recog-intrigue 2.3.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +37 -0
- data/.github/ISSUE_TEMPLATE/feature_request.md +17 -0
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +27 -0
- data/.github/PULL_REQUEST_TEMPLATE +24 -0
- data/.gitignore +14 -0
- data/.rbenv-gemset +1 -0
- data/.rspec +3 -0
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +25 -0
- data/.yardopts +1 -0
- data/CONTRIBUTING.md +171 -0
- data/COPYING +23 -0
- data/Gemfile +10 -0
- data/LICENSE +7 -0
- data/README.md +85 -0
- data/Rakefile +22 -0
- data/bin/recog_export +81 -0
- data/bin/recog_match +55 -0
- data/bin/recog_standardize +118 -0
- data/bin/recog_verify +64 -0
- data/cpe-remap.yaml +134 -0
- data/features/data/failing_banners_fingerprints.xml +20 -0
- data/features/data/matching_banners_fingerprints.xml +23 -0
- data/features/data/multiple_banners_fingerprints.xml +32 -0
- data/features/data/no_tests.xml +3 -0
- data/features/data/sample_banner.txt +2 -0
- data/features/data/successful_tests.xml +18 -0
- data/features/data/tests_with_failures.xml +20 -0
- data/features/data/tests_with_warnings.xml +17 -0
- data/features/match.feature +36 -0
- data/features/support/aruba.rb +3 -0
- data/features/support/env.rb +6 -0
- data/features/verify.feature +48 -0
- data/identifiers/README.md +47 -0
- data/identifiers/os_architecture.txt +20 -0
- data/identifiers/os_device.txt +52 -0
- data/identifiers/os_family.txt +160 -0
- data/identifiers/os_product.txt +199 -0
- data/identifiers/service_family.txt +185 -0
- data/identifiers/service_product.txt +255 -0
- data/identifiers/software_class.txt +26 -0
- data/identifiers/software_family.txt +91 -0
- data/identifiers/software_product.txt +333 -0
- data/identifiers/vendor.txt +405 -0
- data/lib/recog.rb +4 -0
- data/lib/recog/db.rb +78 -0
- data/lib/recog/db_manager.rb +31 -0
- data/lib/recog/fingerprint.rb +280 -0
- data/lib/recog/fingerprint/regexp_factory.rb +56 -0
- data/lib/recog/fingerprint/test.rb +18 -0
- data/lib/recog/formatter.rb +51 -0
- data/lib/recog/match_reporter.rb +77 -0
- data/lib/recog/matcher.rb +94 -0
- data/lib/recog/matcher_factory.rb +14 -0
- data/lib/recog/nizer.rb +347 -0
- data/lib/recog/verifier.rb +39 -0
- data/lib/recog/verifier_factory.rb +13 -0
- data/lib/recog/verify_reporter.rb +86 -0
- data/lib/recog/version.rb +3 -0
- data/misc/convert_mysql_err +61 -0
- data/misc/order.xsl +17 -0
- data/recog-intrigue.gemspec +45 -0
- data/requirements.txt +2 -0
- data/spec/data/best_os_match_1.yml +17 -0
- data/spec/data/best_os_match_2.yml +17 -0
- data/spec/data/best_service_match_1.yml +17 -0
- data/spec/data/smb_native_os.txt +25 -0
- data/spec/data/test_fingerprints.xml +36 -0
- data/spec/data/verification_fingerprints.xml +86 -0
- data/spec/data/whitespaced_fingerprint.xml +5 -0
- data/spec/lib/fingerprint_self_test_spec.rb +174 -0
- data/spec/lib/recog/db_spec.rb +98 -0
- data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +73 -0
- data/spec/lib/recog/fingerprint_spec.rb +112 -0
- data/spec/lib/recog/formatter_spec.rb +69 -0
- data/spec/lib/recog/match_reporter_spec.rb +91 -0
- data/spec/lib/recog/nizer_spec.rb +330 -0
- data/spec/lib/recog/verify_reporter_spec.rb +113 -0
- data/spec/spec_helper.rb +82 -0
- data/update_cpes.py +186 -0
- data/xml/apache_modules.xml +1911 -0
- data/xml/apache_os.xml +273 -0
- data/xml/architecture.xml +36 -0
- data/xml/dns_versionbind.xml +761 -0
- data/xml/fingerprints.xsd +128 -0
- data/xml/ftp_banners.xml +1553 -0
- data/xml/h323_callresp.xml +603 -0
- data/xml/hp_pjl_id.xml +358 -0
- data/xml/html_title.xml +1630 -0
- data/xml/http_cookies.xml +411 -0
- data/xml/http_servers.xml +3195 -0
- data/xml/http_wwwauth.xml +595 -0
- data/xml/imap_banners.xml +245 -0
- data/xml/ldap_searchresult.xml +711 -0
- data/xml/mdns_device-info_txt.xml +1796 -0
- data/xml/mdns_workstation_txt.xml +15 -0
- data/xml/mysql_banners.xml +1649 -0
- data/xml/mysql_error.xml +871 -0
- data/xml/nntp_banners.xml +82 -0
- data/xml/ntp_banners.xml +1223 -0
- data/xml/operating_system.xml +629 -0
- data/xml/pop_banners.xml +499 -0
- data/xml/rsh_resp.xml +76 -0
- data/xml/rtsp_servers.xml +76 -0
- data/xml/sip_banners.xml +359 -0
- data/xml/sip_user_agents.xml +221 -0
- data/xml/smb_native_lm.xml +62 -0
- data/xml/smb_native_os.xml +662 -0
- data/xml/smtp_banners.xml +1690 -0
- data/xml/smtp_debug.xml +39 -0
- data/xml/smtp_ehlo.xml +49 -0
- data/xml/smtp_expn.xml +82 -0
- data/xml/smtp_help.xml +157 -0
- data/xml/smtp_mailfrom.xml +20 -0
- data/xml/smtp_noop.xml +44 -0
- data/xml/smtp_quit.xml +29 -0
- data/xml/smtp_rcptto.xml +25 -0
- data/xml/smtp_rset.xml +26 -0
- data/xml/smtp_turn.xml +26 -0
- data/xml/smtp_vrfy.xml +89 -0
- data/xml/snmp_sysdescr.xml +6507 -0
- data/xml/snmp_sysobjid.xml +430 -0
- data/xml/ssh_banners.xml +1968 -0
- data/xml/telnet_banners.xml +1595 -0
- data/xml/x11_banners.xml +232 -0
- data/xml/x509_issuers.xml +134 -0
- data/xml/x509_subjects.xml +1268 -0
- metadata +304 -0
@@ -0,0 +1,128 @@
|
|
1
|
+
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
|
2
|
+
|
3
|
+
<xsd:element name="fingerprints" type="fingerprints_element"/>
|
4
|
+
|
5
|
+
<xsd:complexType name="fingerprints_element">
|
6
|
+
<xsd:annotation>
|
7
|
+
<xsd:documentation xml:lang="en">
|
8
|
+
The attributes that follow this documentation help categorize the
|
9
|
+
fingerprint databases and contents as well as enable optimization of
|
10
|
+
their processing.
|
11
|
+
|
12
|
+
- matches: provides a XML fingerprint database identifier. It is
|
13
|
+
intended to be descriptive in nature and often indicates a protocol
|
14
|
+
and function or sub-protocol type. Examples of this would be
|
15
|
+
'mysql.banners' vs 'mysql.errors'. If this attribute is not present
|
16
|
+
in the XML then its value is the base filename without the file
|
17
|
+
extension. See Recog::DB#parse_fingerprints
|
18
|
+
This value is returned as part of any successful match.
|
19
|
+
|
20
|
+
- protocol: indicates the name of the service or protocol
|
21
|
+
found within the XML fingerprint database. Examples of this would
|
22
|
+
be 'ftp', 'smtp', 'ssh', etc. Within Recog this value will be
|
23
|
+
superseded by a 'service.protocol' attribute on a specific
|
24
|
+
fingerprint match. See Recog::DB#parse_fingerprints
|
25
|
+
This value has two purposes. It can be used for filtering
|
26
|
+
( See Recog::Nizer#match_all_db ) and is returned as part of any
|
27
|
+
successful match.
|
28
|
+
|
29
|
+
- database_type: indicates the type of fingerprints matches expected
|
30
|
+
to be found within the database. These values are used by
|
31
|
+
Recog::Nizer#match_all_db to filter matches to just the type of
|
32
|
+
database that is relevant to the match string.
|
33
|
+
This value is *NOT* returned as part of successful matches.
|
34
|
+
|
35
|
+
Current values are:
|
36
|
+
|
37
|
+
- service: These fingerprints are intended to match banners or
|
38
|
+
other responses from services. Fingerprint matches in 'service'
|
39
|
+
database do not necessarily have to return 'service.' attributes
|
40
|
+
in the match data.
|
41
|
+
|
42
|
+
- util.os: These fingerprints are intended to be used to identify
|
43
|
+
or extract OS related information from strings that are not
|
44
|
+
responses to service probes. This may be used in a utility
|
45
|
+
capacity and may provide for data enrichment via an independent
|
46
|
+
call after a service banner match has already be made.
|
47
|
+
|
48
|
+
- preference: indicates the relative priority/ordering that will be used
|
49
|
+
when Recog::Nizer performs matches against multiple databases.
|
50
|
+
'preference' is a float value that currently ranges from 0.0 to 1.0
|
51
|
+
Higher numbers are given greater priority and will be processed
|
52
|
+
first. If this attribute is not present in the fingerprint database
|
53
|
+
it will be assigned the value of 'DEFAULT_FP_PREFERENCE' within
|
54
|
+
Recog::DB which is currently 0.10
|
55
|
+
|
56
|
+
This value is *NOT* returned as part of successful matches.
|
57
|
+
|
58
|
+
When determining the priority of a fingerprint database the
|
59
|
+
following criterial and rules should be used:
|
60
|
+
|
61
|
+
- Values above 0.90 should be reserved for end user use with the
|
62
|
+
goal of enabling them to create fingerprint databases that will
|
63
|
+
always take priority over those included in the Recog project.
|
64
|
+
|
65
|
+
- Values below 0.10 should be reserved for end user use with the
|
66
|
+
goal of enabling them to create fingerprint databases that will
|
67
|
+
always be processed after those included with the Recog project.
|
68
|
+
|
69
|
+
- The highest level of preference should be given to those
|
70
|
+
fingerprint databases that have very high quality matches
|
71
|
+
(very strict regex, accurate).
|
72
|
+
|
73
|
+
- Priority should be given to those fingerprint databases that
|
74
|
+
are for very common services.
|
75
|
+
|
76
|
+
- Consideration should be given to preferring databases that will
|
77
|
+
provide the most valuable data. For example, 'http_header.server'
|
78
|
+
and 'http_header.cookie' may both provide matches to the same
|
79
|
+
HTTP server response, but 'http_header.server' is more likely
|
80
|
+
to provide the best data.
|
81
|
+
|
82
|
+
- Values of 0.90 - 0.80 should be used for those very high quality,
|
83
|
+
highly common services.
|
84
|
+
</xsd:documentation>
|
85
|
+
</xsd:annotation>
|
86
|
+
<xsd:sequence>
|
87
|
+
<xsd:element name="fingerprint" type="fingerprint_element" minOccurs="1" maxOccurs="unbounded"/>
|
88
|
+
</xsd:sequence>
|
89
|
+
|
90
|
+
<xsd:attribute name="matches" type="xsd:string" use="optional"/>
|
91
|
+
<xsd:attribute name="protocol" type="xsd:string" use="optional"/>
|
92
|
+
<xsd:attribute name="database_type" type="xsd:string" use="optional"/>
|
93
|
+
<xsd:attribute name="preference" use="optional">
|
94
|
+
<xsd:simpleType>
|
95
|
+
<xsd:restriction base="xsd:float">
|
96
|
+
<xsd:minInclusive value="0" />
|
97
|
+
<xsd:maxInclusive value="1.0" />
|
98
|
+
</xsd:restriction>
|
99
|
+
</xsd:simpleType>
|
100
|
+
</xsd:attribute>
|
101
|
+
</xsd:complexType>
|
102
|
+
|
103
|
+
<xsd:complexType name="fingerprint_element" mixed="true">
|
104
|
+
<xsd:sequence>
|
105
|
+
<xsd:element name="description" type="xsd:string" minOccurs="1" maxOccurs="1"/>
|
106
|
+
<xsd:element name="example" type="example_element" minOccurs="0" maxOccurs="unbounded"/>
|
107
|
+
<xsd:element name="param" type="param_element" minOccurs="0" maxOccurs="unbounded"/>
|
108
|
+
</xsd:sequence>
|
109
|
+
<xsd:attribute name="certainty" type="xsd:string" use="optional"/>
|
110
|
+
<xsd:attribute name="pattern" type="xsd:string" use="required"/>
|
111
|
+
<xsd:attribute name="flags" type="xsd:string" use="optional"/>
|
112
|
+
</xsd:complexType>
|
113
|
+
|
114
|
+
<xsd:complexType name="example_element">
|
115
|
+
<xsd:simpleContent>
|
116
|
+
<xsd:extension base="xsd:string">
|
117
|
+
<xsd:anyAttribute processContents="skip"/>
|
118
|
+
</xsd:extension>
|
119
|
+
</xsd:simpleContent>
|
120
|
+
</xsd:complexType>
|
121
|
+
|
122
|
+
<xsd:complexType name="param_element">
|
123
|
+
<xsd:attribute name="name" type="xsd:string" use="required"/>
|
124
|
+
<xsd:attribute name="pos" type="xsd:integer" use="required"/>
|
125
|
+
<xsd:attribute name="value" type="xsd:string" use="optional"/>
|
126
|
+
</xsd:complexType>
|
127
|
+
|
128
|
+
</xsd:schema>
|
data/xml/ftp_banners.xml
ADDED
@@ -0,0 +1,1553 @@
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
2
|
+
<fingerprints matches="ftp.banner" protocol="ftp" database_type="service" preference="0.90">
|
3
|
+
<!--
|
4
|
+
FTP greeting messages (part of the banner after the response code) are matched
|
5
|
+
against these patterns to fingerprint FTP servers.
