recog 2.0.13 → 2.0.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +19 -6
- data/features/{xml → data}/failing_banners_fingerprints.xml +0 -0
- data/features/{xml → data}/matching_banners_fingerprints.xml +0 -0
- data/features/{xml → data}/no_tests.xml +0 -0
- data/features/{xml/banners.xml → data/sample_banner.txt} +0 -0
- data/features/{xml → data}/successful_tests.xml +0 -0
- data/features/{xml → data}/tests_with_failures.xml +0 -0
- data/features/{xml → data}/tests_with_warnings.xml +0 -0
- data/features/match.feature +2 -2
- data/features/support/env.rb +1 -1
- data/lib/recog/version.rb +1 -1
- data/misc/order.xsl +17 -0
- data/spec/lib/fingerprint_self_test_spec.rb +8 -0
- data/xml/apache_os.xml +270 -334
- data/xml/architecture.xml +28 -41
- data/xml/fingerprints.xsd +37 -0
- data/xml/ftp_banners.xml +52 -58
- data/xml/h323_callresp.xml +597 -695
- data/xml/hp_pjl_id.xml +370 -409
- data/xml/http_cookies.xml +304 -348
- data/xml/http_servers.xml +3202 -3483
- data/xml/http_wwwauth.xml +342 -409
- data/xml/imap_banners.xml +149 -190
- data/xml/mdns_device-info_txt.xml +97 -111
- data/xml/mdns_workstation_txt.xml +6 -6
- data/xml/mysql_banners.xml +99 -198
- data/xml/mysql_error.xml +4 -11
- data/xml/nntp_banners.xml +42 -45
- data/xml/ntp_banners.xml +2 -3
- data/xml/pop_banners.xml +214 -247
- data/xml/rsh_resp.xml +68 -76
- data/xml/sip_banners.xml +19 -19
- data/xml/sip_user_agents.xml +63 -74
- data/xml/smb_native_os.xml +387 -433
- data/xml/smtp_banners.xml +1318 -1460
- data/xml/smtp_debug.xml +24 -27
- data/xml/smtp_ehlo.xml +19 -22
- data/xml/smtp_expn.xml +61 -70
- data/xml/smtp_help.xml +139 -160
- data/xml/smtp_mailfrom.xml +14 -16
- data/xml/smtp_noop.xml +28 -31
- data/xml/smtp_quit.xml +16 -18
- data/xml/smtp_rcptto.xml +8 -10
- data/xml/smtp_rset.xml +12 -13
- data/xml/smtp_turn.xml +12 -13
- data/xml/smtp_vrfy.xml +66 -76
- data/xml/snmp_sysdescr.xml +7257 -8016
- data/xml/snmp_sysobjid.xml +392 -434
- data/xml/ssh_banners.xml +783 -867
- data/xml/upnp_banners.xml +594 -628
- metadata +11 -9
data/xml/http_wwwauth.xml
CHANGED
@@ -1,409 +1,346 @@
|
|
1
|
-
<?xml version="1.0"?>
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
2
2
|
<!-- HTTP WWW-Authenticate headers are matched against these patterns to fingerprint HTTP servers. -->
|
3
|
-
|
4
3
|
<fingerprints matches="http_header.wwwauth">
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
<param pos="0" name="os.vendor" value="Thomson"/>
|
116
|
-
<param pos="0" name="os.device" value="Broadband router"/>
|
117
|
-
<param pos="0" name="os.family" value="SpeedTouch"/>
|
118
|
-
<param pos="0" name="os.product" value="SpeedTouch"/>
|
119
|
-
<param pos="1" name="host.mac"/>
|
120
|
-
</fingerprint>
|
121
|
-
|
122
|
-
<fingerprint pattern="^(?:Basic|Digest) realm=.ST (\d+) R 5.x Telecom Italia., nonce=.[0-9A-Z]+:([0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}):\d+:\d+., qop=.auth.$">
|
123
|
-
<!-- Digest realm="ST 605 R 5.x Telecom Italia", nonce="0618JT3JZ:00-14-7F-32-27-C6:1738017:895089", qop="auth" -->
|
124
|
-
<description>Thomson SpeedTouch xDSL routers</description>
|
125
|
-
<param pos="0" name="service.vendor" value="Thomson"/>
|
126
|
-
<param pos="0" name="service.product" value="SpeedTouch"/>
|
127
|
-
<param pos="0" name="service.family" value="SpeedTouch"/>
|
128
|
-
<param pos="0" name="os.vendor" value="Thomson"/>
|
129
|
-
<param pos="0" name="os.device" value="Broadband router"/>
|
130
|
-
<param pos="0" name="os.family" value="SpeedTouch"/>
|
131
|
-
<param pos="1" name="os.product"/>
|
132
|
-
<param pos="2" name="host.mac"/>
