RubyGems - recog-intrigue - Versions diffs - 2.3.7 - Mend

recog-intrigue 2.3.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (130) hide show

checksums.yaml +7 -0
data/.github/ISSUE_TEMPLATE/bug_report.md +37 -0
data/.github/ISSUE_TEMPLATE/feature_request.md +17 -0
data/.github/ISSUE_TEMPLATE/fingerprint_request.md +27 -0
data/.github/PULL_REQUEST_TEMPLATE +24 -0
data/.gitignore +14 -0
data/.rbenv-gemset +1 -0
data/.rspec +3 -0
data/.ruby-gemset +1 -0
data/.ruby-version +1 -0
data/.travis.yml +25 -0
data/.yardopts +1 -0
data/CONTRIBUTING.md +171 -0
data/COPYING +23 -0
data/Gemfile +10 -0
data/LICENSE +7 -0
data/README.md +85 -0
data/Rakefile +22 -0
data/bin/recog_export +81 -0
data/bin/recog_match +55 -0
data/bin/recog_standardize +118 -0
data/bin/recog_verify +64 -0
data/cpe-remap.yaml +134 -0
data/features/data/failing_banners_fingerprints.xml +20 -0
data/features/data/matching_banners_fingerprints.xml +23 -0
data/features/data/multiple_banners_fingerprints.xml +32 -0
data/features/data/no_tests.xml +3 -0
data/features/data/sample_banner.txt +2 -0
data/features/data/successful_tests.xml +18 -0
data/features/data/tests_with_failures.xml +20 -0
data/features/data/tests_with_warnings.xml +17 -0
data/features/match.feature +36 -0
data/features/support/aruba.rb +3 -0
data/features/support/env.rb +6 -0
data/features/verify.feature +48 -0
data/identifiers/README.md +47 -0
data/identifiers/os_architecture.txt +20 -0
data/identifiers/os_device.txt +52 -0
data/identifiers/os_family.txt +160 -0
data/identifiers/os_product.txt +199 -0
data/identifiers/service_family.txt +185 -0
data/identifiers/service_product.txt +255 -0
data/identifiers/software_class.txt +26 -0
data/identifiers/software_family.txt +91 -0
data/identifiers/software_product.txt +333 -0
data/identifiers/vendor.txt +405 -0
data/lib/recog.rb +4 -0
data/lib/recog/db.rb +78 -0
data/lib/recog/db_manager.rb +31 -0
data/lib/recog/fingerprint.rb +280 -0
data/lib/recog/fingerprint/regexp_factory.rb +56 -0
data/lib/recog/fingerprint/test.rb +18 -0
data/lib/recog/formatter.rb +51 -0
data/lib/recog/match_reporter.rb +77 -0
data/lib/recog/matcher.rb +94 -0
data/lib/recog/matcher_factory.rb +14 -0
data/lib/recog/nizer.rb +347 -0
data/lib/recog/verifier.rb +39 -0
data/lib/recog/verifier_factory.rb +13 -0
data/lib/recog/verify_reporter.rb +86 -0
data/lib/recog/version.rb +3 -0
data/misc/convert_mysql_err +61 -0
data/misc/order.xsl +17 -0
data/recog-intrigue.gemspec +45 -0
data/requirements.txt +2 -0
data/spec/data/best_os_match_1.yml +17 -0
data/spec/data/best_os_match_2.yml +17 -0
data/spec/data/best_service_match_1.yml +17 -0
data/spec/data/smb_native_os.txt +25 -0
data/spec/data/test_fingerprints.xml +36 -0
data/spec/data/verification_fingerprints.xml +86 -0
data/spec/data/whitespaced_fingerprint.xml +5 -0
data/spec/lib/fingerprint_self_test_spec.rb +174 -0
data/spec/lib/recog/db_spec.rb +98 -0
data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +73 -0
data/spec/lib/recog/fingerprint_spec.rb +112 -0
data/spec/lib/recog/formatter_spec.rb +69 -0
data/spec/lib/recog/match_reporter_spec.rb +91 -0
data/spec/lib/recog/nizer_spec.rb +330 -0
data/spec/lib/recog/verify_reporter_spec.rb +113 -0
data/spec/spec_helper.rb +82 -0
data/update_cpes.py +186 -0
data/xml/apache_modules.xml +1911 -0
data/xml/apache_os.xml +273 -0
data/xml/architecture.xml +36 -0
data/xml/dns_versionbind.xml +761 -0
data/xml/fingerprints.xsd +128 -0
data/xml/ftp_banners.xml +1553 -0
data/xml/h323_callresp.xml +603 -0
data/xml/hp_pjl_id.xml +358 -0
data/xml/html_title.xml +1630 -0
data/xml/http_cookies.xml +411 -0
data/xml/http_servers.xml +3195 -0
data/xml/http_wwwauth.xml +595 -0
data/xml/imap_banners.xml +245 -0
data/xml/ldap_searchresult.xml +711 -0
data/xml/mdns_device-info_txt.xml +1796 -0
data/xml/mdns_workstation_txt.xml +15 -0
data/xml/mysql_banners.xml +1649 -0
data/xml/mysql_error.xml +871 -0
data/xml/nntp_banners.xml +82 -0
data/xml/ntp_banners.xml +1223 -0
data/xml/operating_system.xml +629 -0
data/xml/pop_banners.xml +499 -0
data/xml/rsh_resp.xml +76 -0
data/xml/rtsp_servers.xml +76 -0
data/xml/sip_banners.xml +359 -0
data/xml/sip_user_agents.xml +221 -0
data/xml/smb_native_lm.xml +62 -0
data/xml/smb_native_os.xml +662 -0
data/xml/smtp_banners.xml +1690 -0
data/xml/smtp_debug.xml +39 -0
data/xml/smtp_ehlo.xml +49 -0
data/xml/smtp_expn.xml +82 -0
data/xml/smtp_help.xml +157 -0
data/xml/smtp_mailfrom.xml +20 -0
data/xml/smtp_noop.xml +44 -0
data/xml/smtp_quit.xml +29 -0
data/xml/smtp_rcptto.xml +25 -0
data/xml/smtp_rset.xml +26 -0
data/xml/smtp_turn.xml +26 -0
data/xml/smtp_vrfy.xml +89 -0
data/xml/snmp_sysdescr.xml +6507 -0
data/xml/snmp_sysobjid.xml +430 -0
data/xml/ssh_banners.xml +1968 -0
data/xml/telnet_banners.xml +1595 -0
data/xml/x11_banners.xml +232 -0
data/xml/x509_issuers.xml +134 -0
data/xml/x509_subjects.xml +1268 -0
metadata +304 -0