|
6
|
+
-->
|
7
|
+
<fingerprint pattern="^([^ ]+) Microsoft FTP Service \(Version ([1234]\.\d+)\)\.$">
|
8
|
+
<description>Microsoft FTP Server on Windows NT</description>
|
9
|
+
<example>xx Microsoft FTP Service (Version 3.0).</example>
|
10
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
11
|
+
<param pos="0" name="service.product" value="IIS"/>
|
12
|
+
<param pos="0" name="service.family" value="IIS"/>
|
13
|
+
<param pos="2" name="service.version"/>
|
14
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:{service.version}"/>
|
15
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
16
|
+
<param pos="0" name="os.family" value="Windows"/>
|
17
|
+
<param pos="0" name="os.product" value="Windows NT"/>
|
18
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:-"/>
|
19
|
+
<param pos="1" name="host.name"/>
|
20
|
+
</fingerprint>
|
21
|
+
<fingerprint pattern="^([^ ]+) Microsoft FTP Service \(Version 5.0\)\.$">
|
22
|
+
<description>Microsoft FTP Server on Windows 2000</description>
|
23
|
+
<example>xxx Microsoft FTP Service (Version 5.0).</example>
|
24
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
25
|
+
<param pos="0" name="service.product" value="IIS"/>
|
26
|
+
<param pos="0" name="service.family" value="IIS"/>
|
27
|
+
<param pos="0" name="service.version" value="5.0"/>
|
28
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:5.0"/>
|
29
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
30
|
+
<param pos="0" name="os.family" value="Windows"/>
|
31
|
+
<param pos="0" name="os.product" value="Windows 2000"/>
|
32
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
33
|
+
<param pos="1" name="host.name"/>
|
34
|
+
</fingerprint>
|
35
|
+
<fingerprint pattern="^([^ ]+) Microsoft FTP Service \(Version 5.1\)\.$">
|
36
|
+
<description>Microsoft FTP Server on Windows XP, 2003 or later versions of 2000</description>
|
37
|
+
<example>xxx Microsoft FTP Service (Version 5.1).</example>
|
38
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
39
|
+
<param pos="0" name="service.product" value="IIS"/>
|
40
|
+
<param pos="0" name="service.family" value="IIS"/>
|
41
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:-"/>
|
42
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
43
|
+
<param pos="0" name="os.family" value="Windows"/>
|
44
|
+
<param pos="0" name="os.product" value="Windows"/>
|
45
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
46
|
+
<param pos="1" name="host.name"/>
|
47
|
+
</fingerprint>
|
48
|
+
<fingerprint pattern="^([^ ]+) Microsoft FTP Service$">
|
49
|
+
<description>Microsoft FTP Server on Windows XP, 2003 or later without version</description>
|
50
|
+
<example>hostname Microsoft FTP Service</example>
|
51
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
52
|
+
<param pos="0" name="service.product" value="IIS"/>
|
53
|
+
<param pos="0" name="service.family" value="IIS"/>
|
54
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:-"/>
|
55
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
56
|
+
<param pos="0" name="os.family" value="Windows"/>
|
57
|
+
<param pos="0" name="os.product" value="Windows"/>
|
58
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
59
|
+
<param pos="1" name="host.name"/>
|
60
|
+
</fingerprint>
|
61
|
+
<fingerprint pattern="^Microsoft FTP Service$">
|
62
|
+
<description>Microsoft FTP Server on Windows XP, 2003 or later without version or hostname</description>
|
63
|
+
<example>Microsoft FTP Service</example>
|
64
|
+
<param pos="0" name="service.vendor" value="Microsoft"/>
|
65
|
+
<param pos="0" name="service.product" value="IIS"/>
|
66
|
+
<param pos="0" name="service.family" value="IIS"/>
|
67
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:-"/>
|
68
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
69
|
+
<param pos="0" name="os.family" value="Windows"/>
|
70
|
+
<param pos="0" name="os.product" value="Windows"/>
|
71
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
72
|
+
</fingerprint>
|
73
|
+
<fingerprint pattern="^([^ ]+) +FTP +Server \(Version ([^\(]+)\(PHNE_\d+\) [^\)]+\) ready.?$" flags="REG_ICASE">
|
74
|
+
<description>FTP on HPUX with a PHNE (HP Networking patch) installed</description>
|
75
|
+
<example>example.com FTP server (Version 1.1.214.4(PHNE_38458) Mon Feb 15 06:03:12 GMT 2010) ready.</example>
|
76
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
77
|
+
<param pos="0" name="service.product" value="FTPD"/>
|
78
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
79
|
+
<param pos="0" name="os.family" value="HP-UX"/>
|
80
|
+
<param pos="0" name="os.product" value="HP-UX"/>
|
81
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
82
|
+
<param pos="1" name="host.name"/>
|
83
|
+
<param pos="2" name="service.version"/>
|
84
|
+
</fingerprint>
|
85
|
+
<fingerprint pattern="^([^ ]+) +FTP +Server \(Revision \S+ Version wuftpd-([^\(]+)\(PHNE_\d+\) [^\)]+\) ready.?$" flags="REG_ICASE">
|
86
|
+
<description>WU-FTPD on HPUX with a PHNE (HP Networking patch) installed</description>
|
87
|
+
<example>example.com FTP server (Revision 1.1 Version wuftpd-2.6.1(PHNE_38578) Fri Sep 5 12:10:54 GMT 2008) ready.</example>
|
88
|
+
<param pos="0" name="service.vendor" value="Washington University"/>
|
89
|
+
<param pos="0" name="service.product" value="WU-FTPD"/>
|
90
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
91
|
+
<param pos="0" name="os.family" value="HP-UX"/>
|
92
|
+
<param pos="0" name="os.product" value="HP-UX"/>
|
93
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
94
|
+
<param pos="1" name="host.name"/>
|
95
|
+
<param pos="2" name="service.version"/>
|
96
|
+
</fingerprint>
|
97
|
+
<fingerprint pattern="^(\S+)(?: \S+)? FTP Server \((?:Revision [\d\.]+ )?Version wu(?:ftpd)?-([\d\.]+).*\) ready.?$" flags="REG_ICASE">
|
98
|
+
<description>WU-FTPD on various OS</description>
|
99
|
+
<example host.name="example.com" service.version="2.6.2">example.com FTP server (Version wu-2.6.2(1) Sat Jul 19 16:21:30 UTC 2008) ready.</example>
|
100
|
+
<example host.name="example.com" service.version="2.6.2">example.com 192.168.0.1 FTP server (Version wu-2.6.2(1) Wed Sep 21 11:16:21 MEST 2005) ready.</example>
|
101
|
+
<example host.name="example.com" service.version="2.6.2">example.com FTP server (Version wu-2.6.2-11.73.1) ready.</example>
|
102
|
+
<example host.name="example.com" service.version="2.6.1">example.com FTP server (Revision 5.0 Version wuftpd-2.6.1 Thu Apr 29 06:48:40 GMT 2010) ready.</example>
|
103
|
+
<param pos="0" name="service.vendor" value="Washington University"/>
|
104
|
+
<param pos="0" name="service.product" value="WU-FTPD"/>
|
105
|
+
<param pos="1" name="host.name"/>
|
106
|
+
<param pos="2" name="service.version"/>
|
107
|
+
</fingerprint>
|
108
|
+
<fingerprint pattern="^(\S+)\s+FTP Server \(Version:\s+Mac OS X Server\s+([\d\.]+).*\) ready\.?" flags="REG_ICASE,REG_MULTILINE">
|
109
|
+
<description>FTPD on Mac OS X Server with a version</description>
|
110
|
+
<example host.name="example.com" os.version="10.3">example.com FTP server (Version: Mac OS X Server 10.3 - +GSSAPI) ready.</example>
|
111
|
+
<example host.name="example.com" os.version="10.3">this is a banner. change it.
|
112
|
+
example.com FTP server (Version: Mac OS X Server 10.3 - +GSSAPI) ready.</example>
|
113
|
+
<param pos="0" name="service.vendor" value="Apple"/>
|
114
|
+
<param pos="0" name="service.product" value="FTP"/>
|
115
|
+
<param pos="0" name="os.vendor" value="Apple"/>
|
116
|
+
<param pos="0" name="os.family" value="Mac OS X"/>
|
117
|
+
<param pos="0" name="os.product" value="Mac OS X Server"/>
|
118
|
+
<param pos="1" name="host.name"/>
|
119
|
+
<param pos="2" name="os.version"/>
|
120
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x_server:{os.version}"/>
|
121
|
+
</fingerprint>
|
122
|
+
<fingerprint pattern="^(\S+)\s+FTP Server \(Version:\s+Mac OS X Server\) ready\.?" flags="REG_ICASE,REG_MULTILINE">
|
123
|
+
<description>FTPD on Mac OS X Server without a version</description>
|
124
|
+
<example host.name="example.com">example.com FTP server (Version: Mac OS X Server) ready.</example>
|
125
|
+
<example host.name="example.com">this is a banner. change it.
|
126
|
+
example.com FTP server (Version: Mac OS X Server) ready.</example>
|
127
|
+
<param pos="0" name="service.vendor" value="Apple"/>
|
128
|
+
<param pos="0" name="service.product" value="FTP"/>
|
129
|
+
<param pos="0" name="os.vendor" value="Apple"/>
|
130
|
+
<param pos="0" name="os.family" value="Mac OS X"/>
|
131
|
+
<param pos="0" name="os.product" value="Mac OS X Server"/>
|
132
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x_server:-"/>
|
133
|
+
<param pos="1" name="host.name"/>
|
134
|
+
</fingerprint>
|
135
|
+
<fingerprint pattern="^(\S+)\s+FTP Server \(tnftpd (.*)\) ready\.?$" flags="REG_ICASE">
|
136
|
+
<description>Simple tnftpd banner with a version</description>
|
137
|
+
<example host.name="example.com" service.version="20061217">example.com FTP server (tnftpd 20061217) ready.</example>
|
138
|
+
<param pos="0" name="service.product" value="tnftpd"/>
|
139
|
+
<param pos="2" name="service.version"/>
|
140
|
+
<param pos="1" name="host.name"/>
|
141
|
+
</fingerprint>
|
142
|
+
<fingerprint pattern="^(\S+) FTP Server \(SunOS 5.(1[1-9])\) ready\.?$" flags="REG_ICASE">
|
143
|
+
<description>SunOS/Solaris</description>
|
144
|
+
<example host.name="example.com" os.version="11">example.com FTP server (SunOS 5.11) ready.</example>
|
145
|
+
<param pos="0" name="os.vendor" value="Oracle"/>
|
146
|
+
<param pos="0" name="os.family" value="Solaris"/>
|
147
|
+
<param pos="0" name="os.product" value="Solaris"/>
|
148
|
+
<param pos="1" name="host.name"/>
|
149
|
+
<param pos="2" name="os.version"/>
|
150
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
151
|
+
</fingerprint>
|
152
|
+
<fingerprint pattern="^(\S+) FTP Server \(SunOS 5.([789]|10)\) ready\.?$" flags="REG_ICASE">
|
153
|
+
<description>SunOS/Solaris 5.7-5.10</description>
|
154
|
+
<example host.name="example.com" os.version="7">example.com FTP server (SunOS 5.7) ready.</example>
|
155
|
+
<example host.name="example.com" os.version="10">example.com FTP server (SunOS 5.10) ready.</example>
|
156
|
+
<param pos="0" name="os.vendor" value="Sun"/>
|
157
|
+
<param pos="0" name="os.family" value="Solaris"/>
|
158
|
+
<param pos="0" name="os.product" value="Solaris"/>
|
159
|
+
<param pos="1" name="host.name"/>
|
160
|
+
<param pos="2" name="os.version"/>
|
161
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
162
|
+
</fingerprint>
|
163
|
+
<fingerprint pattern="^(\S+) FTP Server \(SunOS 5.6\) ready\." flags="REG_ICASE">
|
164
|
+
<description>SunOS 5.6 (Solaris 2.6)</description>
|
165
|
+
<example host.name="example.com">example.com FTP Server (SunOS 5.6) ready.</example>
|
166
|
+
<param pos="0" name="os.vendor" value="Sun"/>
|
167
|
+
<param pos="0" name="os.family" value="Solaris"/>
|
168
|
+
<param pos="0" name="os.product" value="Solaris"/>
|
169
|
+
<param pos="0" name="os.version" value="2.6"/>
|
170
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:2.6"/>
|
171
|
+
<param pos="1" name="host.name"/>
|
172
|
+
</fingerprint>
|
173
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \(Debian\) \[(.+)\]$">
|
174
|
+
<description>ProFTPD on Debian Linux</description>
|
175
|
+
<example>ProFTPD 1.3.0rc2 Server (Debian) [host]</example>
|
176
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
177
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
178
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
179
|
+
<param pos="1" name="service.version"/>
|
180
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
181
|
+
<param pos="0" name="os.vendor" value="Debian"/>
|
182
|
+
<param pos="0" name="os.family" value="Linux"/>
|
183
|
+
<param pos="0" name="os.product" value="Linux"/>
|
184
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
|
185
|
+
<param pos="2" name="host.name"/>
|
186
|
+
</fingerprint>
|
187
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \(Linksys(W.+)\) \[(.+)\]$">
|
188
|
+
<description>ProFTPD on a Linksys Wireless Access Point/Router</description>
|
189
|
+
<example>ProFTPD 1.3.0rc2 Server (LinksysWRT350N) [host]</example>
|
190
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
191
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
192
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
193
|
+
<param pos="1" name="service.version"/>
|
194
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
195
|
+
<param pos="0" name="os.vendor" value="Linksys"/>
|
196
|
+
<param pos="0" name="os.device" value="WAP"/>
|
197
|
+
<param pos="2" name="os.product"/>
|
198
|
+
<param pos="3" name="host.name"/>
|
199
|
+
</fingerprint>
|
200
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \(NETGEAR ReadyNAS\) \[(.+)\]$">
|
201
|
+
<description>ProFTPD on a Netgear ReadyNAS with a version and IP</description>
|
202
|
+
<example service.version="1.3.3g" host.ip="192.168.1.10">ProFTPD 1.3.3g Server (NETGEAR ReadyNAS) [192.168.1.10]</example>
|
203
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
204
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
205
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
206
|
+
<param pos="1" name="service.version"/>
|
207
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
208
|
+
<param pos="0" name="hw.vendor" value="Netgear"/>
|
209
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
210
|
+
<param pos="0" name="hw.product" value="ReadyNAS"/>
|
211
|
+
<param pos="2" name="host.ip"/>
|
212
|
+
</fingerprint>
|
213
|
+
<fingerprint pattern="^ProFTPD Server \(NETGEAR ReadyNAS\) \[(.+)\]$">
|
214
|
+
<description>ProFTPD on a Netgear ReadyNAS with a hostname</description>
|
215
|
+
<example host.name="test">ProFTPD Server (NETGEAR ReadyNAS) [test]</example>
|
216
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
217
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
218
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
219
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
220
|
+
<param pos="0" name="hw.vendor" value="Netgear"/>
|
221
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
222
|
+
<param pos="0" name="hw.product" value="ReadyNAS"/>
|
223
|
+
<param pos="1" name="host.name"/>
|
224
|
+
</fingerprint>
|
225
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \(Linksys(.*)\) \[(.+)\]$">
|
226
|
+
<description>ProFTPD on a wired Linksys device</description>
|
227