|
133
|
-
</fingerprint>
|
134
|
-
|
135
|
-
<fingerprint pattern="^(?:Basic|Digest) realm=.(?:SmartAX )?(MT\d+[^ ]*)(?: ADSL Router)?.$">
|
136
|
-
<!-- Basic realm="SmartAX MT880"
|
137
|
-
Basic Realm="MT800"
|
138
|
-
Basic realm="MT880r-T ADSL Router"
|
139
|
-
-->
|
140
|
-
<description>Huawei xDSL routers</description>
|
141
|
-
<param pos="0" name="service.vendor" value="Huawei"/>
|
142
|
-
<param pos="0" name="service.family" value="MT"/>
|
143
|
-
<param pos="1" name="service.product"/>
|
144
|
-
<param pos="0" name="os.vendor" value="Huawei"/>
|
145
|
-
<param pos="0" name="os.device" value="Broadband router"/>
|
146
|
-
<param pos="0" name="os.family" value="MT"/>
|
147
|
-
<param pos="1" name="os.product"/>
|
148
|
-
</fingerprint>
|
149
|
-
|
150
|
-
<fingerprint pattern="^(?:Basic|Digest) realm=.WRT54G.$">
|
151
|
-
<!--
|
152
|
-
Basic realm="WRT54G"
|
153
|
-
-->
|
154
|
-
<description>Linksys WRT54G wireless access point
|
4
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.[iI]RMC(?:@(IRMC[0-9a-fA-F]{6}))?..*$">
|
5
|
+
<description>Fujitsu Siemens Primergy with BMC RemoteView on an iRMC card</description>
|
6
|
+
<param pos="0" name="service.vendor" value="Fujitsu Siemens"/>
|
7
|
+
<param pos="0" name="service.product" value="RemoteView"/>
|
8
|
+
<param pos="0" name="service.family" value="RemoteView"/>
|
9
|
+
<param pos="0" name="hw.vendor" value="Fujitsu Siemens"/>
|
10
|
+
<param pos="0" name="hw.device" value="General"/>
|
11
|
+
<param pos="0" name="hw.family" value="Primergy"/>
|
12
|
+
<param pos="0" name="hw.product" value="Primergy"/>
|
13
|
+
<param pos="1" name="host.name"/>
|
14
|
+
</fingerprint>
|
15
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.access.$">
|
16
|
+
<description>Cisco IOS 11.x</description>
|
17
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
18
|
+
<param pos="0" name="service.product" value="IOS"/>
|
19
|
+
<param pos="0" name="service.family" value="IOS"/>
|
20
|
+
<param pos="0" name="service.version" value="11"/>
|
21
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
22
|
+
<param pos="0" name="os.device" value="Router"/>
|
23
|
+
<param pos="0" name="os.family" value="IOS"/>
|
24
|
+
<param pos="0" name="os.product" value="IOS"/>
|
25
|
+
<param pos="0" name="os.version" value="11"/>
|
26
|
+
</fingerprint>
|
27
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.level[ _]15[ _]or[ _]view[ _]access.$">
|
28
|
+
<description>Cisco IOS 12.x</description>
|
29
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
30
|
+
<param pos="0" name="service.product" value="IOS"/>
|
31
|
+
<param pos="0" name="service.family" value="IOS"/>
|
32
|
+
<param pos="0" name="service.version" value="12"/>
|
33
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
34
|
+
<param pos="0" name="os.device" value="Router"/>
|
35
|
+
<param pos="0" name="os.family" value="IOS"/>
|
36
|
+
<param pos="0" name="os.product" value="IOS"/>
|
37
|
+
<param pos="0" name="os.version" value="12"/>
|
38
|
+
</fingerprint>
|
39
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.level[ _]\d\d?[ _]access.$">
|
40
|
+
<description>Cisco IOS 12.x</description>
|
41
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
42
|
+
<param pos="0" name="service.product" value="IOS"/>
|
43
|
+
<param pos="0" name="service.family" value="IOS"/>
|
44
|
+
<param pos="0" name="service.version" value="12"/>
|
45
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
46
|
+
<param pos="0" name="os.device" value="Router"/>
|
47
|
+
<param pos="0" name="os.family" value="IOS"/>
|
48
|
+
