recog 1.0.23 → 1.0.24
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +3 -1
- data/lib/recog/version.rb +1 -1
- data/xml/ntp_banners.xml +1 -1
- data/xml/pop_banners.xml +15 -0
- data/xml/ssh_banners.xml +38 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 674130c130153d8b1d3b54a3125a3c0312916c9b
|
|
4
|
+
data.tar.gz: f2f4babd89dcdb016aca74a9eae6fba99a359efb
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8f9e2d763ef6d607cfed4873628e7e4bdf1bb48aabb2f956a2c8c64d84698f28f8b8573f46b1fbad4f555bbc2aeb4e595ac7cd002ea7ec1b176d749225707ce9
|
|
7
|
+
data.tar.gz: 0908cb7d520fd1cf3efe1e5406e15ec160788ef86e5cc6885cb08325e066abb25c5b0be409808594a6da045978ca2c7a7d6b558fe1c23ee1a46badfecb175d45
|
data/README.md
CHANGED
|
@@ -3,7 +3,9 @@ Recog: A Recognition Framework
|
|
|
3
3
|
|
|
4
4
|
Recog is a framework for identifying products, services, operating systems, and hardware by matching fingerprints against data returned from various network probes. Recog makes it simple to extract useful information from web server banners, snmp system description fields, and a whole lot more. Recog is open source, please see the [LICENSE](https://raw.githubusercontent.com/rapid7/recog/master/LICENSE) file for more information.
|
|
5
5
|
|
|
6
|
-
[](http://badge.fury.io/rb/recog)
|
|
7
|
+
[](https://travis-ci.org/rapid7/recog)
|
|
8
|
+
|
|
7
9
|
==
|
|
8
10
|
|
|
9
11
|
## Installation
|
data/lib/recog/version.rb
CHANGED
data/xml/ntp_banners.xml
CHANGED
|
@@ -791,7 +791,7 @@ NTP "banners", taken from a readvar response
|
|
|
791
791
|
</example>
|
|
792
792
|
<param pos="0" name="service.family" value="NTP"/>
|
|
793
793
|
<param pos="0" name="service.product" value="NTP"/>
|
|
794
|
-
<param pos="0" name="os.vendor" value="
|
|
794
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
|
795
795
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
796
796
|
<param pos="1" name="service.version"/>
|
|
797
797
|
<param pos="2" name="os.arch"/>
|
data/xml/pop_banners.xml
CHANGED
|
@@ -225,6 +225,21 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
225
225
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
226
226
|
</fingerprint>
|
|
227
227
|
|
|
228
|
+
<fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+), .*$">
|
|
229
|
+
<description>TCP/IP Services for OpenVMS POP server</description>
|
|
230
|
+
<example os.version="7.3-2" host.name="example.com">TCPIP POP server V5.4J-15A, OpenVMS V7.3-2 Alpha at example.com, up since 2015-02-12 08:44:53 20400434.2</example>
|
|
231
|
+
<!--V5.4J-15A refers to TCP/IP Services for OpenVMS version-->
|
|
232
|
+
<param pos="0" name="service.family" value="OpenVMS"/>
|
|
233
|
+
<param pos="0" name="service.product" value="TCPIP POP server"/>
|
|
234
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
|
235
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
|
236
|
+
<param pos="0" name="os.family" value="OpenVMS"/>
|
|
237
|
+
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
238
|
+
<param pos="0" name="os.device" value="General"/>
|
|
239
|
+
<param pos="1" name="os.version"/>
|
|
240
|
+
<param pos="2" name="host.name"/>
|
|
241
|
+
</fingerprint>
|
|
242
|
+
|
|
228
243
|
<!--
|
|
229
244
|
|
|
230
245
|
; Mandrake 8.1 - uses UW IMAP
|
data/xml/ssh_banners.xml
CHANGED
|
@@ -777,7 +777,7 @@ fingerprint SSH servers.
|
|
|
777
777
|
<param pos="0" name="os.family" value="Windows"/>
|
|
778
778
|
<param pos="0" name="os.product" value="Windows"/>
|
|
779
779
|
</fingerprint>
|
|
780
|
-
|
|
780
|
+
|
|
781
781
|
<fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
|
|
782
782
|
<description>SSH on H3C Comware</description>
|
|
783
783
|
<example os.version="5.20.105">Comware-5.20.105</example>
|
|
@@ -789,6 +789,43 @@ fingerprint SSH servers.
|
|
|
789
789
|
<param pos="0" name="os.family" value="Comware"/>
|
|
790
790
|
<param pos="1" name="os.version"/>
|
|
791
791
|
</fingerprint>
|
|
792
|
+
|
|
793
|
+
<fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d\.\d$">
|
|
794
|
+
<description>SSH for OpenVMS </description>
|
|
795
|
+
<example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
|
|
796
|
+
<!--V5.5 refers to TCP/IP Services for OpenVMS version -->
|
|
797
|
+
<param pos="1" name="service.component.version"/>
|
|
798
|
+
<param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
|
|
799
|
+
<param pos="0" name="service.component.family" value="SSH Secure Shell"/>
|
|
800
|
+
<param pos="0" name="service.component.product" value="SSH Secure Shell"/>
|
|
801
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
|
802
|
+
<param pos="0" name="service.family" value="OpenVMS"/>
|
|
803
|
+
<param pos="0" name="service.product" value="SSH Server"/>
|
|
804
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
|
805
|
+
<param pos="0" name="os.device" value="General"/>
|
|
806
|
+
<param pos="0" name="os.family" value="OpenVMS"/>
|
|
807
|
+
<param pos="0" name="os.certainty" value="0.75"/>
|
|
808
|
+
</fingerprint>
|
|
809
|
+
|
|
810
|
+
<fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
|
|
811
|
+
<description>SSH for OpenVMS sftp</description>
|
|
812
|
+
<example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
|
|
813
|
+
<example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
|
|
814
|
+
<!--V5.5 refers to TCP/IP Services for OpenVMS version -->
|
|
815
|
+
<param pos="1" name="service.component.version"/>
|
|
816
|
+
<param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
|
|
817
|
+
<param pos="0" name="service.component.family" value="SSH Secure Shell"/>
|
|
818
|
+
<param pos="0" name="service.component.product" value="SSH Secure Shell"/>
|
|
819
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
|
820
|
+
<param pos="0" name="service.family" value="OpenVMS"/>
|
|
821
|
+
<param pos="0" name="service.product" value="VMS SFTP Server"/>
|
|
822
|
+
<param pos="2" name="service.version"/>
|
|
823
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
|
824
|
+
<param pos="0" name="os.device" value="General"/>
|
|
825
|
+
<param pos="0" name="os.family" value="OpenVMS"/>
|
|
826
|
+
<param pos="0" name="os.certainty" value="0.75"/>
|
|
827
|
+
</fingerprint>
|
|
828
|
+
|
|
792
829
|
<!--
|
|
793
830
|
1.2.22j4rad
|
|
794
831
|
2.40
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0.
|
|
4
|
+
version: 1.0.24
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rapid7 Research
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-03-
|
|
11
|
+
date: 2015-03-25 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|