recog-intrigue 2.3.7 → 2.3.14

Sign up to get free protection for your applications and to get access to all the features.
Files changed (70) hide show
  1. checksums.yaml +4 -4
  2. data/.github/SECURITY.md +35 -0
  3. data/.gitignore +9 -0
  4. data/CONTRIBUTING.md +136 -37
  5. data/README.md +18 -16
  6. data/bin/recog_cleanup +16 -0
  7. data/bin/recog_standardize +30 -6
  8. data/cpe-remap.yaml +38 -1
  9. data/identifiers/README.md +9 -0
  10. data/identifiers/hw_device.txt +77 -0
  11. data/identifiers/hw_family.txt +96 -0
  12. data/identifiers/hw_product.txt +328 -0
  13. data/identifiers/os_architecture.txt +6 -6
  14. data/identifiers/os_device.txt +45 -3
  15. data/identifiers/os_family.txt +206 -41
  16. data/identifiers/os_product.txt +238 -17
  17. data/identifiers/service_family.txt +144 -57
  18. data/identifiers/service_product.txt +385 -83
  19. data/identifiers/vendor.txt +554 -68
  20. data/lib/recog/version.rb +1 -1
  21. data/requirements.txt +1 -1
  22. data/update_cpes.py +4 -1
  23. data/xml/apache_modules.xml +292 -5
  24. data/xml/apache_os.xml +41 -2
  25. data/xml/architecture.xml +11 -3
  26. data/xml/dns_versionbind.xml +200 -26
  27. data/xml/favicons.xml +1701 -0
  28. data/xml/ftp_banners.xml +256 -23
  29. data/xml/h323_callresp.xml +112 -12
  30. data/xml/hp_pjl_id.xml +47 -5
  31. data/xml/html_title.xml +1156 -70
  32. data/xml/http_cookies.xml +69 -11
  33. data/xml/http_servers.xml +1094 -107
  34. data/xml/http_wwwauth.xml +143 -27
  35. data/xml/imap_banners.xml +62 -13
  36. data/xml/ldap_searchresult.xml +81 -9
  37. data/xml/mdns_device-info_txt.xml +194 -17
  38. data/xml/mdns_workstation_txt.xml +4 -2
  39. data/xml/mysql_banners.xml +233 -40
  40. data/xml/mysql_error.xml +113 -6
  41. data/xml/nntp_banners.xml +10 -2
  42. data/xml/ntp_banners.xml +93 -9
  43. data/xml/operating_system.xml +90 -3
  44. data/xml/pop_banners.xml +87 -33
  45. data/xml/rsh_resp.xml +11 -2
  46. data/xml/rtsp_servers.xml +43 -23
  47. data/xml/sip_banners.xml +6 -11
  48. data/xml/sip_user_agents.xml +29 -2
  49. data/xml/smb_native_lm.xml +10 -2
  50. data/xml/smb_native_os.xml +80 -2
  51. data/xml/smtp_banners.xml +233 -13
  52. data/xml/smtp_debug.xml +6 -4
  53. data/xml/smtp_ehlo.xml +7 -5
  54. data/xml/smtp_expn.xml +13 -4
  55. data/xml/smtp_help.xml +23 -4
  56. data/xml/smtp_mailfrom.xml +5 -2
  57. data/xml/smtp_noop.xml +6 -5
  58. data/xml/smtp_quit.xml +5 -4
  59. data/xml/smtp_rcptto.xml +5 -2
  60. data/xml/smtp_rset.xml +4 -4
  61. data/xml/smtp_turn.xml +4 -4
  62. data/xml/smtp_vrfy.xml +14 -4
  63. data/xml/snmp_sysdescr.xml +741 -32
  64. data/xml/snmp_sysobjid.xml +47 -2
  65. data/xml/ssh_banners.xml +255 -81
  66. data/xml/telnet_banners.xml +503 -30
  67. data/xml/x11_banners.xml +26 -3
  68. data/xml/x509_issuers.xml +37 -13
  69. data/xml/x509_subjects.xml +214 -52
  70. metadata +12 -5
data/xml/operating_system.xml CHANGED
@@ -1,9 +1,11 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
3
3
  <!--
4
4
  Patterns for common names of various operating systems.