<param pos="0" name="os.product" value="IOS"/>
|
49
|
+
<param pos="0" name="os.version" value="12"/>
|
50
|
+
</fingerprint>
|
51
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.FW-1. Reason: no user Server .$">
|
52
|
+
<description>Check Point FireWall-1</description>
|
53
|
+
<param pos="0" name="service.vendor" value="Check Point"/>
|
54
|
+
<param pos="0" name="service.product" value="Firewall-1"/>
|
55
|
+
<param pos="0" name="service.family" value="Firewall-1"/>
|
56
|
+
<param pos="0" name="os.vendor" value="Check Point"/>
|
57
|
+
<param pos="0" name="os.device" value="Firewall"/>
|
58
|
+
<param pos="0" name="os.family" value="Firewall-1"/>
|
59
|
+
<param pos="0" name="os.product" value="Firewall-1"/>
|
60
|
+
</fingerprint>
|
61
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.APC Management Card.$">
|
62
|
+
<description>APC device</description>
|
63
|
+
<param pos="0" name="service.vendor" value="APC"/>
|
64
|
+
<param pos="0" name="service.product" value="HTTP"/>
|
65
|
+
<param pos="0" name="os.vendor" value="APC"/>
|
66
|
+
<param pos="0" name="os.product" value="Unknown"/>
|
67
|
+
<param pos="0" name="os.device" value="Power device"/>
|
68
|
+
</fingerprint>
|
69
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.SpeedTouch \(([0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2})\).$">
|
70
|
+
<description>Thomson SpeedTouch xDSL routers</description>
|
71
|
+
<param pos="0" name="service.vendor" value="Thomson"/>
|
72
|
+
<param pos="0" name="service.product" value="SpeedTouch"/>
|
73
|
+
<param pos="0" name="service.family" value="SpeedTouch"/>
|
74
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
75
|
+
<param pos="0" name="os.device" value="Broadband router"/>
|
76
|
+
<param pos="0" name="os.family" value="SpeedTouch"/>
|
77
|
+
<param pos="0" name="os.product" value="SpeedTouch"/>
|
78
|
+
<param pos="1" name="host.mac"/>
|
79
|
+
</fingerprint>
|
80
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.SpeedTouch., nonce=.[0-9A-Z]+:([0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}):\d+:\d+., qop=.auth.$">
|
81
|
+
<description>Thomson SpeedTouch xDSL routers</description>
|
82
|
+
<param pos="0" name="service.vendor" value="Thomson"/>
|
83
|
+
<param pos="0" name="service.product" value="SpeedTouch"/>
|
84
|
+
<param pos="0" name="service.family" value="SpeedTouch"/>
|
85
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
86
|
+
<param pos="0" name="os.device" value="Broadband router"/>
|
87
|
+
<param pos="0" name="os.family" value="SpeedTouch"/>
|
88
|
+
<param pos="0" name="os.product" value="SpeedTouch"/>
|
89
|
+
<param pos="1" name="host.mac"/>
|
90
|
+
</fingerprint>
|
91
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.ST (\d+) R 5.x Telecom Italia., nonce=.[0-9A-Z]+:([0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}-[0-9A-F]{2}):\d+:\d+., qop=.auth.$">
|
92
|
+
<description>Thomson SpeedTouch xDSL routers</description>
|
93
|
+
<param pos="0" name="service.vendor" value="Thomson"/>
|
94
|
+
<param pos="0" name="service.product" value="SpeedTouch"/>
|
95
|
+
<param pos="0" name="service.family" value="SpeedTouch"/>
|
96
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
97
|
+
<param pos="0" name="os.device" value="Broadband router"/>
|
98
|
+
<param pos="0" name="os.family" value="SpeedTouch"/>
|
99
|
+
<param pos="1" name="os.product"/>
|
100
|
+
<param pos="2" name="host.mac"/>
|
101
|
+
</fingerprint>
|
102
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.(?:SmartAX )?(MT\d+[^ ]*)(?: ADSL Router)?.$">
|
103
|
+
<description>Huawei xDSL routers</description>
|
104
|
