recog 1.0.1 → 1.0.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f8733f7ff4f55fc69c2cecd58f5fbd7463c4901e
-  data.tar.gz: efba2831830120c2d9926a1f394b42783e1e9217
+  metadata.gz: 7190197345bed621faf776482bf3ca8ca6cb210b
+  data.tar.gz: b57dc8676f172febcfa71c665ac577466b0e6a00
 SHA512:
-  metadata.gz: dec5ea7cfb2baa55c2ec7ecb555d899f2ba0d28579548b5a34f4b4e144c28eddc6057f0fb29731dd01e566118a9d90d459a577d1845230517afca544b153af7f
-  data.tar.gz: 6dd37f82c514a9dfc56faede90bb3e027f4e1284a637540c549e1dafd5aac3af36bf991d23cc6d92e69fe0323b17d20ff4570afd15361581659fa74d3d6e0f37
+  metadata.gz: 0dcbd96cbeade329a7e83ff5491235a09184a264cc2aa9d6214882ef6c56a269428cc08622cc20dacafe1c2969d72edfd5b14b9928e21a0c4da23d3f347a1e8e
+  data.tar.gz: 1a2f1daceec5aea2f18f0f34726ebeab296cc7622115a77ac4067fccf00fe3ccd9c8792f4b7c312ddecb6859e66e7f0449bffeb6a42758d64cc0d47a630afb3a

data/lib/recog/version.rb

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = "1.0.1"
+  VERSION = "1.0.2"
 end

data/spec/lib/fingerprint_self_test_spec.rb

@@ -12,7 +12,8 @@ describe Recog::DB do
         expect(db.match_key).not_to be_empty
       end
 
-      db.fingerprints.each do |fp|
+      db.fingerprints.each_index do |i|
+        fp = db.fingerprints[i]
 
         context "#{fp.regex}" do
 
@@ -37,12 +38,22 @@ describe Recog::DB do
           # end
 
           fp.tests.each do |example|
-            it "passes self-test #{example.content.gsub(/\s+/, ' ')[0,32]}..." do
+            it "Example '#{example.content}' matches this regex" do
               match = fp.match(example.content)
-              expect(match).to_not be_nil
+              expect(match).to_not be_nil, 'Regex did not match'
               # test any extractions specified in the example
               example.attributes.each_pair do |k,v|
-                expect(match[k]).to eq(v)
+                expect(match[k]).to eq(v), "Regex didn't extracted expected value for fingerprint attribute #{k}"
+              end
+            end
+
+            it "Example '#{example.content}' matches this regex first" do
+              db.fingerprints.slice(0, i).each_index do |previous_i|
+                prev_fp = db.fingerprints[previous_i]
+                prev_fp.tests.each do |prev_example|
+                  match = prev_fp.match(example.content)
+                  expect(match).to be_nil, "Matched regex ##{previous_i} (#{db.fingerprints[previous_i].regex}) rather than ##{i} (#{db.fingerprints[i].regex})"
+                end
               end
             end
           end

data/xml/ntp_banners.xml

@@ -419,17 +419,6 @@ NTP "banners", taken from a readvar response
     <param pos="0" name="os.family" value="Solaris"/>
     <param pos="0" name="os.product" value="Solaris"/>
   </fingerprint>
-  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
-    <description>Juniper/Netscreen JunOS NTP without a version</description>
-    <example>processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
-    <example>processor="i386", system="JUNOS6.4R1.6", leap=3, stratum=16</example>
-    <example>processor="i386", system="JUNOS5.5R2.3", leap=0, stratum=3</example>
-    <param pos="0" name="os.vendor" value="Juniper"/>
-    <param pos="0" name="os.family" value="Junos"/>
-    <param pos="0" name="os.product" value="Junos OS"/>
-    <param pos="2" name="os.arch"/>
-    <param pos="3" name="os.version"/>
-  </fingerprint>
   <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on Juniper/Netscreen JunOS</description>
     <example>
@@ -445,6 +434,17 @@ NTP "banners", taken from a readvar response
     <param pos="2" name="os.arch"/>
     <param pos="3" name="os.version"/>
   </fingerprint>
+  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;JUNOS/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
+    <description>Juniper/Netscreen JunOS NTP without a version</description>
+    <example>processor="i386", system="JUNOS7.0R2.7", leap=0, stratum=3</example>
+    <example>processor="i386", system="JUNOS6.4R1.6", leap=3, stratum=16</example>
+    <example>processor="i386", system="JUNOS5.5R2.3", leap=0, stratum=3</example>
+    <param pos="0" name="os.vendor" value="Juniper"/>
+    <param pos="0" name="os.family" value="Junos"/>
+    <param pos="0" name="os.product" value="Junos OS"/>
+    <param pos="2" name="os.arch"/>
+    <param pos="3" name="os.version"/>
+  </fingerprint>
   <fingerprint pattern="^.*version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;Windows/?([^ ]+)?&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on Windows</description>
     <example>