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
228
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
229
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
230
|
+
<param pos="1" name="service.version"/>
|
231
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
232
|
+
<param pos="0" name="os.vendor" value="Linksys"/>
|
233
|
+
<param pos="0" name="os.device" value="Router"/>
|
234
|
+
<param pos="2" name="os.product"/>
|
235
|
+
<param pos="3" name="host.name"/>
|
236
|
+
</fingerprint>
|
237
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[(.+)\]$">
|
238
|
+
<description>ProFTPD with version info but no obvious OS info</description>
|
239
|
+
<example service.version="1.2.10">ProFTPD 1.2.10 Server (Main FTP Server) [host]</example>
|
240
|
+
<example proftpd.server.name="ProFTPD">ProFTPD 1.2.10 Server (ProFTPD) [host]</example>
|
241
|
+
<example host.name="host">ProFTPD 1.2.10rc3 Server (ProFTPD Default Installation) [host]</example>
|
242
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
243
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
244
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
245
|
+
<param pos="1" name="service.version"/>
|
246
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
247
|
+
<param pos="2" name="proftpd.server.name"/>
|
248
|
+
<param pos="3" name="host.name"/>
|
249
|
+
</fingerprint>
|
250
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server ready\.$">
|
251
|
+
<description>ProFTPD with only version info</description>
|
252
|
+
<example service.version="1.3.0rc2">ProFTPD 1.3.0rc2 Server ready.</example>
|
253
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
254
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
255
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
256
|
+
<param pos="1" name="service.version"/>
|
257
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
258
|
+
</fingerprint>
|
259
|
+
<fingerprint pattern="^ProFTPD (?:FTP )?Server ready\.$">
|
260
|
+
<description>ProFTPD with no version info</description>
|
261
|
+
<example>ProFTPD FTP Server ready.</example>
|
262
|
+
<example>ProFTPD Server ready.</example>
|
263
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
264
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
265
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
266
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
267
|
+
</fingerprint>
|
268
|
+
<fingerprint pattern="^ProFTPD Server \(.*\) \[([a-f\d.:]+)\]$">
|
269
|
+
<description>ProFTPD with no version info, parenthetical form</description>
|
270
|
+
<example host.ip="1.2.3.4">ProFTPD Server (ProFTPD) [1.2.3.4]</example>
|
271
|
+
<example host.ip="1.2.3.4">ProFTPD Server (ProFTPD Default Installation) [1.2.3.4]</example>
|
272
|
+
<example host.ip="1.2.3.4">ProFTPD Server (pair Networks, Inc FTP server) [1.2.3.4]</example>
|
273
|
+
<example host.ip="::ffff:192.168.1.1">ProFTPD Server (ProFTPD) [::ffff:192.168.1.1]</example>
|
274
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
275
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
276
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
277
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
278
|
+
<param pos="1" name="host.ip"/>
|
279
|
+
</fingerprint>
|
280
|
+
<fingerprint pattern="^ProFTPD Server$">
|
281
|
+
<description>ProFTPD with no version info, short form</description>
|
282
|
+
<example>ProFTPD Server</example>
|
283
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
284
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
285
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
286
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
287
|
+
</fingerprint>
|
288
|
+
<fingerprint pattern="^ProFTPD\s*$">
|
289
|
+
<description>ProFTPD with no version info, super short form</description>
|
290
|
+
<example>ProFTPD</example>
|
291
|
+
<example>ProFTPD </example>
|
292
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
293
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
294
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
295
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
296
|
+
</fingerprint>
|
297
|
+
<fingerprint pattern="^(?:\d{4}\-\d\d\-\d\d \d\d:\d\d:\d\d,\d\d\d )?(\S+) proftpd\[\d+\]: error: no valid servers configured">
|
298
|
+
<description>ProFTPD no valid servers configured</description>
|
299
|
+
<example host.name="ftp.host.com">ftp.host.com proftpd[40312]: error: no valid servers configured\n</example>
|
300
|
+
<example host.name="hostname.com">2016-10-31 12:14:35,524 hostname.com proftpd[26992]: error: no valid servers configured\n</example>
|
301
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
302
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
303
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
304
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
305
|
+
<param pos="1" name="host.name"/>
|
306
|
+
</fingerprint>
|
307
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[[a-f\d.:\]]*$">
|
308
|
+
<description>ProFTPD with version info - truncated</description>
|
309
|
+
<example service.version="1.3.2c">ProFTPD 1.3.2c Server (ProFTPD Default Installation) [</example>
|
310
|
+
<example proftpd.server.name="svrname.hosting.com">ProFTPD 1.3.0 Server (svrname.hosting.com) [10.10.10.</example>
|
311
|
+
<example>ProFTPD 1.3.3a Server (randomstring) [::ff</example>
|
312
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
313
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
314
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
315
|
+
<param pos="1" name="service.version"/>
|
316
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
317
|
+
<param pos="2" name="proftpd.server.name"/>
|
318
|
+
</fingerprint>
|
319
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server ([\w.-]+)$">
|
320
|
+
<description>ProFTPD with version info but no obvious OS info, take 2</description>
|
321
|
+
<example service.version="1.3.2d" host.name="localhost">ProFTPD 1.3.2d Server localhost</example>
|
322
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
323
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
324
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
325
|
+
<param pos="1" name="service.version"/>
|
326
|
+
<param pos="2" name="host.name"/>
|
327
|
+
</fingerprint>
|
328
|
+
<fingerprint pattern="^=\(<\*>\)=-\.:\. \(\( Welcome to Pure-FTPd ([\d.]+) \)\) \.:\.-=\(<\*>\)=-" flags="REG_MULTILINE">
|
329
|
+
<description>Pure-FTPd versions <= 1.0.13 (at least as far back as 1.0.11)</description>
|
330
|
+
<example service.version="1.0.11">=(<*>)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(<*>)=-</example>
|
331
|
+
<example service.version="1.0.11">=(<*>)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(<*>)=-
|
332
|
+
more stuff</example>
|
333
|
+
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
334
|
+
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
335
|
+
<param pos="1" name="service.version"/>
|
336
|
+
</fingerprint>
|
337
|
+
<fingerprint pattern="^-{9,10}(?:.*)\s+Pure-FTPd\s+(.*)-{9,10}">
|
338
|
+
<description>Pure-FTPd versions >= 1.0.14 - Config data can be zero or more of: [privsep] [TLS]</description>
|
339
|
+
<example>---------- Welcome to Pure-FTPd ----------</example>
|
340
|
+
<example>--------- Bienvenido a Pure-FTPd [privsep] [TLS] ----------</example>
|
341
|
+
<example>--------- Pure-FTPd [privsep] ----------</example>
|
342
|
+
<example>--------- Welcome to Pure-FTPd [privsep] [TLS] ----------</example>
|
343
|
+
<example>--------- Welcome to Pure-FTPd [privsep] [TLS] ----------
|
344
|
+
more text</example>
|
345
|
+
<param pos="1" name="pureftpd.config"/>
|
346
|
+
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
347
|
+
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
348
|
+
</fingerprint>
|
349
|
+
<fingerprint pattern="^(?:Welcome to )?Pure-FTPd\.?$">
|
350
|
+
<description>Basic Pure-FTPd banner, no version</description>
|
351
|
+
<example>Welcome to Pure-FTPd</example>
|
352
|
+
<example>Pure-FTPd.</example>
|
353
|
+
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
354
|
+
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
355
|
+
</fingerprint>
|
356
|
+
<fingerprint pattern="^=\(.\*.\)=-\.:\. \(\( Welcome to PureFTPd (\d+\..+) \)\) \.:\.-=\(.\*.\)=-" flags="REG_MULTILINE">
|
357
|
+
<description>Older Pure-FTPd versions</description>
|
358
|
+
<example service.version="1.1.0">=(<*>)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(<*>)=-</example>
|
359
|
+
<example service.version="1.1.0">=(<*>)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(<*>)=-
|
360
|
+
more text</example>
|
361
|
+
<param pos="0" name="service.family" value="Pure-FTPd"/>
|
362
|
+
<param pos="0" name="service.product" value="Pure-FTPd"/>
|
363
|
+
<param pos="1" name="service.version"/>
|
364
|
+
</fingerprint>
|
365
|
+
<fingerprint pattern="^Serv-U FTP[ -]Server v(\d+\.\S+)(?: for WinSock)? ready\.*$">
|
366
|
+
<description>Serv-U (only runs on Windows)</description>
|
367
|
+
<example service.version="2.5n">Serv-U FTP-Server v2.5n for WinSock ready...</example>
|
368
|
+
<example service.version="6.0">Serv-U FTP Server v6.0 for WinSock ready</example>
|
369
|
+
<example service.version="7.2">Serv-U FTP Server v7.2 ready...</example>
|
370
|
+
<param pos="0" name="service.vendor" value="Rhino Software"/>
|
371
|
+
<param pos="0" name="service.product" value="Serv-U"/>
|
372
|
+
<param pos="0" name="service.family" value="Serv-U"/>
|
373
|
+
<param pos="1" name="service.version"/>
|
374
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
375
|
+
<param pos="0" name="os.family" value="Windows"/>
|
376
|
+
<param pos="0" name="os.product" value="Windows"/>
|
377
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
378
|
+
</fingerprint>
|
379
|
+
<fingerprint pattern="^zFTPServer v?(\S+), .*ready\.$" flags="REG_ICASE">
|
380
|
+
<description>zftpserver (only runs on Windows)</description>
|
381
|
+
<example service.version="4.0">zFTPServer v4.0, build 2008-12-24 01:41 ready.</example>
|
382
|
+
<param pos="0" name="service.vendor" value="Västgöta-Data AB"/>
|
383
|
+
<param pos="0" name="service.product" value="zFTPServer"/>
|
384
|
+
<param pos="1" name="service.version"/>
|
385
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
386
|
+
<param pos="0" name="os.family" value="Windows"/>
|
387
|
+
<param pos="0" name="os.product" value="Windows"/>
|
388
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
389
|
+
</fingerprint>
|
390
|
+
<fingerprint pattern="^\(vsFTPd (\d+\..+)\)(?: (.+))?$">
|
391
|
+
<description>vsFTPd (Very Secure FTP Daemon)</description>
|
392
|
+
<example service.version="1.1.3">(vsFTPd 1.1.3) host</example>
|
393
|
+
<example service.version="2.0.5">(vsFTPd 2.0.5)</example>
|
394
|
+
<param pos="0" name="service.family" value="vsFTPd"/>
|
395
|
+
<param pos="0" name="service.product" value="vsFTPd"/>
|
396
|
+
<param pos="1" name="service.version"/>
|
397
|
+
<param pos="2" name="host.name"/>
|
398
|
+
</fingerprint>
|
399
|
+
<fingerprint pattern="^ready, dude \(vsFTPd (\d+\..+): beat me, break me\)$">
|
400
|
+
<description>vsFTPd (Very Secure FTP Daemon) - break me variant</description>
|
401
|
+
<example service.version="1.1.0">ready, dude (vsFTPd 1.1.0: beat me, break me)</example>
|
402
|
+
<param pos="0" name="service.family" value="vsFTPd"/>
|
403
|
+
<param pos="0" name="service.product" value="vsFTPd"/>
|
404
|
+
<param pos="1" name="service.version"/>
|
405
|
+
</fingerprint>
|
406
|
+
<fingerprint pattern="^vsFTPd ([\d.]+\+ \(ext\.3\)) ready\.\.\.$">
|
407
|
+
<description>vsFTPd (Very Secure FTP Daemon) extended build (vsftpd.devnet.ru)</description>
|
408
|
+
<example service.version="2.0.4+ (ext.3)">vsFTPd 2.0.4+ (ext.3) ready...</example>
|
409
|
+
<param pos="0" name="service.family" value="vsFTPd"/>
|
410
|
+
<param pos="0" name="service.product" value="vsFTPd Extended"/>
|
411
|
+
<param pos="1" name="service.version"/>
|
412
|
+
</fingerprint>
|
413
|
+
<fingerprint pattern="^OOPS: .*vsftp.*$">
|
414
|
+
<description>vsFTPd (Very Secure FTP Daemon) error message</description>
|
415
|
+
<example>OOPS: vsftpd: root is not mounted.</example>
|
416
|
+
<example>OOPS: cannot read user list file:/etc/vsftpd.user_list</example>
|
417
|
+
<param pos="0" name="service.family" value="vsFTPd"/>
|
418
|
+
<param pos="0" name="service.product" value="vsFTPd"/>
|
419
|
+
</fingerprint>
|
420
|
+
<fingerprint pattern="^FileZilla Server(?: version)? (?:v)?(\d\.[\w.]+(?: beta)?).*$">
|
421
|
+
<description>FileZilla FTP Server</description>
|
422
|
+
<example service.version="0.9.2 beta">FileZilla Server version 0.9.2 beta</example>
|
423
|
+
<example service.version="0.9.13a beta">FileZilla Server version 0.9.13a beta</example>
|
424
|
+
<example service.version="0.9.54 beta">FileZilla Server 0.9.54 beta</example>
|
425
|
+
<example service.version="0.9.33 beta">FileZilla Server v0.9.33 beta</example>
|
426
|
+
<param pos="0" name="service.family" value="FileZilla FTP Server"/>
|
427
|
+
<param pos="0" name="service.product" value="FileZilla FTP Server"/>
|
428
|
+
<param pos="1" name="service.version"/>
|
429
|
+
</fingerprint>
|
430
|
+
<fingerprint pattern="^\s*APC FTP server ready\.$">
|
431
|
+
<description>APC device</description>
|
432
|
+
<example>APC FTP server ready.</example>
|
433
|
+
<param pos="0" name="service.vendor" value="APC"/>
|
434
|
+
<param pos="0" name="service.product" value="FTP"/>
|
435
|
+
<param pos="0" name="os.vendor" value="APC"/>
|
436
|
+
<param pos="0" name="os.device" value="Power device"/>
|
437
|
+
<param pos="0" name="hw.vendor" value="APC"/>
|
438
|
+
<param pos="0" name="hw.device" value="Power device"/>
|
439
|
+
</fingerprint>
|
440
|
+
<fingerprint pattern="^(\S+) Network Management Card AOS v(\d+\..+) FTP server ready\.$">
|
441
|
+
<description>APC power/cooling device</description>
|
442
|
+
<example service.version="3.3.4">AP7932 Network Management Card AOS v3.3.4 FTP server ready.</example>
|
443
|
+
<example os.version="3.6.1">ACRC103 Network Management Card AOS v3.6.1 FTP server ready.</example>
|
444
|
+
<example os.product="0G-9354-01">0G-9354-01 Network Management Card AOS v3.6.1 FTP server ready.</example>
|
445
|
+
<param pos="0" name="service.vendor" value="APC"/>
|
446
|
+
<param pos="0" name="service.product" value="AOS"/>
|
447
|
+
<param pos="0" name="service.family" value="AOS"/>
|
448
|
+
<param pos="2" name="service.version"/>
|
449
|
+