5
5
  -->
6
+
6
7
  <!-- Windows begin -->
8
+
7
9
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
8
10
  <description>Windows Server 2003 and later</description>
9
11
  <example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
@@ -23,6 +25,7 @@
23
25
  <param pos="2" name="os.edition"/>
24
26
  <param pos="3" name="os.version"/>
25
27
  </fingerprint>
28
+
26
29
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
27
30
  <description>Windows 10 Mobile</description>
28
31
  <example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
@@ -32,7 +35,9 @@
32
35
  <param pos="0" name="os.product" value="Windows 10 Mobile"/>
33
36
  <param pos="1" name="os.edition"/>
34
37
  <param pos="0" name="os.device" value="Mobile"/>
38
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
35
39
  </fingerprint>
40
+
36
41
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
37
42
  <description>Windows Desktop XP and later</description>
38
43
  <example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
@@ -50,6 +55,7 @@
50
55
  <param pos="2" name="os.edition"/>
51
56
  <param pos="3" name="os.version"/>
52
57
  </fingerprint>
58
+
53
59
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
54
60
  <description>Windows 2000</description>
55
61
  <example os.edition="Professional">Windows 2000 Professional</example>
@@ -61,6 +67,7 @@
61
67
  <param pos="2" name="os.version"/>
62
68
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
63
69
  </fingerprint>
70
+
64
71
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
65
72
  <description>Windows NT</description>
66
73
  <example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
@@ -74,6 +81,7 @@
74
81
  <param pos="2" name="os.edition"/>
75
82
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
76
83
  </fingerprint>
84
+
77
85
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
78
86
  <description>Windows Phone 7 and later</description>
79
87
  <example os.version="7.5">Windows Phone 7.5</example>
@@ -84,6 +92,7 @@
84
92
  <param pos="1" name="os.version"/>
85
93
  <param pos="0" name="os.device" value="Mobile"/>
86
94
  </fingerprint>
95
+
87
96
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
88
97
  <description>Windows 9x</description>
89
98
  <example os.product="Windows 98 SE">Windows 98 SE</example>
@@ -91,6 +100,7 @@
91
100
  <param pos="0" name="os.family" value="Windows"/>
92
101
  <param pos="1" name="os.product"/>
93
102
  </fingerprint>
103
+
94
104
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
95
105
  <description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
96
106
  <example>Windows 6.1</example>
@@ -98,6 +108,7 @@
98
108
  <param pos="0" name="os.family" value="Windows"/>
99
109
  <param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
100
110
  </fingerprint>
111
+
101
112
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
102
113
  <description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
103
114
  <example>Windows 6.2</example>
@@ -105,6 +116,7 @@
105
116
  <param pos="0" name="os.family" value="Windows"/>
106
117
  <param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
107
118
  </fingerprint>
119
+
108
120
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
109
121
  <description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
110
122
  <example>Windows 6.3</example>
@@ -112,6 +124,7 @@
112
124
  <param pos="0" name="os.family" value="Windows"/>
113
125
  <param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
114
126
  </fingerprint>
127
+
115
128
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
116
129
  <description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
117
130
  <example>Windows 10.0</example>
@@ -119,6 +132,7 @@
119
132
  <param pos="0" name="os.family" value="Windows"/>
120
133
  <param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
121
134
  </fingerprint>
135
+
122
136
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
123
137
  <description>Windows catch-all</description>
124
138
  <example>Windows for Workgroups 3.11</example>
@@ -129,8 +143,11 @@
129
143
  <param pos="0" name="os.certainty" value="0.5"/>
130
144
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
131
145
  </fingerprint>
146
+
132
147
  <!-- Windows end -->
148
+
133
149
  <!-- Liunx begin -->
150
+
134
151
  <fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