+
<param pos="0" name="service.vendor" value="Huawei"/>
|
105
|
+
<param pos="0" name="service.family" value="MT"/>
|
106
|
+
<param pos="1" name="service.product"/>
|
107
|
+
<param pos="0" name="os.vendor" value="Huawei"/>
|
108
|
+
<param pos="0" name="os.device" value="Broadband router"/>
|
109
|
+
<param pos="0" name="os.family" value="MT"/>
|
110
|
+
<param pos="1" name="os.product"/>
|
111
|
+
</fingerprint>
|
112
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.WRT54G.$">
|
113
|
+
<description>Linksys WRT54G wireless access point
|
155
114
|
(dozen of variants of the product)</description>
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
|
231
|
-
|
232
|
-
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
<
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
<
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
<
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
346
|
-
<
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
353
|
-
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
</
|
366
|
-
|
367
|
-
|
368
|
-
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
<
|
378
|
-
|
379
|
-
|
380
|
-
|
381
|
-
</
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
<example>Negotiate</example>
|
386
|
-
</fingerprint>
|
387
|
-
|
388
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="null"">
|
389
|
-
<description>Ignore null</description>
|
390
|
-
<example>Basic realm="null"</example>
|
391
|
-
</fingerprint>
|
392
|
-
|
393
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)".*$">
|
394
|
-
<description>Ignore realms with an IPv4 address</description>
|
395
|
-
<example>Basic realm="192.168.0.1"</example>
|
396
|
-
<example>Digest qop="auth", realm="172.16.0.1", nonce="AAAAAAAAAAAAAP//DwHpM0IvM78=", algorithm="MD5"</example>
|
397
|
-
</fingerprint>
|
398
|
-
|
399
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="config".*$">
|
400
|
-
<description>Ignore generic 'config' realms</description>
|
401
|
-
<example>Digest realm="config", nonce="1155041914", algorithm="MD5", qop="auth"</example>
|
402
|
-
</fingerprint>
|
403
|
-
|
404
|
-
|
405
|
-
|
406
|
-
<!--
|
115
|
+
<param pos="0" name="os.vendor" value="Linksys"/>
|
116
|
+
<param pos="0" name="os.device" value="WAP"/>
|
117
|
+
<param pos="0" name="os.product" value="WRT54G"/>
|
118
|
+
</fingerprint>
|
119
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.(TD-[VW8][A-Z0-9]+)(?:| \d+\.\d+).$">
|
120
|
+
<description>TP-LINK SoHo Router</description>
|
121
|
+
<example>Basic realm="TD-W8901G"</example>
|
122
|
+
<example>Basic realm="TD-8817"</example>
|
123
|
+
<example>Basic realm="TD-8840T"</example>
|
124
|
+
<example>Basic realm="TD-W8101G"</example>
|
125
|
+
<example>Basic realm="TD-W8961ND"</example>
|
126
|
+
<example>Basic realm="TD-W8951ND"</example>
|
127
|
+
<example>Basic realm="TD-8816"</example>
|
128
|
+
<example>Basic realm="TD-8840T 2.0"</example>
|
129
|
+
<example>Basic realm="TD-W8151N"</example>
|
130
|
+
<example>Basic realm="TD-8817 2.0"</example>
|
131
|
+
<example>Basic realm="TD-W8901GB"</example>
|
132
|
+
<example>Basic realm="TD-W8901G 3.0"</example>
|
133
|
+
<example>Basic realm="TD-8820"</example>
|
134
|
+
<example>Basic realm="TD-W8961NB"</example>
|
135
|
+
<example>Basic realm="TD-8811"</example>
|
136
|
+
<example>Basic realm="TD-8816 1.0"</example>
|
137
|
+
<example>Basic realm="TD-W8951NB"</example>
|
138
|
+
<example>Basic realm="TD-W8901N"</example>
|
139
|
+
<example>Basic realm="TD-8816 2.0"</example>
|
140
|
+
<example>Basic realm="TD-8840TB"</example>
|
141
|
+
<example>Basic realm="TD-8817 1.0"</example>
|
142
|
+
<example>Basic realm="TD-8816B"</example>
|
143
|
+
<example>Basic realm="TD-8817B"</example>
|
144
|
+
<example>Basic realm="TD-8820 1.0"</example>
|
145
|
+
<example>Basic realm="TD-8616"</example>
|
146
|
+
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
147
|
+
<param pos="0" name="os.device" value="Router"/>
|
148
|
+
<param pos="1" name="os.product"/>
|
149
|
+
</fingerprint>
|
150
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.(TD8[A-Z0-9]+).$">
|
151
|
+
<description>TP-LINK SoHo Router</description>
|
152
|
+
<example>Basic realm="TD854W"</example>
|
153
|
+
<example>Basic realm="TD811"</example>
|
154
|
+
<example>Basic realm="TD821"</example>
|
155
|
+
<example>Basic realm="TD841"</example>
|
156
|
+
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
157
|
+
<param pos="0" name="os.device" value="Router"/>
|
158
|
+
<param pos="1" name="os.product"/>
|
159
|
+
</fingerprint>
|
160
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.TP-LINK.*Router ([A-Z0-9\-\+]+).*$">
|
161
|
+
<description>TP-LINK SoHo Router</description>
|
162
|
+
<example>Basic realm="TP-LINK Wireless N Router WR841N"</example>
|
163
|
+
<example>Basic realm="TP-LINK Wireless Lite N Router WR740N"</example>
|
164
|
+
<example>Basic realm="TP-LINK Wireless N Router WR740N"</example>
|
165
|
+
<example>Basic realm="TP-LINK Wireless Router WR543G"</example>
|
166
|
+
<example>Basic realm="TP-LINK Wireless G Router WR340G"</example>
|
167
|
+
<example>Basic realm="TP-LINK Wireless Lite N Router WR741ND"</example>
|
168
|
+
<example>Basic realm="TP-LINK Wireless N Router WR847N"</example>
|
169
|
+
<example>Basic realm="TP-LINK Wireless N Gigabit Router WR1043ND"</example>
|
170
|
+
<example>Basic realm="TP-LINK Wireless N Router WR745N"</example>
|
171
|
+
<example>Basic realm="TP-LINK SOHO Router R406"</example>
|
172
|
+
<example>Basic realm="TP-LINK ADSL2+ Modem Router TD-8840T"</example>
|
173
|
+
<example>Basic realm="TP-LINK Wireless N Router WR840N"</example>
|
174
|
+
<example>Basic realm="TP-LINK Wireless N Router WR845N"</example>
|
175
|
+
<example>Basic realm="TP-LINK SOHO Router R402M"</example>
|
176
|
+
<example>Basic realm="TP-LINK 300Mbps Wireless N USB ADSL2+ Modem Router TD-W8968"</example>
|
177
|
+
<example>Basic realm="TP-LINK Wireless N Router WR941ND"</example>
|
178
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Gigabit Router WDR4300"</example>
|
179
|
+
<example>Basic realm="TP-LINK 300Mbps Wireless N Gigabit ADSL2+ Modem Router TD-W8970"</example>
|
180
|
+
<example>Basic realm="TP-LINK Wireless Router WR541G/542G"</example>
|
181
|
+
<example>Basic realm="TP-LINK Gigabit Broadband VPN Router R600VPN"</example>
|
182
|
+
<example>Basic realm="TP-LINK Wireless Router WR340G"</example>
|
183
|
+
<example>Basic realm="TP-LINK Wireless N 3G/4G Router MR3420"</example>
|
184
|
+
<example>Basic realm="TP-LINK Router R478"</example>
|
185
|
+
<example>Basic realm="TP-LINK Wireless N Router WR842N"</example>
|
186
|
+
<example>Basic realm="TP-LINK Multi-Function Wireless N Router WR842ND"</example>
|
187
|
+
<example>Basic realm="TP-LINK Wireless Router WR340G+"</example>
|
188
|
+
<example>Basic realm="TP-LINK Wireless N Router WR941N"</example>
|
189
|
+
<example>Basic realm="TP-LINK Router R4148"</example>
|
190
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Gigabit Router WDR3600"</example>
|
191
|
+
<example>Basic realm="TP-LINK Router R860"</example>
|
192
|
+
<example>Basic realm="TP-LINK Wireless N Gigabit Router WR1042ND"</example>
|
193
|
+
<example>Basic realm="TP-LINK Router R480T+"</example>
|
194
|
+
<example>Basic realm="TP-LINK Wireless Router WR641G/642G"</example>
|
195
|
+
<example>Basic realm="TP-LINK Wireless Lite N 3G/4G Router MR3220"</example>
|
196
|
+
<example>Basic realm="TP-LINK Router R478+"</example>
|
197
|
+
<example>Basic realm="TP-LINK N600 Wireless Dual Band Gigabit ADSL2+ Modem Router TD-W8980"</example>
|
198
|
+
<example>Basic realm="TP-LINK Wireless N Router WR742N"</example>
|
199
|
+
<example>Basic realm="TP-LINK Router R470T+"</example>
|
200
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Router WDR3500"</example>
|
201
|
+
<example>Basic realm="TP-LINK Wireless N Router WR2041N"</example>
|
202
|
+
<example>Basic realm="TP-LINK Wireless N Gigabit Router WR2543ND"</example>
|
203
|
+
<example>Basic realm="TP-LINK 300Mbps Wireless N VoIP ADSL2+ Modem Router TD-VG3631"</example>
|
204
|
+
<example>Basic realm="TP-LINK ADSL2+ Router TD-W89841N"</example>
|
205
|
+
<example>Basic realm="TP-LINK Router R460"</example>
|
206
|
+
<example>Basic realm="TP-LINK ADSL2+ Router TD-W89741N"</example>
|
207
|
+
<example>Basic realm="TP-LINK Wireless Lite N Router WR741N"</example>
|
208
|
+
<example>Basic realm="TP-LINK Portable Wireless N 3G/4G Router MR3020"</example>
|
209
|
+
<example>Basic realm="TP-LINK Router R480T"</example>
|
210
|
+
<example>Basic realm="TP-LINK Wireless Lite N Router WR743ND"</example>
|
211
|
+
<example>Basic realm="TP-LINK Router R4299G"</example>
|
212
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Gigabit Router WDR4900"</example>
|
213
|
+
<example>Basic realm="TP-LINK Router R488T"</example>
|
214
|
+
<example>Basic realm="TP-LINK Router R473"</example>
|
215
|
+
<example>Basic realm="TP-LINK Router R410"</example>
|
216
|
+
<example>Basic realm="TP-LINK Router R4238"</example>
|
217
|
+
<example>Basic realm="TP-LINK Wireless N Router WR846N"</example>
|
218
|
+
<example>Basic realm="TP-LINK Router R4149"</example>
|
219
|
+
<example>Basic realm="TP-LINK Wireless N Nano Router WR702N"</example>
|
220
|
+
<example>Basic realm="TP-LINK Router R483"</example>
|
221
|
+
<example>Basic realm="TP-LINK Wireless N Router WR843ND"</example>
|
222
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Gigabit Router Archer C7"</example>
|
223
|
+
<example>Basic realm="TP-LINK Wireless N Router WR842ND"</example>
|
224
|
+
<example>Basic realm="TP-LINK Router R4419"</example>
|
225
|
+
<example>Basic realm="TP-LINK Wireless N 3G Router MR3420"</example>
|
226
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Gigabit Router WDR4310/WDR4320"</example>
|
227
|
+
<example>Basic realm="TP-LINK Router R4239"</example>
|
228
|
+
<example>Basic realm="TP-LINK Router R4199G"</example>
|
229
|
+
<example>Basic realm="TP-LINK Wireless Dual Band Router WDR3320"</example>
|
230
|
+
<example>Basic realm="TP-LINK Wireless N Router WR741N/742N"</example>
|
231
|
+
<example>Basic realm="TP-LINK Wireless N 3G Router WR843N"</example>
|
232
|
+
<example>Basic realm="TP-LINK VPN Router R400VPN"</example>
|
233
|
+
<example>Basic realm="TP-LINK Wireless N Router WR746N"</example>
|
234
|
+
<example>Basic realm="TP-LINK Router R488"</example>
|
235
|
+
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
236
|
+
<param pos="0" name="os.device" value="Router"/>
|
237
|
+
<param pos="1" name="os.product"/>
|
238
|
+
</fingerprint>
|
239
|
+
<fingerprint pattern="^(?:Basic|Digest) realm=.TP-LINK.*(?:Access Point|Extender|AP) ([A-Z0-9\-\+]+).*$">
|
240
|
+
<description>TP-LINK SoHo Router</description>
|
241
|
+
<example>Basic realm="TP-LINK Wireless N Access Point WA801N"</example>
|
242
|
+
<example>Basic realm="TP-LINK Wireless Range Extender WA830RE"</example>
|
243
|
+
<example>Basic realm="TP-LINK Wireless Range Extender WA850RE"</example>
|
244
|
+
<example>Basic realm="TP-LINK Wireless AP WA501G"</example>
|
245
|
+
<example>Basic realm="TP-LINK Wireless N Access Point WA701ND"</example>
|
246
|
+
<example>Basic realm="TP-LINK Wireless N Access Point WA901ND"</example>
|
247
|
+
<example>Basic realm="TP-LINK Wireless AP WA601G"</example>
|
248
|
+
<example>Basic realm="TP-LINK Wireless AP WR710N"</example>
|
249
|
+
<example>Basic realm="TP-LINK Wireless AP WR700N"</example>
|
250
|
+
<example>Basic realm="TP-LINK Wireless Range Extender WA750RE"</example>
|
251
|
+
<example>Basic realm="TP-LINK Wireless AP WR702N"</example>
|
252
|
+
<example>Basic realm="TP-LINK Wireless AP WR800N"</example>
|
253
|
+
<example>Basic realm="TP-LINK Wireless Range Extender WA730RE"</example>
|
254
|
+
<example>Basic realm="TP-LINK Wireless N Access Point WA805N"</example>
|
255
|
+
<example>Basic realm="TP-LINK Wireless N Access Point WA701N"</example>
|
256
|
+
<example>Basic realm="TP-LINK Wireless AP WR706N"</example>
|
257
|
+
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
258
|
+
<param pos="0" name="os.device" value="WAP"/>
|
259
|
+
<param pos="1" name="os.product"/>
|
260
|
+
</fingerprint>
|
261
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="Broadcom Management Service".*$" flags="REG_ICASE">
|
262
|
+
<description>Supposedly part of Broadcom Advanced Control Suite 3 (BACS3) or something similar</description>
|
263
|
+
<example>Digest qop="auth", realm="Broadcom Management Service", nonce="AAAAAAAAAAAAAP//DwHpMwYy1zc=", algorithm="MD5"</example>
|
264
|
+
<param pos="0" name="service.vendor" value="Broadcom"/>
|
265
|
+
<param pos="0" name="service.product" value="Management Service"/>
|
266
|
+
</fingerprint>
|
267
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="SWAT".*$">
|
268
|
+
<description>Samba Web Administration Tool (SWAT)</description>
|
269
|
+
<example>Basic realm="SWAT"</example>
|
270
|
+
<param pos="0" name="service.vendor" value="Samba"/>
|
271
|
+
<param pos="0" name="service.family" value="Samba"/>
|
272
|
+
<param pos="0" name="service.product" value="SWAT"/>
|
273
|
+
</fingerprint>
|
274
|
+
<fingerprint pattern="^.*(?:Basic|Digest) realm="SPIP Configuration".*$">
|
275
|
+
<description>SPIP publishing system (www.spip.net)</description>
|
276
|
+
<example>Basic realm="SPIP Configuration", Digest realm="SPIP Configuration", nonce="116761147", algorithm="MD5"</example>
|
277
|
+
<param pos="0" name="service.vendor" value="SPIP"/>
|
278
|
+
<param pos="0" name="service.product" value="SPIP"/>
|
279
|
+
</fingerprint>
|
280
|
+
<fingerprint pattern="^.*(?:Basic|Digest) .*realm="HP ISEE @ ([^"]+)".*$">
|
281
|
+
<description>HP Instant Support Enterprise Edition with a hostname</description>
|
282
|
+
<example host.name="blah">Basic realm="HP ISEE @ blah"</example>
|
283
|
+
<param pos="0" name="service.vendor" value="HP"/>
|
284
|
+
<param pos="0" name="service.product" value="ISEE"/>
|
285
|
+
<param pos="1" name="host.name"/>
|
286
|
+
</fingerprint>
|
287
|
+
<fingerprint pattern="^.*(?:Basic|Digest) .*realm="BIG-IP".*$">
|
288
|
+
<description>Generic F5 Big-IP</description>
|
289
|
+
<example>Basic realm="BIG-IP"</example>
|
290
|
+
<param pos="0" name="os.vendor" value="F5"/>
|
291
|
+
<param pos="0" name="os.product" value="BIG-IP"/>
|
292
|
+
</fingerprint>
|
293
|
+
<!-- HP ProCurve -->
|
294
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="(?:HP|ProCurve) (J[3]\d{3}A)"$" flags="REG_ICASE">