data/identifiers/vendor.txt ADDED

@@ -0,0 +1,405 @@
+2Wire
+3Com
+4D
+ACC
+ACME Laboratories
+Acorn
+Actiontec
+ActiveState
+Adaptec
+ADC
+Adobe
+Adtran
+AIM
+Aironet
+Alcatel
+Allegro Software
+Allied Telesyn
+Alpha Micro
+Alpine
+Alteon
+Alt-N
+Amazon
+AMD
+Amiga
+AnalogX
+Apache
+APC
+Apollo
+Apple
+Aprelium Technologies
+Arescom
+ArGoSoft
+Arlan
+ARM
+ARRIS
+Artifex Software Inc.
+Asante
+Ascend
+Ascom
+Asianux
+Atari
+ATG
+AtheOS
+Atrium Software
+Attachmate
+Auspex
+Avaya
+Avocent
+Axent
+Axis
+Bay Networks
+Be
+BEA
+Bell Labs
+Bintec
+Bitvise
+Blue Coat
+Borderware
+Brix Networks
+Brocade
+Brother
+BSDi
+BT
+Buffalo
+Business Objects
+Cabletron
+Cacheflow
+Canon
+Canonical
+Cantillion
+Capellix
+Castelle
+CastleNet
+Caucho
+Cayman
+CentOS
+Chase
+Check Point
+CherryPy
+Cisco
+Citrix
+Clearswift
+CNET
+CNT
+Cobalt
+Commodore
+Compaq
+Compatible Systems
+Computer Associates
+Computone
+Conectiva
+Conexant
+Convex
+Copper Mountain
+Corega
+Cray
+Critical Path
+CSM
+CyberArk
+CyberGuard
+Cyclades
+Data General
+Datamax
+DataVoice
+Debian
+DEC
+Dell
+Digital Link
+Digital Networks
+DigiTel
+D-Link
+Docker Inc.
+DrayTek
+EasyTel
+Eaton
+Edimax
+Eicon
+Ektron
+ELSA
+Embedthis
+EMC
+EMWAC
+Enterasys
+Epson
+EqualLogic
+Ericsson
+Eudora
+EUSSO
+Exabyte
+exim
+ExtendNet
+Extreme Networks
+F5
+FastComm
+FatWire
+FiberLine
+Floosietek
+FlowPoint
+Fore
+FortiNet
+Foundry
+Foxit Software Inc.
+FreeBSD
+FreeScale
+FreeSCO
+Fujitsu Siemens
+GalactiComm
+Gandalf
+Gauntlet
+Genius
+Gentoo
+Gigamon
+Global Technology Associates
+GlobalScape
+GNet
+GNU
+Google
+Gordano
+Hawking
+Hitachi
+Hospira
+HP
+Huawei
+Hydra
+IBM
+Imagistics
+Innovaphone
+Intel
+Intergraph
+IPCop
+Ipswitch
+Isolation
+IXIA
+Juniper
+KA9Q
+Kaspersky Lab
+Kentrox
+Kerio
+Konica
+Kronos
+Kyocera
+Labtam
+LANCOM Systems
+Lantronix
+Leunig
+Lexmark
+LG Goldstream
+Linksys
+Linux
+Linux Foundation
+Livingston
+LogMeIn
+Lotus
+Lucent
+LWIP
+Lyris
+Macromedia
+Madge
+Magna
+Mail-Max
+Mandrake
+Mandriva
+Maxim IC