<param pos="0" name="os.vendor" value="APC"/>
|
450
|
+
<param pos="0" name="os.device" value="Power device"/>
|
451
|
+
<param pos="1" name="os.product"/>
|
452
|
+
<param pos="2" name="os.version"/>
|
453
|
+
<param pos="0" name="hw.vendor" value="APC"/>
|
454
|
+
<param pos="0" name="hw.device" value="Power device"/>
|
455
|
+
</fingerprint>
|
456
|
+
<fingerprint pattern="^(\S+) FTP server \(EMC-SNAS: ([^\)]+)\)(?: \S+)?$">
|
457
|
+
<description>EMC Celerra</description>
|
458
|
+
<example service.version="5.6.47.11">foo2 FTP server (EMC-SNAS: 5.6.47.11)</example>
|
459
|
+
<example service.version="5.6.50.203">foo2 FTP server (EMC-SNAS: 5.6.50.203) ready.</example>
|
460
|
+
<example service.version="5.5.31.6">foo4 FTP server (EMC-SNAS: 5.5.31.6) r</example>
|
461
|
+
<param pos="0" name="service.vendor" value="EMC"/>
|
462
|
+
<param pos="0" name="service.product" value="Celerra"/>
|
463
|
+
<param pos="2" name="service.version"/>
|
464
|
+
<param pos="0" name="os.vendor" value="EMC"/>
|
465
|
+
<param pos="0" name="os.device" value="Storage"/>
|
466
|
+
<param pos="0" name="os.product" value="Celerra"/>
|
467
|
+
<param pos="2" name="os.version"/>
|
468
|
+
<param pos="1" name="host.name"/>
|
469
|
+
<param pos="0" name="hw.vendor" value="EMC"/>
|
470
|
+
<param pos="0" name="hw.device" value="Storage"/>
|
471
|
+
<param pos="0" name="hw.product" value="Celerra"/>
|
472
|
+
</fingerprint>
|
473
|
+
<fingerprint pattern="^JD FTP Server Ready.*$">
|
474
|
+
<description>HP JetDirect printer</description>
|
475
|
+
<example>JD FTP Server Ready</example>
|
476
|
+
<example>JD FTP Server Ready.</example>
|
477
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
478
|
+
<param pos="0" name="service.product" value="JetDirect"/>
|
479
|
+
<param pos="0" name="service.family" value="JetDirect"/>
|
480
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
481
|
+
<param pos="0" name="os.device" value="Printer"/>
|
482
|
+
<param pos="0" name="os.family" value="JetDirect"/>
|
483
|
+
<param pos="0" name="os.product" value="JetDirect"/>
|
484
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
485
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
486
|
+
<param pos="0" name="hw.family" value="JetDirect"/>
|
487
|
+
<param pos="0" name="hw.product" value="JetDirect"/>
|
488
|
+
</fingerprint>
|
489
|
+
<fingerprint pattern="^Check Point FireWall-1 Secure FTP server running on (.+)$">
|
490
|
+
<description>Check Point FireWall-1</description>
|
491
|
+
<example host.name="host">Check Point FireWall-1 Secure FTP server running on host</example>
|
492
|
+
<param pos="0" name="service.vendor" value="Check Point"/>
|
493
|
+
<param pos="0" name="service.product" value="Firewall-1"/>
|
494
|
+
<param pos="0" name="service.family" value="Firewall-1"/>
|
495
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:checkpoint:firewall-1:-"/>
|
496
|
+
<param pos="0" name="os.vendor" value="Check Point"/>
|
497
|
+
<param pos="0" name="os.device" value="Firewall"/>
|
498
|
+
<param pos="0" name="os.family" value="Firewall-1"/>
|
499
|
+
<param pos="0" name="os.product" value="GAiA OS"/>
|
500
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:checkpoint:gaia_os:-"/>
|
501
|
+
<param pos="0" name="hw.vendor" value="Check Point"/>
|
502
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
503
|
+
<param pos="0" name="hw.family" value="Firewall-1"/>
|
504
|
+
<param pos="1" name="host.name"/>
|
505
|
+
</fingerprint>
|
506
|
+
<fingerprint pattern="^Blue Coat FTP Service$">
|
507
|
+
<description>Blue Coat security appliances</description>
|
508
|
+
<example>Blue Coat FTP Service</example>
|
509
|
+
<param pos="0" name="service.vendor" value="Blue Coat"/>
|
510
|
+
<param pos="0" name="service.product" value="Proxy"/>
|
511
|
+
<param pos="0" name="os.vendor" value="Blue Coat"/>
|
512
|
+
<param pos="0" name="os.device" value="Web proxy"/>
|
513
|
+
</fingerprint>
|
514
|
+
<fingerprint pattern="^---freeFTPd 1.0---warFTPd 1.65---$">
|
515
|
+
<description>Nepenthes honeypot</description>
|
516
|
+
<param pos="0" name="service.family" value="Nepenthes"/>
|
517
|
+
<param pos="0" name="service.product" value="Nepenthes"/>
|
518
|
+
</fingerprint>
|
519
|
+
<fingerprint pattern="^[^ ]+ IBM FTP CS (V1R\d+) at ([^,]*),.*">
|
520
|
+
<description>IBM z/OS FTP Service</description>
|
521
|
+
<example>SFTPD1 IBM FTP CS V1R4 at x.y.z, 21:02:19 on 2007-12-15.</example>
|
522
|
+
<param pos="0" name="service.vendor" value="IBM"/>
|
523
|
+
<param pos="0" name="service.product" value="z/OS FTP Server"/>
|
524
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
525
|
+
<param pos="0" name="os.product" value="z/OS"/>
|
526
|
+
<param pos="0" name="os.family" value="z/OS"/>
|
527
|
+
<param pos="0" name="os.device" value="Mainframe"/>
|
528
|
+
<param pos="1" name="os.version"/>
|
529
|
+
<param pos="2" name="host.name"/>
|
530
|
+
</fingerprint>
|
531
|
+
<fingerprint pattern="^FTP server \(IBM 4690 TCP/IP FTP Version 1\.0\) ready\.">
|
532
|
+
<description>IBM 4690 FTP Service</description>
|
533
|
+
<example>FTP server (IBM 4690 TCP/IP FTP Version 1.0) ready.</example>
|
534
|
+
<param pos="0" name="service.vendor" value="IBM"/>
|
535
|
+
<param pos="0" name="service.product" value="4690 FTP Server"/>
|
536
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
537
|
+
<param pos="0" name="os.product" value="4690"/>
|
538
|
+
<param pos="0" name="os.family" value="4690"/>
|
539
|
+
<param pos="0" name="os.device" value="Point of sale"/>
|
540
|
+
</fingerprint>
|
541
|
+
<fingerprint pattern="^([^ ]+) NcFTPd Server \(licensed copy\) ready\.$">
|
542
|
+
<description>NcFTPd Server
|
543
|
+
http://www.ncftp.com/ncftpd/</description>
|
544
|
+
<example>ftp.example.com NcFTPd Server (licensed copy) ready.</example>
|
545
|
+
<param pos="0" name="service.vendor" value="NcFTP Software"/>
|
546
|
+
<param pos="0" name="service.product" value="NcFTPd Server"/>
|
547
|
+
<param pos="1" name="host.name"/>
|
548
|
+
</fingerprint>
|
549
|
+
<fingerprint pattern="^(\S+) DCS-2100 FTP server ready\.$">
|
550
|
+
<description>D-Link DCS-2100 wireless internet camera</description>
|
551
|
+
<example>hostname DCS-2100 FTP server ready.</example>
|
552
|
+
<param pos="0" name="os.vendor" value="D-Link"/>
|
553
|
+
<param pos="0" name="os.product" value="DCS-2100"/>
|
554
|
+
<param pos="0" name="os.device" value="Web cam"/>
|
555
|
+
<param pos="1" name="host.name"/>
|
556
|
+
</fingerprint>
|
557
|
+
<fingerprint pattern="^Secure Gateway FTP server ready\.$">
|
558
|
+
<description>Raptor firewall</description>
|
559
|
+
<example>Secure Gateway FTP server ready.</example>
|
560
|
+
<param pos="0" name="os.vendor" value="Symantec"/>
|
561
|
+
<param pos="0" name="os.family" value="Raptor"/>
|
562
|
+
<param pos="0" name="os.product" value="Raptor"/>
|
563
|
+
<param pos="0" name="os.device" value="Firewall"/>
|
564
|
+
</fingerprint>
|
565
|
+
<fingerprint pattern="^SUN StorEdge (\S+) RAID FTP server ready\.$">
|
566
|
+
<description>Sun StorEdge disk array</description>
|
567
|
+
<example>SUN StorEdge 3511 RAID FTP server ready.</example>
|
568
|
+
<param pos="0" name="os.vendor" value="Sun"/>
|
569
|
+
<param pos="0" name="os.family" value="StorEdge"/>
|
570
|
+
<param pos="1" name="os.product"/>
|
571
|
+
<param pos="0" name="os.device" value="Storage"/>
|
572
|
+
</fingerprint>
|
573
|
+
<fingerprint pattern="(?i)^AXIS (\S+) .* Camera(?:\s+version)?\s+(\S+) .*">
|
574
|
+
<description>Axis Network Camera</description>
|
575
|
+
<example hw.product="2100" hw.version="2.43">Axis 2100 Network Camera 2.43 Nov 04 2008 ready.</example>
|
576
|
+
<example hw.product="216FD" hw.version="4.47">AXIS 216FD Network Fixed Dome Camera 4.47 (Mar 13 2008) ready.</example>
|
577
|
+
<example hw.product="214" hw.version="4.49">AXIS 214 PTZ Network Camera 4.49 (Oct 05 2009) ready</example>
|
578
|
+
<example hw.product="205" hw.version="4.05">AXIS 205 Network Camera version 4.05 (Sep 27 2004) ready.</example>
|
579
|
+
<example hw.product="233D" hw.version="4.48.4">AXIS 233D Network Dome Camera 4.48.4 (Mar 23 2010) ready.</example>
|
580
|
+
<example hw.product="P1346" hw.version="5.50beta3">AXIS P1346 Network Camera 5.50beta3 (2014) ready</example>
|
581
|
+
<param pos="0" name="hw.vendor" value="Axis"/>
|
582
|
+
<param pos="0" name="hw.device" value="Web cam"/>
|
583
|
+
<param pos="1" name="hw.product"/>
|
584
|
+
<param pos="2" name="hw.version"/>
|
585
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
586
|
+
<param pos="0" name="os.family" value="Linux"/>
|
587
|
+
<param pos="0" name="os.device" value="Web cam"/>
|
588
|
+
</fingerprint>
|
589
|
+
<fingerprint pattern="(?i)^AXIS (\S+) (?:(?:Mk II )?Video|IO Audio) (?:Encoder|Encoder Blade|Module|Server|Decoder) (\S+) .*">
|
590
|
+
<description>Axis Audio/Video encoders/servers</description>
|
591
|
+
<example hw.product="Q7406">AXIS Q7406 Video Encoder Blade 5.01 (Aug 01 2008) ready.</example>
|
592
|
+
<example hw.product="241Q">AXIS 241Q Video Server 4.47.2 (Dec 11 2008) ready.</example>
|
593
|
+
<example hw.version="5.07.2">AXIS P7701 Video Decoder 5.07.2 (Apr 20 2010) ready.</example>
|
594
|
+
<example hw.product="Q7401" hw.version="5.01">AXIS Q7401 Video Encoder 5.01 (Aug 01 2008) ready.</example>
|
595
|
+
<example hw.product="Q7401" hw.version="5.50.2_cst_412205_1">AXIS Q7401 Video Encoder 5.50.2_cst_412205_1 (2013)</example>
|
596
|
+
<example hw.product="Q7424-R" hw.version="5.51.3.1">AXIS Q7424-R Mk II Video Encoder 5.51.3.1 (2016) ready.</example>
|
597
|
+
<example hw.product="P8221" hw.version="5.10.2">AXIS P8221 IO Audio Module 5.10.2 (Nov 07 2011) ready.</example>
|
598
|
+
<param pos="0" name="hw.vendor" value="Axis"/>
|
599
|
+
<param pos="1" name="hw.product"/>
|
600
|
+
<param pos="2" name="hw.version"/>
|
601
|
+
</fingerprint>
|
602
|
+
<fingerprint pattern="(?i)^AXIS (\S+) Network Door Controller (\S+) .* ready\.?$">
|
603
|
+
<description>Axis Door Controllers</description>
|
604
|
+
<example hw.product="A1001" hw.version="1.65.1.1">AXIS A1001 Network Door Controller 1.65.1.1 (2018) ready.</example>
|
605
|
+
<param pos="0" name="hw.vendor" value="Axis"/>
|
606
|
+
<param pos="0" name="hw.device" value="Access Controller"/>
|
607
|
+
<param pos="1" name="hw.product"/>
|
608
|
+
<param pos="2" name="hw.version"/>
|
609
|
+
</fingerprint>
|
610
|
+
<fingerprint pattern="^AXIS (\S+) .*FTP Network Print Server V?([\d\.]+\S+) .* ready\.?$" flags="REG_ICASE">
|
611
|
+
<description>Axis print servers</description>
|
612
|
+
<example hw.product="5600+">AXIS 5600+ (rev 3) FTP Network Print Server V7.00 Sep 10 2004 ready.</example>
|
613
|
+
<example hw.product="560">AXIS 560 FTP Network Print Server V6.00 Jul 7 1999 ready.</example>
|
614
|
+
<example hw.version="6.30.beta2">AXIS 5470e FTP Network Print Server V6.30.beta2 Sep 25 2002 ready.</example>
|
615
|
+
<param pos="0" name="hw.vendor" value="Axis"/>
|
616
|
+
<param pos="0" name="hw.device" value="Print server"/>
|
617
|
+
<param pos="1" name="hw.product"/>
|
618
|
+
<param pos="2" name="hw.version"/>
|
619
|
+
</fingerprint>
|
620
|
+
<fingerprint pattern="^RICOH Aficio ((?:[MS]P )?\S+) FTP server \(([0-9\.a-zA-Z]+)\) ready.?$" flags="REG_ICASE">
|
621
|
+
<description>Ricoh Aficio multifunction device</description>
|
622
|
+
<example os.product="2045e">RICOH Aficio 2045e FTP server (4.12) ready.</example>
|
623
|
+
<example os.version="8.63">RICOH Aficio SP 4210N FTP server (8.63) ready.</example>
|
624
|
+
<example hw.product="MP C3000">RICOH Aficio MP C3000 FTP server (5.11) ready.</example>
|
625
|
+
<param pos="0" name="hw.vendor" value="Ricoh"/>
|
626
|
+
<param pos="0" name="hw.family" value="Aficio"/>
|
627
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
628
|
+
<param pos="1" name="hw.product"/>
|
629
|
+
<param pos="0" name="os.vendor" value="Ricoh"/>
|
630
|
+
<param pos="0" name="os.family" value="Aficio"/>
|
631
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
632
|
+
<param pos="1" name="os.product"/>
|
633
|
+
<param pos="2" name="os.version"/>
|
634
|
+
</fingerprint>
|
635
|
+
<fingerprint pattern="^NRG ((?:[MS]P )?\S+) FTP server \(([0-9\.a-zA-Z]+)\) ready.?$" flags="REG_ICASE">
|
636
|
+
<description>Ricoh NRG multifunction device</description>
|
637
|
+
<example>NRG MP C2800 FTP server (8.25) ready.</example>
|
638
|
+
<example>NRG MP 3350 FTP server (7.05) ready.</example>
|
639
|
+
<example>NRG MP C3500 FTP server (5.17) ready.</example>
|
640
|
+
<example>NRG MP 171 FTP server (9.02.1) ready.</example>
|
641
|
+
<example>NRG MP C2550 FTP server (8.25) ready.</example>
|
642
|
+
<example>NRG MP C3500 FTP server (5.19) ready.</example>
|
643
|
+
<example>NRG MP C4000 FTP server (8.30) ready.</example>
|
644
|
+
<example>NRG MP C4500 FTP server (5.14) ready.</example>
|
645
|
+
<param pos="0" name="os.vendor" value="Ricoh"/>
|
646
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
647
|
+
<param pos="1" name="os.product"/>
|
648
|
+
<param pos="2" name="os.version"/>
|
649
|
+
<param pos="0" name="hw.vendor" value="Ricoh"/>
|
650
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
651
|
+
<param pos="1" name="hw.product"/>
|
652
|
+
</fingerprint>
|
653
|
+
<fingerprint pattern="^Xerox WorkCentre ([A-Za-z0-9]+).*$" certainty="1.0">
|
654
|
+
<description>Xerox WorkCentre</description>
|
655
|
+
<example hw.product="6605DN">Xerox WorkCentre 6605DN</example>
|
656
|
+
<example hw.product="3615">Xerox WorkCentre 3615</example>
|
657
|
+
<example hw.product="6505DN">Xerox WorkCentre 6505DN</example>
|
658
|
+
<example hw.product="6505N">Xerox WorkCentre 6505N</example>
|
659
|
+
<param pos="0" name="os.vendor" value="Xerox"/>
|
660
|
+
<param pos="0" name="os.family" value="WorkCentre"/>
|
661
|
+
<param pos="0" name="os.device" value="Printer"/>
|
662
|
+
<param pos="0" name="hw.vendor" value="Xerox"/>
|
663
|
+
<param pos="0" name="hw.family" value="WorkCentre"/>
|
664
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
665
|
+
<param pos="1" name="hw.product"/>
|
666
|
+
</fingerprint>
|
667
|
+
<fingerprint pattern="^Xerox Phaser (\S+)$" certainty="1.0">
|
668
|
+
<description>Xerox Phaser Laser Printer</description>
|
669
|
+
<example>Xerox Phaser 6130N</example>
|
670
|
+
<example>Xerox Phaser 6180MFP-D</example>
|
671
|
+
<param pos="0" name="os.vendor" value="Xerox"/>
|
672
|
+
<param pos="0" name="os.family" value="Phaser"/>
|
673
|
+
<param pos="0" name="os.device" value="Printer"/>