data/xml/smb_native_os.xml

@@ -262,6 +262,16 @@
       <param pos="4" name="os.version"/>
    </fingerprint>
 
+   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
+      <description>Windows 7/8 (SP)</description>
+      <example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
+      <param pos="0" name="os.certainty" value="1.0"/>
+      <param pos="0" name="os.vendor" value="Microsoft"/>
+      <param pos="1" name="os.product"/>
+      <param pos="2" name="os.build"/>
+      <param pos="3" name="os.version"/>
+   </fingerprint>
+
    <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
       <description>Windows 7/8 (Edition)</description>
       <example os.edition="Enterprise">Windows 7 Enterprise 7600</example>
@@ -274,16 +284,6 @@
       <param pos="3" name="os.build"/>
    </fingerprint>
 
-   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
-      <description>Windows 7/8 (SP)</description>
-      <example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
-      <param pos="0" name="os.certainty" value="1.0"/>
-      <param pos="0" name="os.vendor" value="Microsoft"/>
-      <param pos="1" name="os.product"/>
-      <param pos="2" name="os.build"/>
-      <param pos="3" name="os.version"/>
-   </fingerprint>
-
    <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+)$">
       <description>Windows 7/8</description>
       <example>Windows 8 9200</example>

data/xml/snmp_sysdescr.xml

@@ -1895,7 +1895,6 @@ Copyright (c) 1995-2005 by Cisco Systems
       <example>Dell Laser Printer 5100cn (Net 6.26, Controller 200408201123, Engine 01.00.04)</example>
       <example>Dell Color Laser 3110cn; Net 8.29, Controller 200604102121, Engine 05.03.00</example>
       <example>Dell Color Laser 5110cn; Net 11.33, Controller 200612011020, Engine 01.03.00</example>
-      <example>Dell 2135cn MFP; Net 12.10, Controller 200903191302, Engine 03.00.10</example>
       <example>Dell 1235cn; V1.70.01.06 Nov-14-2008;Engine 1.77.74;NIC V4.00.54 10-31-2008;S/N GJ8TJH1</example>
       <example>Dell 1235cn; V1.70.01.08 Jan-29-2009;Engine 1.77.77;NIC V4.00.54 10-31-2008;S/N 9SMWJH1</example>
       <param pos="0" name="os.vendor" value="Dell"/>
@@ -1938,15 +1937,6 @@ Copyright (c) 1995-2005 by Cisco Systems
       <param pos="1" name="os.product"/>
    </fingerprint>
 
-   <fingerprint pattern="^Dell (\d{4}d?n) MFP.*$">
-      <description>Dell Laser Printer</description>
-      <example>Dell 2335dn MFP; 2.70.03.02;Engine 1.10.65;NIC V4.01.30(2335dn MFP) 02-05-2010;S/N JQF9FG1</example>
-      <param pos="0" name="os.vendor" value="Dell"/>
-      <param pos="0" name="os.family" value="Laser Printer"/>
-      <param pos="0" name="os.device" value="Multifunction Device"/>
-      <param pos="1" name="os.product"/>
-   </fingerprint>
-
    <fingerprint pattern="^DELL Tape Library Remote Management Card$">
       <description>Dell PowerVault Tape Library</description>
       <example>DELL Tape Library Remote Management Card</example>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.0.2
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2014-10-08 00:00:00.000000000 Z
+date: 2014-10-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec