks/http/proofpoint.rb +30 -0
data/checks/http/pulsesecure.rb +91 -0
data/checks/http/python.rb +30 -0
data/checks/http/qnap.rb +43 -0
data/checks/http/qualys.rb +69 -0
data/checks/http/rapid7.rb +27 -0
data/checks/http/rbs.rb +30 -0
data/checks/http/readmeio.rb +28 -0
data/checks/http/red_hat.rb +95 -0
data/checks/http/redmine.rb +38 -0
data/checks/http/restlet.rb +30 -0
data/checks/http/ritecms.rb +30 -0
data/checks/http/roadiz.rb +30 -0
data/checks/http/rock.rb +30 -0
data/checks/http/rollbar.rb +27 -0
data/checks/http/roundcube.rb +42 -0
data/checks/http/ruby.rb +92 -0
data/checks/http/ruckus_wireless.rb +26 -0
data/checks/http/sailpoint.rb +30 -0
data/checks/http/salesforce.rb +28 -0
data/checks/http/sap.rb +149 -0
data/checks/http/seamless_cms.rb +30 -0
data/checks/http/securi.rb +54 -0
data/checks/http/sedo.rb +63 -0
data/checks/http/segment.rb +27 -0
data/checks/http/sencha.rb +31 -0
data/checks/http/sentry.rb +27 -0
data/checks/http/serendipity.rb +30 -0
data/checks/http/shopfactory.rb +30 -0
data/checks/http/sip.rb +29 -0
data/checks/http/sitecore.rb +39 -0
data/checks/http/smartling.rb +27 -0
data/checks/http/smf.rb +30 -0
data/checks/http/snews.rb +30 -0
data/checks/http/software_ag.rb +47 -0
data/checks/http/soha.rb +66 -0
data/checks/http/solarwinds.rb +41 -0
data/checks/http/sonatype.rb +43 -0
data/checks/http/sonicwall.rb +63 -0
data/checks/http/sophos.rb +40 -0
data/checks/http/southriver.rb +43 -0
data/checks/http/splash.rb +29 -0
data/checks/http/splunk.rb +27 -0
data/checks/http/springfox.rb +43 -0
data/checks/http/squarespace.rb +41 -0
data/checks/http/stackpath.rb +29 -0
data/checks/http/stibo_systems.rb +35 -0
data/checks/http/subrion.rb +29 -0
data/checks/http/symantec.rb +27 -0
data/checks/http/synacor.rb +26 -0
data/checks/http/tableau_software.rb +42 -0
data/checks/http/telerik.rb +46 -0
data/checks/http/tengine.rb +29 -0
data/checks/http/tibco.rb +57 -0
data/checks/http/townnews.rb +33 -0
data/checks/http/tridium.rb +28 -0
data/checks/http/twiki.rb +27 -0
data/checks/http/typo3.rb +27 -0
data/checks/http/uberflip.rb +28 -0
data/checks/http/ucoz.rb +31 -0
data/checks/http/umbraco.rb +29 -0
data/checks/http/unbounce.rb +28 -0
data/checks/http/united_domains.rb +27 -0
data/checks/http/vanilla_forums.rb +27 -0
data/checks/http/varnish.rb +79 -0
data/checks/http/vbulletin.rb +66 -0
data/checks/http/verizon.rb +27 -0
data/checks/http/vmware.rb +53 -0
data/checks/http/vue_js.rb +27 -0
data/checks/http/webflow.rb +44 -0
data/checks/http/webgui.rb +30 -0
data/checks/http/webmin.rb +44 -0
data/checks/http/webpagetest_project.rb +30 -0
data/checks/http/wftpserver.rb +28 -0
data/checks/http/wildfly.rb +29 -0
data/checks/http/wix.rb +28 -0
data/checks/http/woltlab_gmbh.rb +30 -0
data/checks/http/wordpress/ithemes.rb +50 -0
data/checks/http/wordpress/john_godley.rb +29 -0
data/checks/http/wordpress/pixelcraft.rb +31 -0
data/checks/http/wordpress/rocklobster.rb +29 -0
data/checks/http/wordpress/team_heateor.rb +31 -0
data/checks/http/wordpress/w3_total_cache.rb +30 -0
data/checks/http/wordpress/wp_fastest_cache.rb +30 -0
data/checks/http/wordpress/wp_super_cache.rb +46 -0
data/checks/http/wordpress/wpbakery.rb +30 -0
data/checks/http/world4you.rb +46 -0
data/checks/http/wp_engine.rb +57 -0