|
674
|
+
<param pos="1" name="os.product"/>
|
675
|
+
<param pos="0" name="hw.vendor" value="Xerox"/>
|
676
|
+
<param pos="0" name="hw.family" value="Phaser"/>
|
677
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
678
|
+
<param pos="1" name="hw.product"/>
|
679
|
+
</fingerprint>
|
680
|
+
<fingerprint pattern="^XEROX (\d+) Wide Format .*$" certainty="1.0">
|
681
|
+
<description>Xerox Wide Format Series of Printers</description>
|
682
|
+
<example>XEROX 6204 Wide Format FTP server ready</example>
|
683
|
+
<param pos="0" name="os.vendor" value="Xerox"/>
|
684
|
+
<param pos="0" name="os.family" value="Wide Format"/>
|
685
|
+
<param pos="0" name="os.device" value="Printer"/>
|
686
|
+
<param pos="1" name="os.product"/>
|
687
|
+
<param pos="0" name="hw.vendor" value="Xerox"/>
|
688
|
+
<param pos="0" name="hw.family" value="Wide Format"/>
|
689
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
690
|
+
<param pos="1" name="hw.product"/>
|
691
|
+
</fingerprint>
|
692
|
+
<fingerprint pattern="^FUJI XEROX DocuPrint (.*)$" certainty="1.0">
|
693
|
+
<description>FUJI XEROX DocuPrint Series of Printers</description>
|
694
|
+
<example>FUJI XEROX DocuPrint 3055</example>
|
695
|
+
<example>FUJI XEROX DocuPrint C1190 FS</example>
|
696
|
+
<example>FUJI XEROX DocuPrint C2100</example>
|
697
|
+
<param pos="0" name="os.vendor" value="FUJI XEROX"/>
|
698
|
+
<param pos="0" name="os.family" value="DocuPrint"/>
|
699
|
+
<param pos="0" name="os.device" value="Printer"/>
|
700
|
+
<param pos="1" name="os.product"/>
|
701
|
+
</fingerprint>
|
702
|
+
<fingerprint pattern="^ET(\S{12}) Lexmark (\S+) FTP Server (\S+) ready\.?$" certainty="1.0" flags="REG_ICASE">
|
703
|
+
<description>Lexmark printer with MAC address</description>
|
704
|
+
<example host.mac="000400CEA560" hw.product="T640" os.version="NS.NP.N219">ET000400CEA560 Lexmark T640 FTP Server NS.NP.N219 ready.</example>
|
705
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
706
|
+
<param pos="0" name="os.device" value="Printer"/>
|
707
|
+
<param pos="1" name="host.mac"/>
|
708
|
+
<param pos="3" name="os.version"/>
|
709
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
710
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
711
|
+
<param pos="2" name="hw.product"/>
|
712
|
+
</fingerprint>
|
713
|
+
<fingerprint pattern="^.*Lexmark (\S+) FTP Server (\S+) ready\.?$" certainty="1.0" flags="REG_ICASE">
|
714
|
+
<description>Lexmark printer with OS version</description>
|
715
|
+
<example hw.product="T654" os.version="NR.APS.F368">ET0021718 Lexmark T654 FTP Server NR.APS.F368 ready.</example>
|
716
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
717
|
+
<param pos="0" name="os.device" value="Printer"/>
|
718
|
+
<param pos="2" name="os.version"/>
|
719
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
720
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
721
|
+
<param pos="1" name="hw.product"/>
|
722
|
+
</fingerprint>
|
723
|
+
<fingerprint pattern="^.*Lexmark (\S+) FTP Server ready\.?$" certainty="1.0" flags="REG_ICASE">
|
724
|
+
<description>Lexmark printer</description>
|
725
|
+
<example hw.product="X500">Lexmark X500 FTP server ready</example>
|
726
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
727
|
+
<param pos="0" name="os.device" value="Printer"/>
|
728
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
729
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
730
|
+
<param pos="1" name="hw.product"/>
|
731
|
+
</fingerprint>
|
732
|
+
<fingerprint pattern="^220 ECOSYS ([^\s]+) FTP server$">
|
733
|
+
<description>Kyocera Multifunction Device</description>
|
734
|
+
<example hw.product="P2135dn">220 ECOSYS P2135dn FTP server</example>
|
735
|
+
<param pos="0" name="os.vendor" value="Kyocera"/>
|
736
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
737
|
+
<param pos="0" name="hw.vendor" value="Kyocera"/>
|
738
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
739
|
+
<param pos="1" name="hw.product"/>
|
740
|
+
</fingerprint>
|
741
|
+
<fingerprint pattern="^(?:Tornado-)?VxWorks \((?:VxWorks)?([^\)]+)\) FTP server(?: ready)?\.?$" flags="REG_ICASE">
|
742
|
+
<description>VxWorks with version information</description>
|
743
|
+
<example os.version="5.3.1">VxWorks (5.3.1) FTP server ready</example>
|
744
|
+
<example os.version="5.5.1">VxWorks (VxWorks5.5.1) FTP server ready</example>
|
745
|
+
<example os.version="5.5.1">Tornado-vxWorks (VxWorks5.5.1) FTP server</example>
|
746
|
+
<example os.version="5.4.2">VxWorks (5.4.2) FTP server ready.</example>
|
747
|
+
<param pos="0" name="os.vendor" value="Wind River"/>
|
748
|
+
<param pos="0" name="os.product" value="VxWorks"/>
|
749
|
+
<param pos="1" name="os.version"/>
|
750
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
|
751
|
+
</fingerprint>
|
752
|
+
<fingerprint pattern="^Tornado-vxWorks FTP server ready$" flags="REG_ICASE">
|
753
|
+
<description>VxWorks without version information</description>
|
754
|
+
<example>Tornado-vxWorks FTP server ready</example>
|
755
|
+
<param pos="0" name="os.vendor" value="Wind River"/>
|
756
|
+
<param pos="0" name="os.product" value="VxWorks"/>
|
757
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-"/>
|
758
|
+
</fingerprint>
|
759
|
+
<fingerprint pattern="^[\w\-\.]* FTP server \((?:VxWorks\s?)+([\d\.]+)\) ready.$" flags="REG_ICASE">
|
760
|
+
<description>VxWorks 6 with version information</description>
|
761
|
+
<example os.version="6.6">NanoDAC FTP server (VxWorks VxWorks 6.6) ready.</example>
|
762
|
+
<example os.version="6.4">BVS-MR-BSC2 FTP server (VxWorks 6.4) ready.</example>
|
763
|
+
<param pos="0" name="os.vendor" value="Wind River"/>
|
764
|
+
<param pos="0" name="os.product" value="VxWorks"/>
|
765
|
+
<param pos="1" name="os.version"/>
|
766
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-{os.version}"/>
|
767
|
+
</fingerprint>
|
768
|
+
<fingerprint pattern="^[\w<>]+\s*Tenor Multipath Switch FTP server \(Version VxWorks([\d\.]+)\) ready\.$" flags="REG_ICASE">
|
769
|
+
<description>VxWorks on Tenor MultiPath with version information</description>
|
770
|
+
<example os.version="5.4.2"><![CDATA[<38785ca0> Tenor Multipath Switch FTP server (Version VxWorks5.4.2) ready.]]></example>
|
771
|
+
<param pos="0" name="os.vendor" value="Wind River"/>
|
772
|
+
<param pos="0" name="os.product" value="VxWorks"/>
|
773
|
+
<param pos="1" name="os.version"/>
|
774
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-{os.version}"/>
|
775
|
+
</fingerprint>
|
776
|
+
<fingerprint pattern="^VxWorks FTP server \(VxWorks ([\d\.]+) - Secure NetLinx version \([\d\.]+\)\) ready.$">
|
777
|
+
<description>VxWorks with Secure NetLinx</description>
|
778
|
+
<example os.version="5.3.1">VxWorks FTP server (VxWorks 5.3.1 - Secure NetLinx version (1.0)) ready.</example>
|
779
|
+
<param pos="0" name="os.vendor" value="Wind River"/>
|
780
|
+
<param pos="0" name="os.product" value="VxWorks"/>
|
781
|
+
<param pos="1" name="os.version"/>
|
782
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:-{os.version}"/>
|
783
|
+
</fingerprint>
|
784
|
+
<fingerprint pattern="^ADC iScale$">
|
785
|
+
<description>ADC iScale</description>
|
786
|
+
<example>ADC iScale</example>
|
787
|
+
<param pos="0" name="service.vendor" value="ADC"/>
|
788
|
+
<param pos="0" name="service.product" value="iScale"/>
|
789
|
+
<param pos="0" name="os.vendor" value="ADC"/>
|
790
|
+
<param pos="0" name="os.product" value="iScale"/>
|
791
|
+
</fingerprint>
|
792
|
+
<fingerprint pattern="^TASKalfa (\d+c?i) FTP server" certainty="1.0">
|
793
|
+
<description>Taskalfa Series of Printers</description>
|
794
|
+
<example>TASKalfa 300ci FTP server</example>
|
795
|
+
<example>TASKalfa 520i FTP server</example>
|
796
|
+
<param pos="0" name="os.vendor" value="Kyocera"/>
|
797
|
+
<param pos="0" name="os.family" value="TASKalfa"/>
|
798
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
799
|
+
<param pos="1" name="os.product"/>
|
800
|
+
<param pos="0" name="hw.vendor" value="Kyocera"/>
|
801
|
+
<param pos="0" name="hw.family" value="TASKalfa"/>
|
802
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
803
|
+
<param pos="1" name="hw.product"/>
|
804
|
+
</fingerprint>
|
805
|
+
<fingerprint pattern="^SAVIN (\S+) FTP server \((.*)\) ready.$" certainty="1.0">
|
806
|
+
<description>SAVIN Printer FTP Server</description>
|
807
|
+
<example os.product="4075">SAVIN 4075 FTP server (4.08) ready.</example>
|
808
|
+
<example hw.product="9025">SAVIN 9025 FTP server (7.23) ready.</example>
|
809
|
+
<example os.version="7.30">SAVIN 9050 FTP server (7.30) ready.</example>
|
810
|
+
<example os.version="9.03">SAVIN 917 FTP server (9.03) ready.</example>
|
811
|
+
<example>SAVIN 917 FTP server (9.05.2) ready.</example>
|
812
|
+
<example>SAVIN C2525 FTP server (5.14) ready.</example>
|
813
|
+
<example>SAVIN C3528 FTP server (4.08.3) ready.</example>
|
814
|
+
<example>SAVIN C3528 FTP server (4.17) ready.</example>
|
815
|
+
<example>SAVIN C6055 FTP server (7.16) ready.</example>
|
816
|
+
<example>SAVIN C9145 FTP server (10.51) ready.</example>
|
817
|
+
<param pos="0" name="os.vendor" value="Savin"/>
|
818
|
+
<param pos="0" name="os.device" value="Printer"/>
|
819
|
+
<param pos="1" name="os.product"/>
|
820
|
+
<param pos="2" name="os.version"/>
|
821
|
+
<param pos="0" name="hw.vendor" value="Savin"/>
|
822
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
823
|
+
<param pos="1" name="hw.product"/>
|
824
|
+
</fingerprint>
|
825
|
+
<fingerprint pattern="^Oce (im\d+) Ver (\S+) FTP server\.$" certainty="1.0">
|
826
|
+
<description>OCE IM series Printer</description>
|
827
|
+
<example>Oce im4512 Ver 01.04.00.0c FTP server.</example>
|
828
|
+
<example>Oce im3512 Ver 01.04.00.0c FTP server.</example>
|
829
|
+
<param pos="0" name="os.vendor" value="Oce"/>
|
830
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
831
|
+
<param pos="0" name="os.family" value="IM Series"/>
|
832
|
+
<param pos="1" name="os.product"/>
|
833
|
+
<param pos="2" name="os.version"/>
|
834
|
+
</fingerprint>
|
835
|
+
<fingerprint pattern="^Oce (Plotwave\d+) FTP Service \(Version (\S+)\)\.$" certainty="1.0">
|
836
|
+
<description>OCE Printer</description>
|
837
|
+
<example>Oce Plotwave300 FTP Service (Version 4.5.7).</example>
|
838
|
+
<param pos="0" name="os.vendor" value="Oce"/>
|
839
|
+
<param pos="0" name="os.device" value="Printer"/>
|
840
|
+
<param pos="0" name="os.family" value="Plotwave Series"/>
|
841
|
+
<param pos="1" name="os.product"/>
|
842
|
+
<param pos="2" name="os.version"/>
|
843
|
+
</fingerprint>
|
844
|
+
<fingerprint pattern="^LinkCom Xpress (.*) FTP version ([\d\.]+) ready$" certainty="1.0">
|
845
|
+
<description>MPI Technologies Linkcom Express FTP Server with os version</description>
|
846
|
+
<example hw.product="10/100 +IPDS" os.version="1.0">LinkCom Xpress 10/100 +IPDS FTP version 1.0 ready</example>
|
847
|
+
<param pos="0" name="hw.vendor" value="MPI Technologies"/>
|
848
|
+
<param pos="0" name="hw.family" value="LinkCom Xpress"/>
|
849
|
+
<param pos="0" name="hw.device" value="Print server"/>
|
850
|
+
<param pos="1" name="hw.product"/>
|
851
|
+
<param pos="2" name="os.version"/>
|
852
|
+
</fingerprint>
|
853
|
+
<fingerprint pattern="^LinkCom Xpress (.*)$" certainty="1.0">
|
854
|
+
<description>MPI Technologies Linkcom Express FTP Server</description>
|
855
|
+
<example hw.product="EIO PRO 10">LinkCom Xpress EIO PRO 10</example>
|
856
|
+
<param pos="0" name="hw.vendor" value="MPI Technologies"/>
|
857
|
+
<param pos="0" name="hw.family" value="LinkCom Xpress"/>
|
858
|
+
<param pos="0" name="hw.device" value="Print server"/>
|
859
|
+
<param pos="1" name="hw.product"/>
|
860
|
+
</fingerprint>
|
861
|
+
<fingerprint pattern="^LXKE\S+ IBM Infoprint (\d+) FTP Server (\d+\.\d+\.\d+) ready.$" certainty="1.0">
|
862
|
+
<description>IBM Infoprint FTP</description>
|
863
|
+
<example>LXKE82124 IBM Infoprint 1332 FTP Server 55.10.21 ready.</example>
|
864
|
+
<example>LXKE8255D IBM Infoprint 1332 FTP Server 55.10.21 ready.</example>
|
865
|
+
<example>LXKE825A0 IBM Infoprint 1332 FTP Server 55.10.21 ready.</example>
|
866
|
+
<example>LXKE93276 IBM Infoprint 1332 FTP Server 55.10.19 ready.</example>
|
867
|
+
<param pos="0" name="os.vendor" value="Ricoh"/>
|
868
|
+
<param pos="0" name="os.family" value="Infoprint"/>
|
869
|
+
<param pos="0" name="os.device" value="Printer"/>
|
870
|
+
<param pos="1" name="os.product"/>
|
871
|
+
<param pos="2" name="os.version"/>
|
872
|
+
</fingerprint>
|
873
|
+
<fingerprint pattern="^(Gestetner \S+(?: \S+)?) FTP server \((.*)\)" certainty="1.0">
|
874
|
+
<description>Gestetner Printer FTP</description>
|
875
|
+
<example os.product="Gestetner MP5500/DSm755" os.version="5.11c">Gestetner MP5500/DSm755 FTP server (5.11c) ready.</example>
|
876
|
+
<example os.product="Gestetner MP C4502" os.version="11.77">Gestetner MP C4502 FTP server (11.77) ready.</example>
|
877
|
+
<example>Gestetner MP 161/DSm416 FTP server (6.11) ready. </example>
|
878
|
+
<example>Gestetner 3502 FTP server (1.66.1) ready</example>
|
879
|
+
<example>Gestetner C7526dn FTP server (6.05.1) ready.</example>
|
880
|
+
<param pos="0" name="os.vendor" value="Ricoh"/>
|
881
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
882
|
+
<param pos="1" name="os.product"/>
|
883
|
+
<param pos="2" name="os.version"/>
|
884
|
+
</fingerprint>
|
885
|
+
<fingerprint pattern="^(Gestetner \S+)$" certainty="1.0">
|
886
|
+
<description>Gestetner Printer FTP - short banner</description>
|
887
|
+
<example>Gestetner MPC2500</example>
|
888
|
+
<param pos="0" name="os.vendor" value="Ricoh"/>
|
889
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
890
|
+
<param pos="1" name="os.product"/>
|
891
|
+
</fingerprint>
|
892
|
+
<fingerprint pattern="^EUFSALE MarkNet (\S+) FTP Server (\d+\.\d+\.\d+) ready.$" certainty="1.0">
|
893
|
+
<description>Lexmark Marknet Printers FTP</description>
|
894
|
+
<example>EUFSALE MarkNet X2011e FTP Server 4.20.21 ready.</example>
|
895
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
896
|
+
<param pos="0" name="os.family" value="MarkNet"/>
|
897
|
+
<param pos="0" name="os.device" value="Print server"/>
|
898
|
+
<param pos="1" name="os.product"/>
|
899
|
+
<param pos="2" name="os.version"/>
|
900
|
+
</fingerprint>
|
901
|
+
<fingerprint pattern="^ET(\S+) Source Technologies (ST-96\S+) FTP Server (\S+) ready\.?$">
|
902
|
+
<description>Source Technologies ST9600 Series Secure Printer</description>
|
903
|
+
<example>ET0021B730F70E Source Technologies ST-9620 FTP Server NJ.APS.N254e ready.</example>
|
904
|
+
<example>ET0021B7549AF2 Source Technologies ST-9620 FTP Server NR.APS.N447b2 ready.</example>
|
905
|
+
<example>ET0021B7300F01 Source Technologies ST-9620 FTP Server NJ.APS.N254e ready.</example>
|
906
|
+
<param pos="0" name="os.vendor" value="Source Technologies"/>
|
907
|
+
<param pos="0" name="os.family" value="ST9600 Series"/>
|
908
|
+
<param pos="0" name="os.device" value="Printer"/>
|
909
|
+
<param pos="1" name="host.mac"/>
|
910
|
+
<param pos="2" name="os.product"/>
|
911
|
+
<param pos="3" name="os.version"/>
|
912
|
+
</fingerprint>
|
913
|
+
<fingerprint pattern="^ET(\S+) (Pro\d+) Series FTP Server ready\.$" certainty="1.0">
|
914
|
+
<description>Lexmark ProXXX Series of Printers</description>
|
915
|
+
<example host.mac="0020007E4D2A" hw.product="Pro700">ET0020007E4D2A Pro700 Series FTP Server ready.</example>
|
916
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
917
|
+
<param pos="0" name="os.device" value="Printer"/>
|
918
|
+
<param pos="0" name="os.family" value="Pro Series"/>
|
919
|
+
<param pos="1" name="host.mac"/>
|
920
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
921
|
+
<param pos="0" name="hw.family" value="Pro Series"/>
|
922
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
923
|
+
<param pos="2" name="hw.product"/>
|
924
|
+
</fingerprint>
|
925
|
+
<fingerprint pattern="^ET(\S+) Lexmark Forms Printer (\d+) Ethernet FTP Server (\S+) ready\.$" certainty="1.0">
|
926
|
+
<description>Lexmark Forms Printer</description>
|
927
|
+
<example os.product="2590">ET0020004F54EE Lexmark Forms Printer 2590 Ethernet FTP Server LCL.CU.P012c ready.</example>
|
928
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
929
|
+
<param pos="0" name="os.family" value="Forms Printer"/>
|
930
|
+
<param pos="0" name="os.device" value="Printer"/>
|
931
|
+
<param pos="1" name="host.mac"/>
|
932
|
+
<param pos="2" name="os.product"/>
|
933
|
+
<param pos="3" name="os.version"/>
|
934
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
935
|
+
<param pos="0" name="hw.family" value="Forms Printer"/>
|
936
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
937
|
+
<param pos="2" name="hw.product"/>
|
938
|
+
</fingerprint>
|
939
|
+
<fingerprint pattern="^ET(\S+) TOSHIBA e-STUDIO500S FTP Server (\S+) ready\.$" certainty="1.0">
|
940
|
+
<description>Toshiba e-STUDIO Printer with MAC address</description>
|
941
|
+
<example os.version="NC2.NPS.N221">ET0004001E9C00 TOSHIBA e-STUDIO500S FTP Server NC2.NPS.N221 ready.</example>
|
942
|
+
<example host.mac="00040089BE42">ET00040089BE42 TOSHIBA e-STUDIO500S FTP Server NC2.NPS.N211 ready.</example>
|
943
|
+
<param pos="0" name="os.vendor" value="Toshiba"/>
|
944
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
945
|
+
<param pos="0" name="os.product" value="e-STUDIO"/>
|
946
|
+
<param pos="1" name="host.mac"/>
|
947
|
+
<param pos="2" name="os.version"/>
|
948
|
+
<param pos="0" name="hw.vendor" value="Toshiba"/>
|
949
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
950
|
+
<param pos="0" name="hw.product" value="e-STUDIO"/>
|
951
|
+
</fingerprint>
|
952
|
+
<fingerprint pattern="^\S+ TOSHIBA e-STUDIO500S FTP Server (\S+) ready\.$" certainty="1.0">
|
953
|
+
<description>Toshiba e-STUDIO Printer</description>
|
954
|
+
<example os.version="NC2.NPS.N211">JHBPRN13 TOSHIBA e-STUDIO500S FTP Server NC2.NPS.N211 ready.</example>
|
955
|
+
<param pos="0" name="os.vendor" value="Toshiba"/>
|
956
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
957
|
+
<param pos="0" name="os.product" value="e-STUDIO"/>
|
958
|
+
<param pos="1" name="os.version"/>
|
959
|
+
<param pos="0" name="hw.vendor" value="Toshiba"/>
|
960
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
961
|
+
<param pos="0" name="hw.product" value="e-STUDIO"/>
|
962
|
+
</fingerprint>
|
963
|
+
<fingerprint pattern="^.*Lexmark Optra (\S+) FTP Server (\S+) ready\.$" certainty="1.0">
|
964
|
+
<description>Lexmark Optra Printer</description>
|
965
|
+
<example os.product="T612">lex142785470853 Lexmark Optra T612 FTP Server 3.20.30 ready.</example>
|
966
|
+
<example os.version="3.20.20">oppr1.s02504.us Lexmark Optra T610 FTP Server 3.20.20 ready.</example>
|
967
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
968
|
+
<param pos="0" name="os.family" value="Optra"/>
|
969
|
+
<param pos="0" name="os.device" value="Printer"/>
|
970
|
+
<param pos="1" name="os.product"/>
|
971
|
+
<param pos="2" name="os.version"/>
|
972
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
973
|
+
<param pos="0" name="hw.family" value="Optra"/>
|
974
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
975
|
+
<param pos="1" name="hw.product"/>
|
976
|
+
</fingerprint>
|
977
|
+
<fingerprint pattern="^SHARP (MX-\S+) Ver (\S+) FTP server\.$" certainty="1.0">
|
978
|
+
<description>Sharp Printer/Copier/Scanne</description>
|
979
|
+
<example os.product="MX-6200N" os.version="01.02.00.0e">SHARP MX-6200N Ver 01.02.00.0e FTP server.</example>
|
980
|
+
<example>SHARP MX-M363N Ver 01.05.00.0k FTP server.</example>
|
981
|
+
<example>SHARP MX-M363N Ver 01.05.00.1k FTP server.</example>
|
982
|
+
<example>SHARP MX-5001N Ver 01.05.00.0n FTP server.</example>
|
983
|
+
<example>SHARP MX-5500N Ver 01.02.00.09 FTP server.</example>
|
984
|
+
<example>SHARP MX-M453N Ver 01.05.00.0k FTP server.</example>
|
985
|
+
<example>SHARP MX-M503N Ver 01.05.00.1k FTP server.</example>
|
986
|
+
<example>SHARP MX-M620U Ver 01.03.00 FTP server.</example>
|
987
|
+
<example>SHARP MX-M620U Ver 01.04.00.04 FTP server.</example>
|
988
|
+
<param pos="0" name="os.vendor" value="Sharp"/>
|
989
|
+
<param pos="0" name="os.device" value="Printer"/>
|
990
|
+
<param pos="0" name="os.family" value="MX Series"/>
|
991
|
+
<param pos="1" name="os.product"/>
|
992
|
+
<param pos="2" name="os.version"/>
|
993
|
+
<param pos="0" name="hw.vendor" value="Sharp"/>
|
994
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
995
|
+
<param pos="0" name="hw.family" value="MX Series"/>
|
996
|
+
<param pos="1" name="hw.product"/>
|
997
|
+
</fingerprint>
|
998
|
+
<fingerprint pattern="^(FS-\S+MFP\S*?) FTP server\.?$" certainty="1.0">
|
999
|
+
<description>Kyocera Printer with version string</description>
|
1000
|
+
<example os.product="FS-C2126MFP">FS-C2126MFP FTP server</example>
|
1001
|
+
<example hw.product="FS-C2026MFP+">FS-C2026MFP+ FTP server</example>
|
1002
|
+
<example hw.product="FS-1128MFP">FS-1128MFP FTP server</example>
|
1003
|
+
<param pos="0" name="os.vendor" value="Kyocera"/>
|
1004
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
1005
|
+
<param pos="1" name="os.product"/>
|
1006
|
+
<param pos="0" name="hw.vendor" value="Kyocera"/>
|
1007
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
1008
|
+
<param pos="1" name="hw.product"/>
|
1009
|
+
</fingerprint>
|
1010
|
+
<fingerprint pattern="^(FS-\S+(?:DN|D|N)) FTP server\.?$" certainty="1.0">
|
1011
|
+
<description>Kyocera Printer</description>
|
1012
|
+
<example os.product="FS-1370DN">FS-1370DN FTP server</example>
|
1013
|
+
<example hw.product="FS-C5015N">FS-C5015N FTP server.</example>
|
1014
|
+
<param pos="0" name="os.vendor" value="Kyocera"/>
|
1015
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1016
|
+
<param pos="0" name="os.family" value="FS"/>
|
1017
|
+
<param pos="1" name="os.product"/>
|
1018
|
+
<param pos="0" name="hw.vendor" value="Kyocera"/>
|
1019
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
1020
|
+
<param pos="0" name="hw.family" value="FS"/>
|
1021
|
+
<param pos="1" name="hw.product"/>
|
1022
|
+
</fingerprint>
|
1023
|
+
<fingerprint pattern="^(ESI-\S+) Version (\S+) ready\.$" certainty="1.0">
|
1024
|
+
<description>Extended Systems ExtendNet Print Server</description>
|
1025
|
+
<example os.product="ESI-2941B">ESI-2941B Version 6.34 ready.</example>
|
1026
|
+
<example os.version="6.03">ESI-2941A Version 6.03 ready.</example>
|
1027
|
+
<example hw.product="ESI-2933A">ESI-2933A Version 6.40 ready.</example>
|
1028
|
+
<example>ESI-2831 Version 2.1 ready.</example>
|
1029
|
+
<example>ESI-2833A Version 6.3 ready.</example>
|
1030
|
+
<example>ESI-2900A Version 6.31 ready.</example>
|
1031
|
+
<example>ESI-2841B Version 3.01 ready.</example>
|
1032
|
+
<example>ESI-2841C Version 5.09e ready.</example>
|
1033
|
+
<example>ESI-2933A Version 6.40a.05 ready.</example>
|
1034
|
+
<example>ESI-2999A Version 6.30a.07 ready.</example>
|
1035
|
+
<param pos="0" name="os.vendor" value="Sybase"/>
|
1036
|
+
<param pos="0" name="os.family" value="Extended Systems ExtendNet"/>
|
1037
|
+
<param pos="0" name="os.device" value="Print server"/>
|
1038
|
+
<param pos="1" name="os.product"/>
|
1039
|
+
<param pos="2" name="os.version"/>
|
1040
|
+
<param pos="0" name="hw.family" value="Extended Systems ExtendNet"/>
|
1041
|
+
<param pos="0" name="hw.device" value="Print server"/>
|
1042
|
+
<param pos="1" name="hw.product"/>
|
1043
|
+
</fingerprint>
|
1044
|
+
<fingerprint pattern="^SATO SATO PRINTER Ver (\S+) FTP server\.$" certainty="1.0">
|
1045
|
+
<description>SATO Printer</description>
|
1046
|
+
<example os.version="A1.2.3">SATO SATO PRINTER Ver A1.2.3 FTP server.</example>
|
1047
|
+
<example>SATO SATO PRINTER Ver A2.3.0 FTP server.</example>
|
1048
|
+
<param pos="0" name="os.vendor" value="SATO"/>
|
1049
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1050
|
+
<param pos="1" name="os.version"/>
|
1051
|
+
<param pos="0" name="hw.vendor" value="SATO"/>
|
1052
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
1053
|
+
</fingerprint>
|
1054
|
+
<fingerprint pattern="^Printer FTP (\d+\.\d+\.\d+) ready at (\w{3} \d{2} \d{2}:\d{2}:\d{2})$" certainty="1.0">
|
1055
|
+
<description>AMTDatasouth Fastmark M5</description>
|
1056
|
+
<example os.version="4.8.7">Printer FTP 4.8.7 ready at Apr 30 20:13:23</example>
|
1057
|
+
<example system.time="Aug 31 16:43:22">Printer FTP 4.8.7 ready at Aug 31 16:43:22</example>
|
1058
|
+
<example>Printer FTP 4.8.7 ready at Feb 28 11:27:46</example>
|
1059
|
+
<example>Printer FTP 4.8.7 ready at Jan 31 00:40:04</example>
|
1060
|
+
<example>Printer FTP 4.8.7 ready at Mar 31 06:28:25</example>
|
1061
|
+
<param pos="0" name="os.vendor" value="AMTDatasouth"/>
|
1062
|
+
<param pos="0" name="os.product" value="Fastmark M5"/>
|
1063
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1064
|
+
<param pos="1" name="os.version"/>
|
1065
|
+
<param pos="0" name="system.time.format" value="MMM dd HH:mm:ss"/>
|
1066
|
+
<param pos="2" name="system.time"/>
|
1067
|
+
<param pos="0" name="hw.vendor" value="AMTDatasouth"/>
|
1068
|
+
<param pos="0" name="hw.product" value="Fastmark M5"/>
|
1069
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
1070
|
+
</fingerprint>
|
1071
|
+
<fingerprint pattern="^EFI FTP Print server ready\.$" certainty="0.8">
|
1072
|
+
<description>EFI FTP Print Server</description>
|
1073
|
+
<example>EFI FTP Print server ready.</example>
|
1074
|
+
<param pos="0" name="service.vendor" value="EFI"/>
|
1075
|
+
<param pos="0" name="service.product" value="Fiery Print Server"/>
|
1076
|
+
<param pos="0" name="os.vendor" value="EFI"/>
|
1077
|
+
<param pos="0" name="os.product" value="Fiery Print Server"/>
|
1078
|
+
<param pos="0" name="os.device" value="Print server"/>
|
1079
|
+
</fingerprint>
|
1080
|
+
<!-- Conjectured based on known MX FTP fingerprints -->
|
1081
|
+
<fingerprint pattern="^SHARP (AR-\S+) Ver (\S+) FTP server">
|
1082
|
+
<description>Sharp AR Series multifunction device</description>
|
1083
|
+
<example os.product="AR-M450">SHARP AR-M450 Ver 01.05.00.0k FTP server.</example>
|
1084
|
+
<param pos="0" name="os.vendor" value="Sharp"/>
|
1085
|
+
<param pos="0" name="os.device" value="Multifunction Device"/>
|
1086
|
+
<param pos="0" name="os.family" value="AR Series"/>
|
1087
|
+
<param pos="1" name="os.product"/>
|
1088
|
+
<param pos="2" name="os.version"/>
|
1089
|
+
<param pos="0" name="hw.vendor" value="Sharp"/>
|
1090
|
+
<param pos="0" name="hw.device" value="Multifunction Device"/>
|
1091
|
+
<param pos="0" name="hw.family" value="AR Series"/>
|
1092
|
+
<param pos="1" name="hw.product"/>
|
1093
|
+
</fingerprint>
|
1094
|
+
<fingerprint pattern="^KONICA MINOLTA FTP server ready\.?$">
|
1095
|
+
<description>Konica Minolta FTP Server - w/o version</description>
|
1096
|
+
<example>KONICA MINOLTA FTP server ready.</example>
|
1097
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1098
|
+
<param pos="0" name="os.vendor" value="Konica Minolta"/>
|
1099
|
+
<param pos="0" name="os.product" value="Printer"/>
|
1100
|
+
<param pos="0" name="service.vendor" value="Konica Minolta"/>
|
1101
|
+
<param pos="0" name="service.product" value="KM FTPD"/>
|
1102
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
1103
|
+
<param pos="0" name="hw.vendor" value="Konica Minolta"/>
|
1104
|
+
<param pos="0" name="hw.product" value="Printer"/>
|
1105
|
+
</fingerprint>
|
1106
|
+
<fingerprint pattern="^(KM\S+) FTP server \(KM FTPD version (\d*(?:\.\d*))\) ready\.?$">
|
1107
|
+
<description>Konica Minolta FTP Server</description>
|
1108
|
+
<example os.product="KM23BC97" service.version="1.00">KM23BC97 FTP server (KM FTPD version 1.00) ready.</example>
|
1109
|
+
<example>KM23BF0A FTP server (KM FTPD version 1.00) ready.</example>
|
1110
|
+
<example>KM23CBDB FTP server (KM FTPD version 1.00) ready.</example>
|
1111
|
+
<example>KM23E608 FTP server (KM FTPD version 1.00) ready.</example>
|
1112
|
+
<example>KM23E8A2 FTP server (KM FTPD version 1.00) ready.</example>
|
1113
|
+
<example>KM25015E FTP server (KM FTPD version 1.00) ready.</example>
|
1114
|
+
<example>KM250E38 FTP server (KM FTPD version 1.00) ready.</example>
|
1115
|
+
<example>KM251A4C FTP server (KM FTPD version 1.00) ready.</example>
|
1116
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1117
|
+
<param pos="0" name="os.vendor" value="Konica Minolta"/>
|
1118
|
+
<param pos="1" name="os.product"/>
|
1119
|
+
<param pos="0" name="service.vendor" value="Konica Minolta"/>
|
1120
|
+
<param pos="0" name="service.product" value="KM FTPD"/>
|
1121
|
+
<param pos="2" name="service.version"/>
|
1122
|
+
</fingerprint>
|
1123
|
+
<fingerprint pattern="^(ZBR-\d+) Version (\S+) ready\.?$">
|
1124
|
+
<description>ZebraNet Print Server FTP</description>
|
1125
|
+
<example os.product="ZBR-46686">ZBR-46686 Version 7.02 ready.</example>
|
1126
|
+