+McAfee
+Megabit
+Merak
+Meridian
+MetaInfo
+Microbase
+Microplex
+Microsoft
+MikroTik
+Minix
+Minolta
+Mirapoint
+Mocana
+Moodle
+Mort Bay
+Motorola
+Mozilla
+MRV Communications
+MultiTech
+MySQL
+NAT
+NCD
+NcFTP Software
+NCR
+NEC
+Neoware
+NetApp
+NetBSD
+Netgear
+NetJet
+NetMatrix
+Netopia
+Netscape
+NetScreen
+NetSilicon
+Network Systems
+Nexland
+NeXT
+Nokia
+Nortel
+Norton
+Novell
+NSG
+NTT
+Oce
+Okidata
+Omron
+OpenBSD
+OpenJDK
+OpenSUSE
+Opera Software
+Oracle
+Overland
+Oversee
+ownCloud
+Packet Engines
+Packeteer
+Palm
+Palo Alto Networks
+Panasonic
+Paul Smith Computer Services
+Philips
+PHP
+phpMyAdmin
+Pigtail
+Piriform
+Pitney Bowes
+Plain Black
+Planet
+PLD
+Polycom
+Postgres
+PowerWare
+Pragma Systems
+PreEmptive Solutions
+Process Software
+Proteon
+Proxim
+qmail
+QMS
+QNX
+Qualcomm
+Quanterra
+Quantum
+Racal
+Radionics
+Rapid7
+Raptor
+Rarlab
+RCA
+RealMedia
+Red Hat
+Redback
+Rhino Software
+Ricoh
+Ringdale
+Riverbed Technology
+Riverstone Networks
+RoadLanner
+Rockliffe
+Rockwell
+Roxen
+rPath
+SafeNet
+SAP
+SAR
+Savin
+SBLIM
+Schneider Electric
+SCO
+Seattle Labs
+Secure Computing
+Sega
+Sendmail
+Sequent
+SGI
+Sharp
+Shiva
+Siebel
+Siemens
+Simon Tatham
+Slackware
+SMC
+SmoothWall
+SonicWALL
+SonoSite
+Sony
+Sophos
+Source Technologies
+Sourcefire
+SpeedStream
+Sphera
+SSH Communications Security
+StackTools
+Standard Networks
+StartCom
+Stratus
+Sun
+SUSE
+Sybase
+Symantec
+Symbol
+SysTech
+Tahoe
+Tally
+Tandberg
+Tandem
+Tasman Networks
+Tekelec
+Tektonix
+Telebit
+Telindus
+Telocity
+Teltrend
+Thomson
+TIS
+TOR
+Toshiba
+Trancell
+Trend Micro
+Truetime
+Trustix
+Turbolinux
+Turtle Beach
+Twisted Matrix Labs
+TYPO3
+Ubuntu
+Unica
+UnitedLinux
+US Robotics
+VanDyke Software
+Vanguard
+VersaNet
+VideoLAN
+Vignette
+Vine
+Vircom
+Virtual Access
+VMware
+WatchGuard
+Webmin
+WebTrends
+White Box
+Wind River
+Wireshark
+Wordpress
+WTI
+XCD
+Xerox
+Xitami
+XMach
+XnSoft
+Xylan
+Xylogics
+Xyplex
+Yahoo
+Yamaha
+Zero One
+ZMailer
+Zoom
+ZoomAir
+Zyxel