data/checks/http/xcms.rb +30 -0
data/checks/http/xelion.rb +27 -0
data/checks/http/xerox.rb +27 -0
data/checks/http/xmb.rb +30 -0
data/checks/http/xtec.rb +30 -0
data/checks/http/yaf.rb +30 -0
data/checks/http/yaws.rb +30 -0
data/checks/http/yoast.rb +31 -0
data/checks/http/zeit.rb +30 -0
data/checks/http/zendesk.rb +41 -0
data/checks/http/zengenti.rb +30 -0
data/checks/http/zoho.rb +69 -0
data/checks/http/zscaler.rb +30 -0
data/checks/smtp/base.rb +16 -0
data/checks/smtp/exim.rb +30 -0
data/checks/snmp/base.rb +15 -0
data/checks/snmp/cisco.rb +59 -0
data/checks/ssh/array_networks.rb +28 -0
data/checks/ssh/base.rb +16 -0
data/checks/ssh/openssh.rb +26 -0
data/checks/telnet/base.rb +16 -0
data/checks/telnet/huawei.rb +26 -0
data/data/logos/acquia.png +0 -0
data/data/logos/amazon_cloudfront.png +0 -0
data/data/logos/apache_coyote.png +0 -0
data/data/logos/apache_tomcat.png +0 -0
data/data/logos/atlassian_bamboo.png +0 -0
data/data/logos/atlassian_bitbucket.png +0 -0
data/data/logos/atlassian_confluence.png +0 -0
data/data/logos/atlassian_crowd.png +0 -0
data/data/logos/atlassian_crucible.png +0 -0
data/data/logos/atlassian_fisheye.png +0 -0
data/data/logos/atlassian_jira.png +0 -0
data/data/logos/atlassian_sourcetree.png +0 -0
data/data/logos/automattic_wordpress.png +0 -0
data/data/logos/calibre.png +0 -0
data/data/logos/cisco_ssl_vpn.png +0 -0
data/data/logos/citrix_netscaler_gateway.png +0 -0
data/data/logos/cloudflare_cdn.png +0 -0
data/data/logos/drupal.png +0 -0
data/data/logos/f5_big-ip.png +0 -0
data/data/logos/f5_big-ip_apm.png +0 -0
data/data/logos/fastly.png +0 -0
data/data/logos/generic.png +0 -0
data/data/logos/gitlab.png +0 -0
data/data/logos/ibm_axway_securetransport.png +0 -0
data/data/logos/lithium.png +0 -0
data/data/logos/microsoft_asp.net.png +0 -0
data/data/logos/microsoft_iis.png +0 -0
data/data/logos/microsoft_outlook_web_access.png +0 -0
data/data/logos/microsoft_sharepoint.png +0 -0
data/data/logos/microtik_routeros.png +0 -0
data/data/logos/mikrotik_routeros.png +0 -0
data/data/logos/newrelic.png +0 -0
data/data/logos/nginx.png +0 -0
data/data/logos/okta.png +0 -0
data/data/logos/oracle_glassfish.png +0 -0
data/data/logos/oracle_java_application_server.png +0 -0
data/data/logos/oracle_java_server_pages.png +0 -0
data/data/logos/oracle_weblogic.png +0 -0
data/data/logos/phpmyadmin.png +0 -0
data/data/logos/tableau.png +0 -0
data/data/logos/vmware_esxi.png +0 -0
data/data/logos/vmware_horizon.png +0 -0
data/data/logos/zendesk.png +0 -0
data/data/logos/zimbra_server.png +0 -0
data/data/microsoft_sharepoint_versions.csv +224 -0
data/intrigue-ident.gemspec +8 -7
data/lib/banner_helpers.rb +36 -0
data/lib/ftp/check_factory.rb +24 -0
data/lib/ftp/content.rb +13 -0
data/lib/ftp/ftp.rb +52 -0
data/lib/ftp/matchers.rb +26 -0
data/lib/http/browser.rb +260 -0
data/lib/http/check_factory.rb +47 -0
data/lib/http/content.rb +45 -0
data/lib/http/http.rb +463 -0
data/lib/http/matchers.rb +132 -0
data/lib/ident.rb +263 -0
data/lib/recog_wrapper.rb +70 -0
data/lib/simple_socket.rb +41 -0
data/lib/smtp/check_factory.rb +24 -0
data/lib/smtp/content.rb +13 -0
data/lib/smtp/matchers.rb +28 -0
data/lib/smtp/smtp.rb +53 -0
data/lib/snmp/check_factory.rb +24 -0
data/lib/snmp/content.rb +13 -0
data/lib/snmp/matchers.rb +25 -0
data/lib/snmp/snmp.rb +55 -0
data/lib/ssh/check_factory.rb +24 -0
data/lib/ssh/content.rb +13 -0
data/lib/ssh/matchers.rb +26 -0
data/lib/ssh/ssh.rb +52 -0
data/lib/telnet/check_factory.rb +24 -0
data/lib/telnet/content.rb +13 -0
data/lib/telnet/matchers.rb +26 -0
data/lib/telnet/telnet.rb +52 -0
data/lib/utils.rb +19 -0
data/lib/version.rb +3 -0
data/lib/vulndb_client.rb +43 -0
data/util/console.rb +9 -0
data/util/docker.sh +2 -0
data/util/ident.rb +375 -0
data/util/list_paths.rb +12 -0
data/util/tags.rb +36 -0
data/utils.rb +19 -0
metadata +487 -55
data/ident.rb +0 -319
data/lib/check_factory.rb +0 -22
data/lib/checks/akamai.rb +0 -22
data/lib/checks/amazon.rb +0 -26
data/lib/checks/aruba.rb +0 -20
data/lib/checks/asp_net.rb +0 -70
data/lib/checks/atlassian.rb +0 -55
data/lib/checks/base.rb +0 -13
data/lib/checks/chef.rb +0 -31
data/lib/checks/cisco.rb +0 -33
data/lib/checks/citrix.rb +0 -24
data/lib/checks/cloudflare.rb +0 -59
data/lib/checks/cloudfront.rb +0 -41
data/lib/checks/cpanel.rb +0 -23
data/lib/checks/django.rb +0 -22
data/lib/checks/drupal.rb +0 -26
data/lib/checks/f5.rb +0 -24
data/lib/checks/fastly.rb +0 -22
data/lib/checks/generic.rb +0 -23
data/lib/checks/gitlab.rb +0 -22
data/lib/checks/google.rb +0 -23
data/lib/checks/grafana.rb +0 -22
data/lib/checks/jenkins.rb +0 -40
data/lib/checks/joomla.rb +0 -23
data/lib/checks/limesuvey.rb +0 -22
data/lib/checks/lithium.rb +0 -30
data/lib/checks/magento.rb +0 -22
data/lib/checks/mcafee.rb +0 -22
data/lib/checks/mediawiki.rb +0 -38
data/lib/checks/microsoft.rb +0 -69
data/lib/checks/nagios.rb +0 -22
data/lib/checks/oracle.rb +0 -38
data/lib/checks/palo_alto.rb +0 -23
data/lib/checks/pardot.rb +0 -22
data/lib/checks/pfsense.rb +0 -25
data/lib/checks/phpmyadmin.rb +0 -22
data/lib/checks/rabbitmq.rb +0 -29
data/lib/checks/spring.rb +0 -31
data/lib/checks/team_city.rb +0 -22
data/lib/checks/telerik.rb +0 -25
data/lib/checks/tomcat.rb +0 -22
data/lib/checks/varnish.rb +0 -27
data/lib/checks/wordpress.rb +0 -120
data/lib/checks/wp_engine.rb +0 -22

data/lib/http/matchers.rb ADDED

@@ -0,0 +1,132 @@
+module Intrigue
+module Ident
+module Http
+module Matchers
+  require_relative "http"
+  require_relative 'content'
+  include Intrigue::Ident::Http
+  include Intrigue::Ident::Content::Http
+  def match_http_response_hash(check,hash)
+    # save off the generator string
+    generator_match = "#{hash[:response_body]}".match(/<meta name=\"?generator\"? content=\"?(.*?)\"?\/>/i)
+    generator_string = generator_match.captures.first.gsub("\"","") if generator_match
+    # save off the title string
+    title_match = "#{hash[:response_body]}".match(/<title>(.*?)<\/title>/i)
+    title_string = title_match.captures.first.strip if title_match
+    # grab the set cookie header
+    set_cookie_header = "#{(hash[:response_headers]||[]).select{|x| x =~ /^set-cookie:(.*)/i}.first}".gsub("set-cookie:","").strip
+    data = hash.merge({
+      "details" =>  {
+        "hidden_response_data" => "#{hash[:response_body]}",
+        "start_url" => "#{hash[:start_url]}",
+        "final_url" => "#{hash[:final_url]}",
+        "headers" => hash[:response_headers], # this is a hash and we need an array!