<example os.version="V56.17.5Z">ZBR-79071 Version V56.17.5Z ready.</example>
|
1127
|
+
<example os.version="7.02">ZBR-46687 Version 7.02 ready.</example>
|
1128
|
+
<param pos="0" name="os.vendor" value="ZebraNet"/>
|
1129
|
+
<param pos="0" name="os.device" value="Print server"/>
|
1130
|
+
<param pos="1" name="os.product"/>
|
1131
|
+
<param pos="2" name="os.version"/>
|
1132
|
+
<param pos="0" name="hw.vendor" value="ZebraNet"/>
|
1133
|
+
<param pos="0" name="hw.device" value="Print server"/>
|
1134
|
+
<param pos="1" name="hw.product"/>
|
1135
|
+
</fingerprint>
|
1136
|
+
<fingerprint pattern="^(ET(\S+)) Dell (\S+ Laser Printer) FTP Server">
|
1137
|
+
<description>Dell Laser Printer</description>
|
1138
|
+
<example host.name="ET0021B71A1111" host.mac="0021B71A1111" hw.product="2350dn Laser Printer">ET0021B71A1111 Dell 2350dn Laser Printer FTP Server NR.APS.N449 ready.</example>
|
1139
|
+
<param pos="0" name="os.vendor" value="Dell"/>
|
1140
|
+
<param pos="0" name="os.device" value="Printer"/>
|
1141
|
+
<param pos="0" name="hw.vendor" value="Dell"/>
|
1142
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
1143
|
+
<param pos="1" name="host.name"/>
|
1144
|
+
<param pos="2" name="host.mac"/>
|
1145
|
+
<param pos="3" name="hw.product"/>
|
1146
|
+
</fingerprint>
|
1147
|
+
<fingerprint pattern="^(\S+) FTP server \(Version \S+ \w+ \w+ \d{1,2} \d{1,2}:\d{1,2}:\d{1,2} [A-Z]+ (?:1|2)\d{3}\) ready\.?$">
|
1148
|
+
<description>Generic/unknown FTP Server found on HP-UX and AIX systems</description>
|
1149
|
+
<example host.name="host.example.com">host.example.com FTP server (Version 4.1 Sat Sep 7 14:31:53 CDT 2002) ready.</example>
|
1150
|
+
<example host.name="host.example.com">host.example.com FTP server (Version 5.3 Sat Jan 10 14:01:03 CDT 2012) ready</example>
|
1151
|
+
<param pos="1" name="host.name"/>
|
1152
|
+
</fingerprint>
|
1153
|
+
<fingerprint pattern="^Welcome to the (?:Cisco )?(?:TelePresence) ([a-zA-Z\s]*?) ((?:MSE )?\d+), version (\d+.\d+\(\d+.\d+\)).*?" flags="REG_ICASE">
|
1154
|
+
<description>Cisco TelePresence</description>
|
1155
|
+
<example hw.series="AM GW" os.version="1.1(1.34)" hw.model="3610">Welcome to the Cisco TelePresence AM GW 3610, version 1.1(1.34) </example>
|
1156
|
+
<example hw.series="IP GW" os.version="2.0(3.32)" hw.model="3510">Welcome to the Cisco TelePresence IP GW 3510, version 2.0(3.32) </example>
|
1157
|
+
<example hw.series="MCU" os.version="4.3(2.18)" hw.model="4210">Welcome to the Cisco TelePresence MCU 4210, version 4.3(2.18) </example>
|
1158
|
+
<example hw.series="MCU" os.version="4.3(1.68)" hw.model="MSE 8420">Welcome to the Cisco TelePresence MCU MSE 8420, version 4.3(1.68) </example>
|
1159
|
+
<example hw.series="Server" os.version="2.1(1.18)" hw.model="7010">Welcome to the Telepresence Server 7010, version 2.1(1.18) </example>
|
1160
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
1161
|
+
<param pos="0" name="os.product" value="TelePresence"/>
|
1162
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
1163
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
1164
|
+
<param pos="1" name="hw.series"/>
|
1165
|
+
<param pos="2" name="hw.model"/>
|
1166
|
+
<param pos="3" name="os.version"/>
|
1167
|
+
</fingerprint>
|
1168
|
+
<fingerprint pattern="^(\S+) FTP server \((?:HP|Compaq) Tru64 UNIX Version (\S+)\) ready\.?$">
|
1169
|
+
<description>Digital/Compaq/HP Tru64 Unix</description>
|
1170
|
+
<example host.name="example.com" os.version="5.60">example.com FTP server (Compaq Tru64 UNIX Version 5.60) ready.</example>
|
1171
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
1172
|
+
<param pos="0" name="os.family" value="Unix"/>
|
1173
|
+
<param pos="0" name="os.product" value="Tru64 Unix"/>
|
1174
|
+
<param pos="1" name="host.name"/>
|
1175
|
+
<param pos="2" name="os.version"/>
|
1176
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:{os.version}"/>
|
1177
|
+
</fingerprint>
|
1178
|
+
<fingerprint pattern="^(\S+) FTP server \(Digital UNIX Version (\S+)\) ready\.?$">
|
1179
|
+
<description>Digital/Compaq/HP Tru64 Unix w/o branding</description>
|
1180
|
+
<example host.name="example.com" os.version="5.60">example.com FTP server (Digital UNIX Version 5.60) ready.</example>
|
1181
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
1182
|
+
<param pos="0" name="os.family" value="Unix"/>
|
1183
|
+
<param pos="0" name="os.product" value="Digital Unix"/>
|
1184
|
+
<param pos="1" name="host.name"/>
|
1185
|
+
<param pos="2" name="os.version"/>
|
1186
|
+
</fingerprint>
|
1187
|
+
<fingerprint pattern="^(\S+) FTP server \(MikroTik ([\d\.]+)\) ready\.?$">
|
1188
|
+
<description>MikroTik</description>
|
1189
|
+
<example host.name="example.com" os.version="6.18">example.com FTP server (MikroTik 6.18) ready</example>
|
1190
|
+
<param pos="0" name="os.vendor" value="MikroTik"/>
|
1191
|
+
<param pos="0" name="os.product" value="RouterOS"/>
|
1192
|
+
<param pos="1" name="host.name"/>
|
1193
|
+
<param pos="2" name="os.version"/>
|
1194
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
|
1195
|
+
</fingerprint>
|
1196
|
+
<fingerprint pattern="^MikroTik FTP server \(MikroTik ([\w.]+)\) ready\.?$">
|
1197
|
+
<description>MikroTik w/o hostname</description>
|
1198
|
+
<example os.version="6.0rc14">MikroTik FTP server (MikroTik 6.0rc14) ready</example>
|
1199
|
+
<param pos="0" name="os.vendor" value="MikroTik"/>
|
1200
|
+
<param pos="0" name="os.product" value="RouterOS"/>
|
1201
|
+
<param pos="1" name="os.version"/>
|
1202
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
|
1203
|
+
</fingerprint>
|
1204
|
+
<fingerprint pattern="^Welcome to ASUS (B?RT-[\w.-]+) FTP service\.$">
|
1205
|
+
<description>FTPD on an Asus Wireless Access Point/Router</description>
|
1206
|
+
<example hw.product="RT-AC68U">Welcome to ASUS RT-AC68U FTP service.</example>
|
1207
|
+
<example hw.product="RT-N13U.B1">Welcome to ASUS RT-N13U.B1 FTP service.</example>
|
1208
|
+
<example hw.product="BRT-AC828">Welcome to ASUS BRT-AC828 FTP service.</example>
|
1209
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1210
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1211
|
+
<param pos="0" name="hw.vendor" value="Asus"/>
|
1212
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1213
|
+
<param pos="1" name="hw.product"/>
|
1214
|
+
</fingerprint>
|
1215
|
+
<fingerprint pattern="^Welcome to ASUS (DSL-[\w.-]+) FTP service\.$">
|
1216
|
+
<description>FTPD on a ADSL/VDSL Modem/Wireless Access Point/Router</description>
|
1217
|
+
<example hw.product="DSL-AC68U">Welcome to ASUS DSL-AC68U FTP service.</example>
|
1218
|
+
<example hw.product="DSL-N55U-D1">Welcome to ASUS DSL-N55U-D1 FTP service.</example>
|
1219
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1220
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1221
|
+
<param pos="0" name="hw.vendor" value="Asus"/>
|
1222
|
+
<param pos="0" name="hw.device" value="DSL Modem"/>
|
1223
|
+
<param pos="1" name="hw.product"/>
|
1224
|
+
</fingerprint>
|
1225
|
+
<fingerprint pattern="^Welcome to ASUS (TM-\w+) FTP service\.$">
|
1226
|
+
<description>FTPD on a T-Mobile branded Asus Wireless Access Point/Router</description>
|
1227
|
+
<example hw.product="TM-AC1900">Welcome to ASUS TM-AC1900 FTP service.</example>
|
1228
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1229
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1230
|
+
<param pos="0" name="hw.vendor" value="Asus"/>
|
1231
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1232
|
+
<param pos="1" name="hw.product"/>
|
1233
|
+
</fingerprint>
|
1234
|
+
<fingerprint pattern="^(FRITZ!Box[\w()]+) FTP server ready\.$">
|
1235
|
+
<description>FTPD on an AWM multifunction Modem/Wireless Access Point/Router/VoIP device</description>
|
1236
|
+
<example hw.product="FRITZ!Box7490">FRITZ!Box7490 FTP server ready.</example>
|
1237
|
+
<example hw.product="FRITZ!BoxFonWLAN7390">FRITZ!BoxFonWLAN7390 FTP server ready.</example>
|
1238
|
+
<example hw.product="FRITZ!Box7490(UI)">FRITZ!Box7490(UI) FTP server ready.</example>
|
1239
|
+
<example hw.product="FRITZ!Box7362SL(UI)">FRITZ!Box7362SL(UI) FTP server ready.</example>
|
1240
|
+
<example hw.product="FRITZ!BoxFonWLAN7270v3">FRITZ!BoxFonWLAN7270v3 FTP server ready.</example>
|
1241
|
+
<example hw.product="FRITZ!Box6490Cable(kdg)">FRITZ!Box6490Cable(kdg) FTP server ready.</example>
|
1242
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
1243
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1244
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
1245
|
+
<param pos="1" name="hw.product"/>
|
1246
|
+
</fingerprint>
|
1247
|
+
<fingerprint pattern="^HES_CPE FTP server \(GNU inetutils ([\w.]+)\) ready\.$">
|
1248
|
+
<description>FTPD on a ZyXEL (Huawei rebrand) WiMax WAP</description>
|
1249
|
+
<example service.version="1.4.1">HES_CPE FTP server (GNU inetutils 1.4.1) ready.</example>
|
1250
|
+
<param pos="0" name="service.family" value="inetutils"/>
|
1251
|
+
<param pos="0" name="service.product" value="inetutils ftpd"/>
|
1252
|
+
<param pos="0" name="service.vendor" value="GNU"/>
|
1253
|
+
<param pos="1" name="service.version"/>
|
1254
|
+
<param pos="0" name="hw.vendor" value="ZyXEL"/>
|
1255
|
+
<param pos="0" name="hw.family" value="WiMax"/>
|
1256
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1257
|
+
</fingerprint>
|
1258
|
+
<fingerprint pattern="^Speedport W ?(\S+) (?:Typ [A|B] )?FTP Server v([\d.]+) ready$$">
|
1259
|
+
<description>FTPD on Speedport WLAN/ADSL routers (Deutsche Telekom mfg by misc)</description>
|
1260
|
+
<example hw.product="723V" os.version="1.40.000">Speedport W 723V Typ B FTP Server v1.40.000 ready</example>
|
1261
|
+
<example hw.product="921V" os.version="1.39.000">Speedport W 921V FTP Server v1.39.000 ready</example>
|
1262
|
+
<example hw.product="722V" os.version="1.18.000">Speedport W722V FTP Server v1.18.000 ready</example>
|
1263
|
+
<param pos="0" name="hw.vendor" value="Deutsche Telekom"/>
|
1264
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1265
|
+
<param pos="0" name="hw.family" value="Speedport"/>
|
1266
|
+
<param pos="1" name="hw.product"/>
|
1267
|
+
<param pos="2" name="os.version"/>
|
1268
|
+
</fingerprint>
|
1269
|
+
<fingerprint pattern="^DiskStation FTP server ready\.$">
|
1270
|
+
<description>FTPD on a Synology DiskStation NAS</description>
|
1271
|
+
<example>DiskStation FTP server ready.</example>
|
1272
|
+
<param pos="0" name="service.family" value="SmbFTPD"/>
|
1273
|
+
<param pos="0" name="service.product" value="SmbFTPD"/>
|
1274
|
+
<param pos="0" name="service.vendor" value="GNU"/>
|
1275
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1276
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1277
|
+
<param pos="0" name="hw.vendor" value="Synology"/>
|
1278
|
+
<param pos="0" name="hw.family" value="DiskStation"/>
|
1279
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
1280
|
+
</fingerprint>
|
1281
|
+
<fingerprint pattern="^Synology FTP server ready\.$" flags="REG_ICASE">
|
1282
|
+
<description>FTPD on a Synology device</description>
|
1283
|
+
<example>Synology FTP server ready.</example>
|
1284
|
+
<example>SYNOLOGY FTP server ready.</example>
|
1285
|
+
<param pos="0" name="service.family" value="SmbFTPD"/>
|
1286
|
+
<param pos="0" name="service.product" value="SmbFTPD"/>
|
1287
|
+
<param pos="0" name="service.vendor" value="GNU"/>
|
1288
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1289
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1290
|
+
<param pos="0" name="hw.vendor" value="Synology"/>
|
1291
|
+
</fingerprint>
|
1292
|
+
<fingerprint pattern="^.Welcome to MyBookLive.$">
|
1293
|
+
<description>FTPD on Western Digital My Book Live NAS</description>
|
1294
|
+
<example>"Welcome to MyBookLive"</example>
|
1295
|
+
<param pos="0" name="hw.vendor" value="Western Digital"/>
|
1296
|
+
<param pos="0" name="hw.family" value="My Book"/>
|
1297
|
+
<param pos="0" name="hw.product" value="My Book Live"/>
|
1298
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
1299
|
+
</fingerprint>
|
1300
|
+
<fingerprint pattern="^Multicraft ([\w.-]+) FTP server$">
|
1301
|
+
<description>Multicraft FTPD Server</description>
|
1302
|
+
<example service.version="2.0.2">Multicraft 2.0.2 FTP server</example>
|
1303
|
+
<example service.version="2.0.0-pre19">Multicraft 2.0.0-pre19 FTP server</example>
|
1304
|
+
<param pos="0" name="service.family" value="Multicraft"/>
|
1305
|
+
<param pos="0" name="service.product" value="Multicraft"/>
|
1306
|
+
<param pos="0" name="service.vendor" value="Multicraft"/>
|
1307
|
+
<param pos="1" name="service.version"/>
|
1308
|
+
</fingerprint>
|
1309
|
+
<fingerprint pattern="^bftpd ([\d.]+) at ([a-f\d.:]+) ready\.$">
|
1310
|
+
<description>Bftpd FTPD Server</description>
|
1311
|
+
<example service.version="2.2.1" host.ip="192.168.0.1">bftpd 2.2.1 at 192.168.0.1 ready.</example>
|
1312
|
+
<example service.version="2.2" host.ip="::ffff:192.168.1.1">bftpd 2.2 at ::ffff:192.168.1.1 ready.</example>
|
1313
|
+
<param pos="0" name="service.family" value="Bftpd"/>
|
1314
|
+
<param pos="0" name="service.product" value="Bftpd"/>
|
1315
|
+
<param pos="0" name="service.vendor" value="Bftpd Project"/>
|
1316
|
+
<param pos="1" name="service.version"/>
|
1317
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:bftpd_project:bftpd:{service.version}"/>
|
1318
|
+
<param pos="2" name="host.ip"/>
|
1319
|
+
</fingerprint>
|
1320
|
+
<fingerprint pattern="^NASFTPD Turbo station (?:2.x )?([\w.]+) Server \(ProFTPD\)(?: \[([a-f\d.:]+)\])?$">
|
1321
|
+
<description>ProFTPD on QNAP Turbo Station NAS</description>
|
1322
|
+
<example service.version="1.3.5a" host.ip="192.168.1.100">NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.100]</example>
|
1323
|
+
<example service.version="1.3.1rc2" host.ip="192.168.1.100">NASFTPD Turbo station 2.x 1.3.1rc2 Server (ProFTPD) [192.168.1.100]</example>
|
1324
|
+
<example service.version="1.3.5a">NASFTPD Turbo station 1.3.5a Server (ProFTPD)</example>
|
1325
|
+
<param pos="0" name="service.family" value="ProFTPD"/>
|
1326
|
+
<param pos="0" name="service.vendor" value="ProFTPD Project"/>
|
1327
|
+
<param pos="0" name="service.product" value="ProFTPD"/>
|
1328
|
+
<param pos="1" name="service.version"/>
|
1329
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:{service.version}"/>
|
1330
|
+
<param pos="0" name="hw.vendor" value="QNAP"/>
|
1331
|
+
<param pos="0" name="hw.family" value="Turbo Station"/>
|
1332