data/lib/recog.rb ADDED

@@ -0,0 +1,4 @@
+require_relative 'recog/version'
+require_relative 'recog/db_manager'
+require_relative 'recog/matcher_factory'
+require_relative 'recog/nizer'

data/lib/recog/db.rb ADDED

@@ -0,0 +1,78 @@
+module Recog
+# A collection of {Fingerprint fingerprints} for matching against a particular
+# kind of fingerprintable data, e.g. an HTTP `Server` header
+class DB
+  require 'nokogiri'
+  require_relative 'fingerprint'
+  # @return [String]
+  attr_reader :path
+  # @return [Array<Fingerprint>] {Fingerprint} objects that can be matched
+  #   against strings that make sense for the {#match_key}
+  attr_reader :fingerprints
+  # @return [String] Taken from the `fingerprints/matches` attribute, or
+  #   defaults to the basename of {#path} without the `.xml` extension.
+  attr_reader :match_key
+  # @return [String] Taken from the `fingerprints/protocol` attribute, or
+  #   defaults to an empty string
+  attr_reader :protocol
+  # @return [String] Taken from the `fingerprints/database_type` attribute
+  #   defaults to an empty string
+  attr_reader :database_type
+  # @return [Float] Taken from the `fingerprints/preference` attribute,
+  #   defaults to 0.10.  Used when ordering databases, highest numbers
+  #   are given priority and are processed first.
+  attr_reader :preference
+  # Default Fingerprint database preference when it isn't specified in file
+  # Do not use a value below 0.10 so as to allow users to specify lower
+  # values in their own custom XML that will always run last.
+  DEFAULT_FP_PREFERENCE = 0.10
+  # @param path [String]
+  def initialize(filename)
+    @match_key = nil
+    @protocol = ''
+    @database_type = ''
+    @preference = DEFAULT_FP_PREFERENCE.to_f
+    @path = "#{File.dirname(__FILE__)}/../../xml/#{filename}"
+    @fingerprints = []
+    parse_fingerprints
+  end
+  # @return [void]
+  def parse_fingerprints
+    xml = nil
+    File.open(self.path, 'rb') do |fd|
+      xml = Nokogiri::XML(fd.read(fd.stat.size))
+    end
+    raise "#{self.path} is invalid XML: #{xml.errors.join(',')}" unless xml.errors.empty?
+    xml.xpath('/fingerprints').each do |fbase|
+      @match_key = fbase['matches'].to_s if fbase['matches']
+      @protocol = fbase['protocol'].to_s if fbase['protocol']
+      @database_type = fbase['database_type'].to_s if fbase['database_type']
+      @preference = fbase['preference'].to_f if fbase['preference']
+    end
+    @match_key = File.basename(self.path).sub(/\.xml$/, '') unless @match_key
+    xml.xpath('/fingerprints/fingerprint').each do |fprint|
+      @fingerprints << Fingerprint.new(fprint, @match_key, @protocol)
+    end
+    xml = nil
+  end
+end
+end