+        "cookies" => set_cookie_header,
+        "generator" => generator_string,
+        "title" => title_string
+      }
+    })
+  match_uri_hash(check,data)
+  end
+  def match_browser_response_hash(check,browser_response_hash)
+    data = {
+      "details" =>  {
+        "hidden_response_data_rendered" => "#{browser_response_hash[:rendered]}",
+        "start_url" => "#{browser_response_hash[:start_url]}",
+        "final_url" => "#{browser_response_hash[:final_url]}",
+        "headers" => [],
+        "cookies" => "",
+        "generator" => "",
+        "title" => "#{browser_response_hash[:title]}",
+      }
+    }
+    match_uri_hash(check,data)
+  end
+  # Matches a text http response
+  def match_http_response_text(check,http_response_text)
+    # first convert to intrigue uri format
+    # grab headers
+    header_part = http_response_text.split(/\n\n/).first
+    body_part = http_response_text.split(/\n\n/).last
+    headers = header_part.split("\n");
+    body = body_part
+    # TODO - fix to only grab content!!!!
+    cookies = headers.select{|x| x =~ /^set-cookie:(.*)/i }
+    ### grab the page attributes
+    match = body.match(/<title>(.*?)<\/title>/i)
+    title = match.captures.first if match
+    match = response.body.match(/<meta name=\"?generator\"? content=\"?(.*?)\"?\/?>/i)
+    generator = match.captures.first.gsub("\"","") if match
+    # rest is a response
+    # save title
+    # save Cookies
+    # save scripts ?
+    data = {
+      "details" =>  {
+        "hidden_response_data" => body,
+        "headers" => headers,
+        "cookies" => cookies,
+        "generator" => generator,
+        "title" => title
+      }
+    }
+    match_uri_hash(check,data)
+  end
+  def match_uri_hash(check, data)
+    return nil unless check && data
+    # data[:body] => page body
+    # data[:headers] => block of text with headers, one per line
+    # data[:cookies] => set_cookie header
+    # data[:title] => parsed page title
+    # data[:generator] => parsed meta generator tag
+    # data[:body_md5] => md5 hash of the body
+    # if type "content", do the content check
+    if check[:type] == "fingerprint"
+      if check[:match_type] == :content_body
+        match = _construct_match_response(check,data) if _body(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_body_raw
+        match = _construct_match_response(check,data) if _body_raw(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_dom
+        match = _construct_match_response(check,data) if _body_rendered(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_headers
+        match = _construct_match_response(check,data) if _headers(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_cookies
+        match = _construct_match_response(check,data) if _cookies(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_generator
+        match = _construct_match_response(check,data) if _generator(data) =~ check[:match_content]
+      elsif check[:match_type] == :content_title
+        match = _construct_match_response(check,data) if _title(data) =~ check[:match_content]
+      elsif check[:match_type] == :checksum_body
+        match = _construct_match_response(check,data) if _body_raw_checksum(data) == check[:match_content]
+      end
+    elsif check[:type] == "content"
+      match = _construct_match_response(check,data)
+    end
+  match
+  end
+end
+end
+end
+end

data/lib/ident.rb ADDED

@@ -0,0 +1,263 @@
+#!/usr/bin/env ruby
+require 'net/http'
+require 'openssl'
+require 'zlib'
+# load in generic utils
+require_relative 'utils'
+require_relative 'version'
+# integrate recog
+require_relative 'recog_wrapper'
+###
+### Start protocol requires
+###
+##################################
+# Load in http matchers and checks
+###################################
+require_relative 'http/matchers'
+include Intrigue::Ident::Http::Matchers
+require_relative 'http/check_factory'
+require_relative '../checks/http/base'
+# http fingerprints
+check_folder = File.expand_path('../checks/http', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+# http content checks (always run)
+content_check_folder = File.expand_path('../checks/http/content', File.dirname(__FILE__)) # get absolute directory
+Dir["#{content_check_folder}/*.rb"].each { |file| require_relative file }