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
1333
|
+
<param pos="2" name="host.ip"/>
|
1334
|
+
</fingerprint>
|
1335
|
+
<fingerprint pattern="^Twisted ([\w.]+) FTP Server$">
|
1336
|
+
<description>Twisted (Python) FTP Server</description>
|
1337
|
+
<example service.version="14.0.0">Twisted 14.0.0 FTP Server</example>
|
1338
|
+
<example service.version="16.5.0rc2">Twisted 16.5.0rc2 FTP Server</example>
|
1339
|
+
<param pos="0" name="service.family" value="Twisted"/>
|
1340
|
+
<param pos="0" name="service.product" value="Twisted FTPD"/>
|
1341
|
+
<param pos="0" name="service.vendor" value="Twisted Matrix Labs"/>
|
1342
|
+
<param pos="1" name="service.version"/>
|
1343
|
+
</fingerprint>
|
1344
|
+
<fingerprint pattern="^Gene6 FTP Server v(\d{1,2}\.\d{1,2}\.\d{1,2}\s{1,2}\(Build \d{1,2}\)) ready\.\.\.$">
|
1345
|
+
<description>Gene6 FTP Server on Windows</description>
|
1346
|
+
<example service.version="3.10.0 (Build 2)">Gene6 FTP Server v3.10.0 (Build 2) ready...</example>
|
1347
|
+
<example service.version="3.7.0 (Build 24)">Gene6 FTP Server v3.7.0 (Build 24) ready...</example>
|
1348
|
+
<param pos="0" name="service.family" value="Gene6"/>
|
1349
|
+
<param pos="0" name="service.product" value="FTP Server"/>
|
1350
|
+
<param pos="0" name="service.vendor" value="Gene6"/>
|
1351
|
+
<param pos="1" name="service.version"/>
|
1352
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
1353
|
+
<param pos="0" name="os.family" value="Windows"/>
|
1354
|
+
<param pos="0" name="os.product" value="Windows"/>
|
1355
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1356
|
+
</fingerprint>
|
1357
|
+
<fingerprint pattern="^([\w.-]+) X2 WS_FTP Server ([\d.]{3,6}\s?\(\d+\))$">
|
1358
|
+
<description>WS_FTP FTP Server on Windows - X2 variant</description>
|
1359
|
+
<example service.version="7.7(50012467)" host.name="a.host.name.tld">a.host.name.tld X2 WS_FTP Server 7.7(50012467)</example>
|
1360
|
+
<example service.version="5.0.5 (1989540204)" host.name="a.host.name.tld">a.host.name.tld X2 WS_FTP Server 5.0.5 (1989540204)</example>
|
1361
|
+
<param pos="0" name="service.family" value="WS_FTP"/>
|
1362
|
+
<param pos="0" name="service.product" value="WS_FTP"/>
|
1363
|
+
<param pos="0" name="service.vendor" value="Ipswitch"/>
|
1364
|
+
<param pos="2" name="service.version"/>
|
1365
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
|
1366
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
1367
|
+
<param pos="0" name="os.family" value="Windows"/>
|
1368
|
+
<param pos="0" name="os.product" value="Windows"/>
|
1369
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1370
|
+
<param pos="1" name="host.name"/>
|
1371
|
+
</fingerprint>
|
1372
|
+
<fingerprint pattern="^V2 WS_FTP Server ([\d.]{3,6}\s?\(\d+\))$">
|
1373
|
+
<description>WS_FTP FTP Server on Windows - V2 variant</description>
|
1374
|
+
<example service.version="6.1(05544322)">V2 WS_FTP Server 6.1(05544322)</example>
|
1375
|
+
<param pos="0" name="service.family" value="WS_FTP"/>
|
1376
|
+
<param pos="0" name="service.product" value="WS_FTP"/>
|
1377
|
+
<param pos="0" name="service.vendor" value="Ipswitch"/>
|
1378
|
+
<param pos="1" name="service.version"/>
|
1379
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
|
1380
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
1381
|
+
<param pos="0" name="os.family" value="Windows"/>
|
1382
|
+
<param pos="0" name="os.product" value="Windows"/>
|
1383
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1384
|
+
</fingerprint>
|
1385
|
+
<fingerprint pattern="^FTP Server \(ZyWALL (USG\s?[\w-]+)\) \[([a-f\d:.]+)\]$">
|
1386
|
+
<description>ZyXEL Unified Security Gateway</description>
|
1387
|
+
<example hw.product="USG 20" host.ip="::ffff:192.168.0.2">FTP Server (ZyWALL USG 20) [::ffff:192.168.0.2]</example>
|
1388
|
+
<example hw.product="USG100-PLUS" host.ip="::ffff:192.168.5.101">FTP Server (ZyWALL USG100-PLUS) [::ffff:192.168.5.101]</example>
|
1389
|
+
<example hw.product="USG 20" host.ip="10.0.0.2">FTP Server (ZyWALL USG 20) [10.0.0.2]</example>
|
1390
|
+
<param pos="0" name="service.vendor" value="ZyXEL"/>
|
1391
|
+
<param pos="0" name="service.family" value="Unified Security Gateway"/>
|
1392
|
+
<param pos="0" name="service.product" value="FTPD"/>
|
1393
|
+
<param pos="2" name="host.ip"/>
|
1394
|
+
<param pos="0" name="hw.vendor" value="ZyXEL"/>
|
1395
|
+
<param pos="0" name="hw.family" value="Unified Security Gateway"/>
|
1396
|
+
<param pos="1" name="hw.product"/>
|
1397
|
+
</fingerprint>
|
1398
|
+
<fingerprint pattern="^Welcome to TP-LINK FTP server$">
|
1399
|
+
<description>FTPD on a TP-LINK device (no version/host info)</description>
|
1400
|
+
<example>Welcome to TP-LINK FTP server</example>
|
1401
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
1402
|
+
</fingerprint>
|
1403
|
+
<fingerprint pattern="^TP-LINK FTP version ([\d\.]+)">
|
1404
|
+
<description>FTPD on a TP-LINK device with version, but no host info</description>
|
1405
|
+
<example service.version="1.0">TP-LINK FTP version 1.0 ready at Wed May 1 20:51:49 2019</example>
|
1406
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
1407
|
+
<param pos="0" name="service.product" value="FTPD"/>
|
1408
|
+
<param pos="1" name="service.version"/>
|
1409
|
+
</fingerprint>
|
1410
|
+
<fingerprint pattern="^ucftpd\((\w{3}\s+\d{1,2} \d{4}-\d\d:\d\d:\d\d)\) FTP server ready\.$">
|
1411
|
+
<description>ucftpd with version</description>
|
1412
|
+
<example service.version="Jul 2 2012-22:13:49">ucftpd(Jul 2 2012-22:13:49) FTP server ready.</example>
|
1413
|
+
<example service.version="Sep 10 2010-17:23:34">ucftpd(Sep 10 2010-17:23:34) FTP server ready.</example>
|
1414
|
+
<param pos="0" name="service.family" value="ucftpd"/>
|
1415
|
+
<param pos="0" name="service.product" value="ucftpd"/>
|
1416
|
+
<param pos="1" name="service.version"/>
|
1417
|
+
</fingerprint>
|
1418
|
+
<fingerprint pattern="^ucftpd FTP server ready\.$">
|
1419
|
+
<description>ucftpd without version</description>
|
1420
|
+
<example>ucftpd FTP server ready.</example>
|
1421
|
+
<param pos="0" name="service.family" value="ucftpd"/>
|
1422
|
+
<param pos="0" name="service.product" value="ucftpd"/>
|
1423
|
+
</fingerprint>
|
1424
|
+
<fingerprint pattern="^Welcome to TBS FTP Server\.$">
|
1425
|
+
<description>TBS FTP Server</description>
|
1426
|
+
<example>Welcome to TBS FTP Server.</example>
|
1427
|
+
<param pos="0" name="service.family" value="TBS FTP Server"/>
|
1428
|
+
<param pos="0" name="service.product" value="TBS FTP Server"/>
|
1429
|
+
</fingerprint>
|
1430
|
+
<fingerprint pattern="^Sofrel (S5[\w]+) SN ([\d-]+) ready. Time is (\d{2}:\d{2}:\d{2} \d{2}\/\d{2}\/\d{2})\.$">
|
1431
|
+
<description>Sofrel Remote Terminal Unit</description>
|
1432
|
+
<example hw.product="S500" host.id="01-499-00427" system.time="00:11:39 01/11/16">Sofrel S500 SN 01-499-00427 ready. Time is 00:11:39 01/11/16.</example>
|
1433
|
+
<param pos="0" name="hw.vendor" value="Sofrel"/>
|
1434
|
+
<param pos="0" name="hw.family" value="S500 Range"/>
|
1435
|
+
<param pos="1" name="hw.product"/>
|
1436
|
+
<param pos="2" name="host.id"/>
|
1437
|
+
<param pos="0" name="system.time.format" value="HH:mm:ss dd/MM/yy"/>
|
1438
|
+
<param pos="3" name="system.time"/>
|
1439
|
+
</fingerprint>
|
1440
|
+
<fingerprint pattern="^TiMOS-[CB]-([\S]+) cpm\/[\w]+ ALCATEL (SR [\S]+) Copyright .{1,4}$">
|
1441
|
+
<description>ALCATEL Service Router running TiMOS</description>
|
1442
|
+
<example os.version="13.0.R9">TiMOS-C-13.0.R9 cpm/hops64 ALCATEL SR 7750 Copyright (</example>
|
1443
|
+
<example hw.product="SR 7750">TiMOS-C-9.0.R8 cpm/hops ALCATEL SR 7750 Copyright (c) </example>
|
1444
|
+
<param pos="0" name="os.vendor" value="ALCATEL"/>
|
1445
|
+
<param pos="1" name="os.version"/>
|
1446
|
+
<param pos="0" name="hw.vendor" value="ALCATEL"/>
|
1447
|
+
<param pos="0" name="hw.family" value="Service Router"/>
|
1448
|
+
<param pos="2" name="hw.product"/>
|
1449
|
+
</fingerprint>
|
1450
|
+
<fingerprint pattern="^(\S+) FTP server ready\.?$" flags="REG_ICASE">
|
1451
|
+
<description>Generic FTP fingerprint with a hostname</description>
|
1452
|
+
<example host.name="example.com">example.com FTP server ready.</example>
|
1453
|
+
<param pos="1" name="host.name"/>
|
1454
|
+
</fingerprint>
|
1455
|
+
<fingerprint pattern="^(\S+) FTP server \(Version (\d.*)\) ready\.?$" flags="REG_ICASE">
|
1456
|
+
<description>Generic FTP fingerprint with a hostname and a version for a generic FTP implementation</description>
|
1457
|
+
<example host.name="example.com" service.version="6.00LS">example.com FTP server (Version 6.00LS) ready.</example>
|
1458
|
+
<example host.name="example.com" service.version="1.2">example.com FTP server (Version 1.2) ready.</example>
|
1459
|
+
<param pos="1" name="host.name"/>
|
1460
|
+
<param pos="2" name="service.version"/>
|
1461
|
+
</fingerprint>
|
1462
|
+
<fingerprint pattern="(?i)^FTP[\- ]+(?:server|service)?(?:(?: is)? ready)?\.?$">
|
1463
|
+
<description>Generic FTP fingerprint without a hostname</description>
|
1464
|
+
<example>FTP server is ready.</example>
|
1465
|
+
<example>FTP Server ready.</example>
|
1466
|
+
<example>FTP Server Ready</example>
|
1467
|
+
<example>FTP-Server</example>
|
1468
|
+
<example>FTP Server</example>
|
1469
|
+
<example>FTP service ready.</example>
|
1470
|
+
</fingerprint>
|
1471
|
+
<fingerprint pattern="^Welcom to ProRat Ftp Server$">
|
1472
|
+
<description>The FTP server of the ProRat malware</description>
|
1473
|
+
<example>Welcom to ProRat Ftp Server</example>
|
1474
|
+
<param pos="0" name="service.vendor" value="Pro Group"/>
|
1475
|
+
<param pos="0" name="service.product" value="ProRat"/>
|
1476
|
+
</fingerprint>
|
1477
|
+
<fingerprint pattern="^(?:(\S+) )?FTP Server \(vftpd ([\d.]+)\) ready\.?$">
|
1478
|
+
<description>Vermillion FTP Daemon</description>
|
1479
|
+
<example host.name="srv.name" service.version="1.23">srv.name FTP Server (vftpd 1.23) ready.</example>
|
1480
|
+
<example service.version="1.31">FTP Server (vftpd 1.31) ready.</example>
|
1481
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
1482
|
+
<param pos="0" name="os.family" value="Windows"/>
|
1483
|
+
<param pos="0" name="os.product" value="Windows"/>
|
1484
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1485
|
+
<param pos="0" name="service.vendor" value="Vermillion"/>
|
1486
|
+
<param pos="0" name="service.product" value="FTP Daemon"/>
|
1487
|
+
<param pos="2" name="service.version"/>
|
1488
|
+
<param pos="1" name="host.name"/>
|
1489
|
+
</fingerprint>
|
1490
|
+
<fingerprint pattern="^(?:(\S+) )?FTP server \(QVT\/Net ([\d.]+)\) ready\.?$">
|
1491
|
+
<description>QVT/Net FTP Server</description>
|
1492
|
+
<example host.name="siren" service.version="5.1">siren FTP server (QVT/Net 5.1) ready.</example>
|
1493
|
+
<example host.name="qpc-qvtnet" service.version="4.1">qpc-qvtnet FTP server (QVT/Net 4.1) ready.</example>
|
1494
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
1495
|
+
<param pos="0" name="os.family" value="Windows"/>
|
1496
|
+
<param pos="0" name="os.product" value="Windows"/>
|
1497
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1498
|
+
<param pos="0" name="service.vendor" value="QPC Software"/>
|
1499
|
+
<param pos="0" name="service.product" value="QVT/Net"/>
|
1500
|
+
<param pos="2" name="service.version"/>
|
1501
|
+
<param pos="1" name="host.name"/>
|
1502
|
+
</fingerprint>
|
1503
|
+
<fingerprint pattern="Amazon\sLinux\sAMI\srelease\s(\d+\.\d+)">
|
1504
|
+
<description>Amazon Linux AMI</description>
|
1505
|
+
<example os.version="2016.09">Amazon Linux AMI release 2016.09</example>
|
1506
|
+
<param pos="0" name="os.vendor" value="Amazon"/>
|
1507
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1508
|
+
<param pos="0" name="os.product" value="Linux AMI"/>
|
1509
|
+
<param pos="1" name="os.version"/>
|
1510
|
+
</fingerprint>
|
1511
|
+
<!-- Below are banners for FTP service providers, not necessarily
|
1512
|
+
specific FTP servers-->
|
1513
|
+
<fingerprint pattern="^Idea FTP Server ([\d\.]+) \((.*)\) \[(.+)\]$">
|
1514
|
+
<description>Idea FTP Server</description>
|
1515
|
+
<example service.version="0.83.213" host.name="localhost" host.ip="1.2.3.4">Idea FTP Server 0.83.213 (localhost) [1.2.3.4]</example>
|
1516
|
+
<example service.version="0.80" host.name="subdomain.home.pl" host.ip="1.2.3.4">Idea FTP Server 0.80 (subdomain.home.pl) [1.2.3.4]</example>
|
1517
|
+
<param pos="0" name="service.vendor" value="Idea"/>
|
1518
|
+
<param pos="0" name="service.product" value="FTP Server"/>
|
1519
|
+
<param pos="1" name="service.version"/>
|
1520
|
+
<param pos="2" name="host.name"/>
|
1521
|
+
<param pos="3" name="host.ip"/>
|
1522
|
+
</fingerprint>
|
1523
|
+
<fingerprint pattern="^Amazon Ftp$">
|
1524
|
+
<description>Amazon FTP endpoint</description>
|
1525
|
+
<example>Amazon Ftp</example>
|
1526
|
+
<param pos="0" name="service.vendor" value="Amazon"/>
|
1527
|
+
<param pos="0" name="service.product" value="FTP Server"/>
|
1528
|
+
</fingerprint>
|
1529
|
+
<fingerprint pattern="^Dreamhost FTP Server$">
|
1530
|
+
<description>Dreamhost FTP endpoint</description>
|
1531
|
+
<example>Dreamhost FTP Server</example>
|
1532
|
+
<param pos="0" name="service.vendor" value="Dreamhost"/>
|
1533
|
+
<param pos="0" name="service.product" value="FTP Server"/>
|
1534
|
+
</fingerprint>
|
1535
|
+
<fingerprint pattern="^QTCP at ([a-zA-Z0-9\.\_\-]+)$">
|
1536
|
+
<description>IBM iSeries FTP</description>
|
1537
|
+
<example host.name="core.bank.local.">QTCP at core.bank.local.</example>
|
1538
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
1539
|
+
<param pos="0" name="os.family" value="OS/400"/>
|
1540
|
+
<param pos="0" name="os.product" value="OS/400"/>
|
1541
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:-"/>
|
1542
|
+
<param pos="1" name="host.name"/>
|
1543
|
+
</fingerprint>
|
1544
|
+
<fingerprint pattern="^HomeLogic FTP Server">
|
1545
|
+
<description>ELAN Smart Home Controller</description>
|
1546
|
+
<example>HomeLogic FTP Server Please Give User Name</example>
|
1547
|
+
<param pos="0" name="hw.vendor" value="ELAN"/>
|
1548
|
+
<param pos="0" name="hw.device" value="Building Automation"/>
|
1549
|
+
<param pos="0" name="hw.product" value="Home Controller"/>
|
1550
|
+
<param pos="0" name="os.vendor" value="ELAN"/>
|
1551
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1552
|
+
</fingerprint>
|
1553
|
+
</fingerprints>
|