RubyGems - recog - Versions diffs - 1.0.24 → 1.0.25 - Mend

recog 1.0.24 → 1.0.25

Files changed (5) hide show

@@ -0,0 +1,129 @@
+<?xml version="1.0"?>
+<!--
+     Upon successful connection to an MySQL/derivative TCP endpoint, if
+     the connecting client is not allowed to speak to the MySQL service (for
+     example, it has been blocked for too many failed password attempts or it
+     isn't explicitly allowed to connect from this client), the first packet
+     received will contain an error message that is used to inform the client
+     of this failure prior to forcibly disconnecting the client:
+     $  mysql -u root -h mysql.example.com
+     ERROR 1130 (HY000): Host '192.168.0.100' is not allowed to connect to this MySQL server
+     This free-form field starts at the 7th byte and ends at the end of the TCP
+     payload.  The fingerprints below are used to match and extract from this field.
+-->
+<fingerprints matches="mysql.error">
+  <fingerprint pattern="^(?:#HY000)?Host '[^']+' is not allowed to connect to this MySQL server$">
+    <example>Host '10.10.10.10' is not allowed to connect to this MySQL server</example>
+    <example>#HY000Host '10.10.10.10' is not allowed to connect to this MySQL server</example>
+    <description>Oracle MySQL - Error: Host not allowed to connect (English)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^(?:#HY000)?Host '[^']+' is blocked because of many connection errors.\s{1,2}[Uu]nblock with 'mysqladmin flush-hosts'$">
+    <example>Host '10.10.10.10' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts'</example>
+    <example>Host '10.10.10.10' is blocked because of many connection errors.  Unblock with 'mysqladmin flush-hosts'</example>
+    <description>Oracle MySQL - Error: Blocked, too many errors from this host</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Host '[^']+' is not allowed to connect to this MariaDB server$">
+    <example>Host '10.10.10.10' is not allowed to connect to this MariaDB server</example>
+    <description>MariaDB MariaDB - Error: Host not allowed to connect (English) </description>
+    <param pos="0" name="service.vendor" value="MariaDB"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MariaDB"/>
+  </fingerprint>
+  <fingerprint pattern="^Le h.te '[^']+' n'est pas authoris. . se connecter . ce serveur MySQL$">
+    <example>Le h�te '10.10.10.10' n'est pas authoris� � se connecter � ce serveur MySQL</example>
+    <description>Oracle MySQL - Error: Host not allowed to connect (French)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^'Host' '[^']+' n.o tem permiss.o para se conectar com este servidor MySQL$">
+    <example>'Host' '10.10.10.10' n�o tem permiss�o para se conectar com este servidor MySQL</example>
+    <description>Oracle MySQL - Error: Host not allowed to connect (Spanish)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Host.+?hat keine Berechtigung,.+?diesem MySQL">
+    <example>Host '10.10.10.10' hat keine Berechtigung, sich mit diesem MySQL-Server zu verbinden</example>
+    <example>Host hat keine Berechtigung, eine Verbindung zu diesem MySQL Server herzustellen.</example>
+    <description>Oracle MySQL - Error: Host not allowed to connect (German)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Host.+?blockiert wegen zu vieler Verbindungsfehler. Aufheben der Blockierung mit 'mysqladmin flush-hosts'">
+    <example>Host blockiert wegen zu vieler Verbindungsfehler. Aufheben der Blockierung mit 'mysqladmin flush-hosts'.</example>
+    <example>Host '10.10.10.10' blockiert wegen zu vieler Verbindungsfehler. Aufheben der Blockierung mit 'mysqladmin flush-hosts'</example>
+    <description>Oracle MySQL - Error: Blocked, too many errors from this host (German)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^L'h.+?est bloqu.+?cause d'un trop grand nombre d'erreur de connexion\..+?bloquer le par 'mysqladmin flush-hosts'">
+    <example>L'h�te '10.10.10.10' est bloqu� � cause d'un trop grand nombre d'erreur de connexion. D�bloquer le par 'mysqladmin flush-hosts'</example>
+    <description>Oracle MySQL - Error: Blocked, too many errors from this host (French)</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Can't create a new thread \(errno -?\d{1,2}\)">
+    <example>Can't create a new thread (errno -1); if you are not out of available memory, you can consult the manual for a possible OS-dependent bug</example>
+    <example>Can't create a new thread (errno 12); if you are not out of available memory, you can consult the manual for a possible OS-dependent bug</example>
+    <example>Can't create a new thread (errno 35); if you are not out of available memory, you can consult the manual for a possible OS-dependent bug</example>
+    <description>Oracle MySQL - Error: Out of memory</description>
+    <description>Oracle MySQL - Error: Out of memory</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Too many connections$">
+    <example>Too many connections</example>
+    <description>Oracle MySQL - Error: Too many connections</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^Can't get hostname for your address$">
+    <example>Can't get hostname for your address</example>
+    <description>Oracle MySQL - Error: Unable to resolve client hostname</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL"/>
+  </fingerprint>
+  <fingerprint pattern="^#07000Proxy Warning - IP Forbidden$">
+    <example>#07000Proxy Warning - IP Forbidden</example>
+    <description>Oracle MySQL Proxy - Error: Host not allowed to connect</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL Proxy"/>
+  </fingerprint>
+  <fingerprint pattern="^\(proxy\) all backends are down$">
+    <example>(proxy) all backends are down</example>
+    <description>Oracle MySQL Proxy - Error: Backends down</description>
+    <param pos="0" name="service.vendor" value="Oracle"/>
+    <param pos="0" name="service.family" value="MySQL"/>
+    <param pos="0" name="service.product" value="MySQL Proxy"/>
+  </fingerprint>
+  <!-- Error code reference: http://dev.mysql.com/doc/refman/5.5/en/error-messages-server.html -->
+</fingerprints>

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 1.0.24
+  version: 1.0.25
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2015-03-25 00:00:00.000000000 Z
+date: 2015-03-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -183,6 +183,8 @@ files:
 - xml/http_servers.xml
 - xml/http_wwwauth.xml
 - xml/imap_banners.xml
+- xml/mysql_banners.xml
+- xml/mysql_error.xml
 - xml/nntp_banners.xml
 - xml/ntp_banners.xml
 - xml/pop_banners.xml