135
152
  <description>Alpine Linux</description>
136
153
  <example os.version="3.4.0">Alpine Linux v3.4.0</example>
@@ -140,7 +157,9 @@
140
157
  <param pos="0" name="os.product" value="Linux"/>
141
158
  <param pos="1" name="os.version"/>
142
159
  </fingerprint>
160
+
143
161
  <!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
162
+
144
163
  <fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
145
164
  <description>Arch Linux</description>
146
165
  <example os.version="2016.04.01">Arch Linux 2016.04.01</example>
@@ -149,7 +168,9 @@
149
168
  <param pos="0" name="os.product" value="Linux"/>
150
169
  <param pos="1" name="os.version"/>
151
170
  </fingerprint>
171
+
152
172
  <!-- Red Hat Enterprise Linux derivative -->
173
+
153
174
  <fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
154
175
  <description>Amazon Linux AMI</description>
155
176
  <example os.version="5.11">Amazon Linux AMI 5.11</example>
@@ -160,7 +181,9 @@
160
181
  <param pos="0" name="os.product" value="Linux AMI"/>
161
182
  <param pos="1" name="os.version"/>
162
183
  </fingerprint>
184
+
163
185
  <!-- Red Hat Enterprise Linux derivative -->
186
+
164
187
  <fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
165
188
  <description>Centos Linux</description>
166
189
  <example os.version="5.11">Centos Linux 5.11</example>
@@ -173,6 +196,7 @@
173
196
  <param pos="1" name="os.version"/>
174
197
  <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
175
198
  </fingerprint>
199
+
176
200
  <fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
177
201
  <description>Debian Linux</description>
178
202
  <example os.version="6.0">Debian 6.0</example>
@@ -185,6 +209,7 @@
185
209
  <param pos="1" name="os.version"/>
186
210
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
187
211
  </fingerprint>
212
+
188
213
  <fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
189
214
  <description>Fedora Linux</description>
190
215
  <example os.version="6">Fedora Core 6</example>
@@ -196,7 +221,9 @@
196
221
  <param pos="1" name="os.version"/>
197
222
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
198
223
  </fingerprint>
224
+
199
225
  <!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
226
+
200
227
  <fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
201
228
  <description>Gentoo Linux</description>
202
229
  <example>Gentoo Linux</example>
@@ -206,7 +233,9 @@
206
233
  <param pos="1" name="os.version"/>
207
234
  <param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
208
235
  </fingerprint>
236
+
209
237
  <!-- Kali switched to rolling release in January 2016. -->
238
+
210
239
  <fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
211
240
  <description>Kali Linux</description>
212
241
  <example os.version="1.0.0">Kali Linux 1.0.0</example>
@@ -218,7 +247,9 @@
218
247
  <param pos="0" name="os.product" value="Linux"/>
219
248
  <param pos="1" name="os.version"/>
220
249
  </fingerprint>
250
+
221
251
  <!-- Ubuntu derivative -->
252
+
222
253
  <fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
223
254
  <description>Kubuntu Linux</description>
224
255
  <example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
@@ -230,7 +261,9 @@
230
261
  <param pos="1" name="os.version"/>
231
262
  <param pos="2" name="os.edition"/>
232
263
  </fingerprint>
264
+
233
265
  <!-- Red Hat Enterprise Linux derivative -->
266
+
234
267
  <fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
235
268
  <description>Oracle Enterprise Linux</description>
236
269
  <example os.version="5.11">Oracle Enterprise Linux 5.11</example>
@@ -241,6 +274,7 @@
241
274
  <param pos="1" name="os.version"/>
242
275
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
243
276
  </fingerprint>
277
+
244
278
  <fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
245
279
  <description>OpenSUSE Linux</description>
246
280
  <example os.version="10.1">OpenSUSE Linux 10.1</example>
@@ -251,6 +285,7 @@
251
285
  <param pos="0" name="os.product" value="Linux"/>
252
286
  <param pos="1" name="os.version"/>
253
287
  </fingerprint>
288
+
254
289
  <fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
255
290
  <description>Red Hat Enterprise Linux</description>
256
291
  <example>Red Hat Enterprise Linux AS</example>
@@ -264,7 +299,9 @@
264
299
  <param pos="1" name="os.version"/>
265
300
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
266
301
  </fingerprint>
302
+
267
303
  <!-- Red Hat Enterprise Linux derivative -->
304
+
268
305
  <fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
269
306
  <description>Scientific Linux</description>
270
307
  <example os.version="5.11">Scientific Linux 5.11</example>
@@ -275,6 +312,7 @@
275
312
  <param pos="0" name="os.product" value="Linux"/>
276
313
  <param pos="1" name="os.version"/>
277
314
  </fingerprint>
315
+
278
316
  <fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
279
317
  <description>Slackware Linux</description>
280
318
  <example os.version="14.1">Slackware Linux 14.1</example>
@@ -283,6 +321,7 @@
283
321
  <param pos="0" name="os.product" value="Linux"/>
284
322
  <param pos="1" name="os.version"/>
285
323
  </fingerprint>
324
+
286
325
  <fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
287
326
  <description>SUSE Linux Enterprise Desktop</description>
288
327
  <example os.version="11">SUSE SLED 11</example>
@@ -293,6 +332,7 @@
293
332
  <param pos="1" name="os.version"/>
294
333
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
295
334
  </fingerprint>
335
+
296
336
  <fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
297
337
  <description>SUSE Linux Enterprise Server</description>
298
338
  <example os.version="11">SUSE SLES 11</example>
@@ -303,6 +343,7 @@
303
343
  <param pos="1" name="os.version"/>
304
344
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
305
345
  </fingerprint>
346
+
306
347
  <fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
307
348
  <description>SLES Linux Enterprise Server</description>
308
349
  <example os.version="11">SLES 11</example>
@@ -313,6 +354,7 @@
313
354
  <param pos="1" name="os.version"/>
314
355
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
315
356
  </fingerprint>
357
+
316
358
  <fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
317
359
  <description>Ubuntu Linux</description>
318
360
  <example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
@@ -326,7 +368,9 @@
326
368
  <param pos="2" name="os.edition"/>
327
369
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
328
370
  </fingerprint>
371
+
329
372
  <!-- Ubuntu derivative -->
373
+
330
374
  <fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
331
375
  <description>Xubuntu Linux</description>
332
376
  <example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
@@ -338,17 +382,20 @@
338
382
  <param pos="1" name="os.version"/>
339
383
  <param pos="2" name="os.edition"/>
340
384
  </fingerprint>
385
+
341
386
  <fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
342
387
  <description>Photon Linux</description>
343
388
  <example>VMWare Photon Linux</example>
344
389
  <example os.version="1.0">VMWare Photon 1.0</example>
345
- <param pos="0" name="os.vendor" value="VMWare"/>
390
+ <param pos="0" name="os.vendor" value="VMware"/>
346
391
  <param pos="0" name="os.family" value="Linux"/>
347
392
  <param pos="0" name="os.product" value="Photon Linux"/>
348
393
  <param pos="1" name="os.version"/>
349
394
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
350
395
  </fingerprint>
396
+
351
397
  <!-- Vendor-based distribution catch-call -->
398
+
352
399
  <fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
353
400
  <description>Vendor-based Linux catch-all</description>
354
401
  <example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
@@ -358,7 +405,9 @@
358
405
  <param pos="1" name="os.vendor"/>
359
406
  <param pos="2" name="os.version"/>
360
407
  </fingerprint>
408
+
361
409
  <!-- Linux catch-all goes at the bottom-->
410
+
362
411
  <fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
363
412
  <description>Linux catch-all</description>
364
413
  <example os.version="2.42.6">Linux 2.42.6</example>
@@ -369,9 +418,13 @@
369
418
  <param pos="1" name="os.version"/>
370
419
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
371
420
  </fingerprint>
421
+
372
422
  <!-- Linux end -->
423
+
373
424
  <!-- Mac begin -->
425
+
374
426
  <!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
427
+
375
428
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
376
429
  <description>Mac OS 9</description>
377
430
  <example os.version="9">Mac OS 9</example>
@@ -382,6 +435,7 @@
382
435
  <param pos="1" name="os.version"/>
383
436
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
384
437
  </fingerprint>
438
+
385
439
  <fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
386
440
  <description>Mac OS X with version number</description>
387
441
  <example os.version="10.10.5">Mac OS X 10.10.5</example>
@@ -393,6 +447,7 @@
393
447
  <param pos="1" name="os.version"/>
394
448
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
395
449
  </fingerprint>
450
+
396
451
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
397
452
  <description>Mac OS X Cheetah</description>
398
453
  <example os.version="10.0">Mac OS X Cheetah</example>
@@ -402,6 +457,7 @@
402
457
  <param pos="0" name="os.version" value="10.0"/>
403
458
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
404
459
  </fingerprint>
460
+
405
461
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
406
462
  <description>Mac OS X Puma</description>
407
463
  <example os.version="10.1">Mac OS X Puma</example>
@@ -411,6 +467,7 @@
411
467
  <param pos="0" name="os.version" value="10.1"/>
412
468
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
413
469
  </fingerprint>
470
+
414
471
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
415
472
  <description>Mac OS X Jaguar</description>
416
473
  <example os.version="10.2">Mac OS X Jaguar</example>
@@ -420,6 +477,7 @@
420
477
  <param pos="0" name="os.version" value="10.2"/>
421
478
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
422
479
  </fingerprint>
480
+
423
481
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
424
482
  <description>Mac OS X Panther</description>
425
483
  <example os.version="10.3">Mac OS X Panther</example>
@@ -429,6 +487,7 @@
429
487
  <param pos="0" name="os.version" value="10.3"/>
430
488
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
431
489
  </fingerprint>
490
+
432
491
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
433
492
  <description>Mac OS X Tiger</description>
434
493
  <example os.version="10.4">Mac OS X Tiger</example>
@@ -438,6 +497,7 @@
438
497
  <param pos="0" name="os.version" value="10.4"/>
439
498
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
440
499
  </fingerprint>
500
+
441
501
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
442
502
  <description>Mac OS X Leopard</description>
443
503
  <example os.version="10.5">Mac OS X Leopard</example>
@@ -447,6 +507,7 @@
447
507
  <param pos="0" name="os.version" value="10.5"/>
448
508
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
449
509
  </fingerprint>
510
+
450
511
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
451
512
  <description>Mac OS X Snow Leopard</description>
452
513
  <example os.version="10.6">Mac OS X Snow Leopard</example>
@@ -456,6 +517,7 @@
456
517
  <param pos="0" name="os.version" value="10.6"/>
457
518
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
458
519
  </fingerprint>
520
+
459
521
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
460
522
  <description>Mac OS X Lion</description>
461
523
  <example os.version="10.7">Mac OS X Lion</example>
@@ -465,6 +527,7 @@
465
527
  <param pos="0" name="os.version" value="10.7"/>
466
528
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
467
529
  </fingerprint>
530
+
468
531
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
469
532
  <description>Mac OS X Mountain Lion</description>
470
533
  <example os.version="10.8">Mac OS X Mountain Lion</example>
@@ -474,6 +537,7 @@
474
537
  <param pos="0" name="os.version" value="10.8"/>
475
538
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
476
539
  </fingerprint>
540
+
477
541
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
478
542
  <description>Mac OS X Mavericks</description>
479
543
  <example os.version="10.9">Mac OS X Mavericks</example>
@@ -483,6 +547,7 @@
483
547
  <param pos="0" name="os.version" value="10.9"/>
484
548
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
485
549
  </fingerprint>
550
+
486
551
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
487
552
  <description>Mac OS X Yosemite</description>
488
553
  <example os.version="10.10">Mac OS X Yosemite</example>
@@ -492,6 +557,7 @@
492
557
  <param pos="0" name="os.version" value="10.10"/>
493
558
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
494
559
  </fingerprint>
560
+
495
561
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