+# http content, wordpress specific checks
+content_check_folder = File.expand_path('../checks/http/wordpress', File.dirname(__FILE__)) # get absolute directory
+Dir["#{content_check_folder}/*.rb"].each { |file| require_relative file }
+# General helpers (apply widely across protocols)
+require_relative 'simple_socket'
+require_relative 'banner_helpers'
+##################################
+# Load in ftp matchers and checks
+#################################
+require_relative 'ftp/matchers'
+include Intrigue::Ident::Ftp::Matchers
+require_relative 'ftp/check_factory'
+require_relative '../checks/ftp/base'
+# ftp fingerprints
+check_folder = File.expand_path('../checks/ftp', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+##################################
+# Load in smtp matchers and checks
+##################################
+require_relative 'smtp/matchers'
+include Intrigue::Ident::Smtp::Matchers
+require_relative 'smtp/check_factory'
+require_relative '../checks/smtp/base'
+# smtp fingerprints
+check_folder = File.expand_path('../checks/smtp', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+##################################
+# Load in snmp matchers and checks
+##################################
+require_relative 'snmp/matchers'
+include Intrigue::Ident::Snmp::Matchers
+require_relative 'snmp/check_factory'
+require_relative '../checks/snmp/base'
+# snmp fingerprints
+check_folder = File.expand_path('../checks/snmp', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+##################################
+# Load in ssh matchers and checks
+##################################
+require_relative 'ssh/matchers'
+include Intrigue::Ident::Ssh::Matchers
+require_relative 'ssh/check_factory'
+require_relative '../checks/ssh/base'
+# ssh fingerprints
+check_folder = File.expand_path('../checks/ssh', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+##################################
+# Load in telnet matchers and checks
+##################################
+require_relative 'telnet/matchers'
+include Intrigue::Ident::Telnet::Matchers
+require_relative 'telnet/check_factory'
+require_relative '../checks/telnet/base'
+# telnet fingerprints
+check_folder = File.expand_path('../checks/telnet', File.dirname(__FILE__)) # get absolute directory
+Dir["#{check_folder}/*.rb"].each { |file| require_relative file }
+###
+### End protocol requires
+###
+# Load vulndb client
+require_relative "vulndb_client"
+# set default encoding
+Encoding.default_external = Encoding::UTF_8
+Encoding.default_internal = Encoding::UTF_8
+# set a base directory so we can use in checks
+$ident_dir = File.expand_path('../', File.dirname(__FILE__))
+module Intrigue
+  module Ident
+    private
+    def _construct_match_response(check, data)
+      if check[:type] == "fingerprint"
+        calculated_version = (check[:dynamic_version].call(data) if check[:dynamic_version]) || check[:version] || ""
+        calculated_update = (check[:dynamic_update].call(data) if check[:dynamic_update]) || check[:update] || ""
+        calculated_type = "a" if check[:category] == "application"
+        calculated_type = "h" if check[:category] == "hardware"
+        calculated_type = "o" if check[:category] == "operating_system"
+        calculated_type = "s" if check[:category] == "service" # literally made up
+        vendor_string = check[:vendor].gsub(" ","_") if check[:vendor]
+        product_string = check[:product].gsub(" ","_") if check[:product]
+        version = "#{calculated_version}".gsub(" ","_")
+        update = "#{calculated_update}".gsub(" ","_")
+        cpe_string = "cpe:2.3:#{calculated_type}:#{vendor_string}:#{product_string}:#{version}:#{update}".downcase
+        ##
+        ## Support for Dynamic
+        ##
+        if check[:dynamic_issue]
+          issue = check[:dynamic_issue].call(data)
+        elsif check[:issue]
+          issue = check[:issue]
+        else
+          issue = nil
+        end
+        ##
+        ## Support for Dynamic Hide
+        ##
+        if check[:dynamic_hide]
+          hide = check[:dynamic_hide].call(data)
+        elsif check[:hide]
+          hide = check[:hide]
+        else
+          hide = false
+        end
+        ##
+        ## Support for Dynamic Task
+        ##