496
562
  <description>Mac OS X El Capitan</description>
497
563
  <example os.version="10.11">Mac OS X El Capitan</example>
@@ -501,7 +567,9 @@
501
567
  <param pos="0" name="os.version" value="10.11"/>
502
568
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
503
569
  </fingerprint>
570
+
504
571
  <!-- This can also match Cisco IOS if the vendor name is not present. -->
572
+
505
573
  <fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
506
574
  <description>Apple iOS for iPhone and iPad</description>
507
575
  <example os.version="7.1.2">iOS 7.1.2</example>
@@ -514,8 +582,11 @@
514
582
  <param pos="0" name="os.device" value="Mobile"/>
515
583
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
516
584
  </fingerprint>
585
+
517
586
  <!-- Mac end -->
587
+
518
588
  <!-- BSD begin -->
589
+
519
590
  <fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
520
591
  <description>Many BSD family OSes</description>
521
592
  <example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
@@ -528,8 +599,11 @@
528
599
  <param pos="1" name="os.product"/>
529
600
  <param pos="2" name="os.version"/>
530
601
  </fingerprint>
602
+
531
603
  <!-- BSD end -->
604
+
532
605
  <!-- Other Unix-likes begin -->
606
+
533
607
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
534
608
  <description>OpenSolaris</description>
535
609
  <example os.version="2009.06">OpenSolaris 2009.06</example>
@@ -539,6 +613,7 @@
539
613
  <param pos="1" name="os.version"/>
540
614
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
541
615
  </fingerprint>
616
+
542
617
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
543
618
  <description>Solaris 11 and up</description>
544
619
  <example os.version="11.3">Solaris 11.3</example>
@@ -549,6 +624,7 @@
549
624
  <param pos="1" name="os.version"/>
550
625
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
551
626
  </fingerprint>
627
+
552
628
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
553
629
  <description>Solaris 7-10</description>
554
630
  <example os.version="7">Solaris 7</example>
@@ -561,6 +637,7 @@
561
637
  <param pos="1" name="os.version"/>
562
638
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
563
639
  </fingerprint>
640
+
564
641
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
565
642
  <description>SunOS/Solaris 5.7-5.10</description>
566
643
  <example os.version="7">SunOS 5.7</example>
@@ -571,6 +648,7 @@
571
648
  <param pos="1" name="os.version"/>
572
649
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
573
650
  </fingerprint>
651
+
574
652
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
575
653
  <description>Oracle/Solaris 5.11 and upwards</description>
576
654
  <example os.version="11">SunOS 5.11</example>
@@ -580,6 +658,7 @@
580
658
  <param pos="1" name="os.version"/>
581
659
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
582
660
  </fingerprint>
661
+
583
662
  <fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
584
663
  <description>IBM OSes</description>
585
664
  <example os.product="AIX">AIX</example>
@@ -595,6 +674,7 @@
595
674
  <param pos="1" name="os.product"/>
596
675
  <param pos="2" name="os.version"/>
597
676
  </fingerprint>
677
+
598
678
  <fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
599
679
  <description>HP OSes</description>
600
680
  <example os.product="HP-UX">HP-UX</example>
@@ -604,8 +684,11 @@
604
684
  <param pos="1" name="os.product"/>
605
685
  <param pos="2" name="os.version"/>
606
686
  </fingerprint>
687
+
607
688
  <!-- Other Unix-likes end -->
689
+
608
690
  <!-- Network equipment begin -->
691
+
609
692
  <fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
610
693
  <description>Juniper</description>
611
694
  <example>Junos</example>
@@ -615,7 +698,9 @@
615
698
  <param pos="1" name="os.product"/>
616
699
  <param pos="2" name="os.version"/>
617
700
  </fingerprint>
701
+
618
702
  <!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
703
+
619
704
  <fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
620
705
  <description>Cisco</description>
621
706
  <example>Cisco ASA</example>
@@ -625,5 +710,7 @@
625
710
  <param pos="1" name="os.product"/>
626
711
  <param pos="2" name="os.version"/>
627
712
  </fingerprint>
713
+
628
714
  <!-- Network equipment end -->
629
- </fingerprints>
715
+
716
+ </fingerprints>