+        if check[:dynamic_task]
+          task = check[:dynamic_task].call(data)
+        elsif check[:task]
+          task = check[:task]
+        else
+          task = nil
+        end
+        to_return = {
+          "method" => "ident",
+          "type" => check[:type],
+          "vendor" => check[:vendor],
+          "product" => check[:product],
+          "version" => calculated_version,
+          "update" => calculated_update,
+          "tags" => check[:tags],
+          "match_type" => check[:match_type],
+          "match_details" => check[:match_details],
+          "hide" => hide,
+          "cpe" => cpe_string,
+          "issue" => issue,
+          "task" => task, # [{ :task_name => "example", :task_options => {}}]
+          "inference" => check[:inference]
+        }
+      elsif check[:type] == "content"
+        # Mandatory lambda
+        result = check[:dynamic_result].call(data)
+        ##
+        ## Support for Dynamic Issue (must be dynamic, these checks always run)
+        ##
+        if result
+          ##
+          ## Support for Dynamic
+          ##
+          if check[:dynamic_issue]
+            issue = check[:dynamic_issue].call(data)
+          elsif check[:issue]
+            issue = check[:issue]
+          else
+            issue = nil
+          end
+          ##
+          ## Support for Dynamic Hide
+          ##
+          if check[:dynamic_hide]
+            hide = check[:dynamic_hide].call(data)
+          elsif check[:hide]
+            hide = check[:hide]
+          else
+            hide = false
+          end
+          ##
+          ## Support for Dynamic Task
+          ##
+          if check[:dynamic_task]
+            task = check[:dynamic_task].call(data)
+          elsif check[:task]
+            task = check[:task]
+          else
+            task = nil
+          end
+        end
+        to_return = {
+          "type" => check[:type],
+          "name" => check[:name],
+          "hide" => hide,
+          "issue" => issue,
+          "task" => task,
+          "result" => result
+        }
+      end
+    to_return
+    end
+end
+end
+# always include
+include Intrigue::Ident

data/lib/recog_wrapper.rb ADDED

@@ -0,0 +1,70 @@
+require 'recog'
+module Intrigue
+module Ident
+module RecogWrapper
+module Helpers
+  def recog_to_ident_hash(recog_hash)
+    # do the field conversation
+    out = {}
+    out["method"] = "recog"
+    out["vendor"] = recog_hash["service.vendor"]
+    out["product"] = recog_hash["service.product"]
+    out["version"] = recog_hash["service.version"]
+    out["cpe"] = recog_hash["service.cpe23"]
+    out["match_details"] = "#{recog_hash["matched"]} (Recog: #{recog_hash["fingerprint_db"]})"
+    out["inference"] = false
+    out["hide"] = false
+    out["issue"] = nil
+  out
+  end
+end
+module Http
+  include Intrigue::Ident::RecogWrapper::Helpers
+  def recog_match_http_server_banner(banner)
+    options = OpenStruct.new(color: false, detail: true, fail_fast: false, multi_match: true)
+    ndb = ::Recog::DB.new("http_servers.xml");nil
+    options.fingerprints = ndb.fingerprints;nil
+    matcher = ::Recog::MatcherFactory.build(options);nil
+    matches = matcher.match_banner(banner.gsub("server:","").strip)
+    # now convert a match to ident match format
+    matches.compact.map {|m| recog_to_ident_hash(m)}
+  end
+  def recog_match_http_cookies(string)
+    options = OpenStruct.new(color: false, detail: true, fail_fast: false, multi_match: true)
+    ndb = ::Recog::DB.new("http_cookies.xml");nil
+    options.fingerprints = ndb.fingerprints;nil
+    matcher = ::Recog::MatcherFactory.build(options);nil
+    matches = matcher.match_banner(string.gsub("set-cookie:","").strip)
+    # now convert it
+    matches.map {|m| recog_to_ident_hash(m)}
+  end
+end
+module Smtp
+  include Intrigue::Ident::RecogWrapper::Helpers
+  def recog_match_smtp_banner(string)
+    options = OpenStruct.new(color: false, detail: true, fail_fast: false, multi_match: true)
+    ndb = ::Recog::DB.new("smtp_banners.xml");nil
+    options.fingerprints = ndb.fingerprints;nil
+    matcher = ::Recog::MatcherFactory.build(options);nil
+    matches = matcher.match_banner(string)
+    # now convert it
+    matches.map {|m| recog_to_ident_hash(m)}
+  end
+end
+end
+end
+end