|
295
|
+
<description>HP ProCurve Hubs</description>
|
296
|
+
<example os.product="J3295A">Basic realm="HP J3295A"</example>
|
297
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
298
|
+
<param pos="0" name="os.family" value="ProCurve"/>
|
299
|
+
<param pos="0" name="os.device" value="Hub"/>
|
300
|
+
<param pos="1" name="os.product"/>
|
301
|
+
</fingerprint>
|
302
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="(?:HP|ProCurve) (J[489]\d{3}A)"$" flags="REG_ICASE">
|
303
|
+
<description>HP ProCurve Switches</description>
|
304
|
+
<example os.product="J4110A">Basic realm="HP J4110A"</example>
|
305
|
+
<example os.product="J8164A">Basic realm="ProCurve J8164A"</example>
|
306
|
+
<example os.product="J8165A">Basic realm="HP J8165A"</example>
|
307
|
+
<example os.product="J9021A">Basic realm="HP J9021A"</example>
|
308
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
309
|
+
<param pos="0" name="os.family" value="ProCurve"/>
|
310
|
+
<param pos="0" name="os.device" value="Switch"/>
|
311
|
+
<param pos="1" name="os.product"/>
|
312
|
+
</fingerprint>
|
313
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="XDB"$">
|
314
|
+
<description>Web server providing web services for Oracle's XML DB.</description>
|
315
|
+
<example>Basic realm="XDB"</example>
|
316
|
+
<param pos="0" name="service.vendor" value="Oracle"/>
|
317
|
+
<param pos="0" name="service.product" value="XML DB"/>
|
318
|
+
<param pos="0" name="service.family" value="Oracle"/>
|
319
|
+
</fingerprint>
|
320
|
+
<!-- a variety of headers we currently just ignore -->
|
321
|
+
<fingerprint pattern="^NTLM$" flags="REG_ICASE">
|
322
|
+
<description>Ignore NTLM-only</description>
|
323
|
+
<example>NTLM</example>
|
324
|
+
<example>Ntlm</example>
|
325
|
+
</fingerprint>
|
326
|
+
<fingerprint pattern="^Negotiate$">
|
327
|
+
<description>Ignore Negotiate-only</description>
|
328
|
+
<example>Negotiate</example>
|
329
|
+
</fingerprint>
|
330
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="null"">
|
331
|
+
<description>Ignore null</description>
|
332
|
+
<example>Basic realm="null"</example>
|
333
|
+
</fingerprint>
|
334
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)".*$">
|
335
|
+
<description>Ignore realms with an IPv4 address</description>
|
336
|
+
<example>Basic realm="192.168.0.1"</example>
|
337
|
+
<example>Digest qop="auth", realm="172.16.0.1", nonce="AAAAAAAAAAAAAP//DwHpM0IvM78=", algorithm="MD5"</example>
|
338
|
+
</fingerprint>
|
339
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="config".*$">
|
340
|
+
<description>Ignore generic 'config' realms</description>
|
341
|
+
<example>Digest realm="config", nonce="1155041914", algorithm="MD5", qop="auth"</example>
|
342
|
+
</fingerprint>
|
343
|
+
<!--
|
407
344
|
Temporarily disable this version-less fingerprint because it overrode the
|
408
345
|
one in http_servers.xml (see NEX-1255).
|
409
346
|
|
@@ -414,8 +351,7 @@
|
|
414
351
|
<param pos="0" name="service.product" value="ListManager"/>
|
415
352
|
</fingerprint>
|
416
353
|
-->
|
417
|
-
|
418
|
-
<!--
|
354
|
+
<!--
|
419
355
|
Basic realm= StarVoice
|
420
356
|
Basic realm="802.11g Remote-Motion CCD Network Camera"
|
421
357
|
Basic realm="Access to Workgroup Switch FX5124"
|
@@ -502,10 +438,7 @@ Digest realm="HiPER", domain="222.66.99.209", qop="auth", nonce="aa81b6584c4716f
|
|
502
438
|
Digest realm="i3micro VRG", nonce="1186428394", qop="auth", algorithm=MD5
|
503
439
|
Digest realm="WatchGuard SOHO Configuration",qop="auth",nonce="7c8e98007db668881687bd538e6e8581"
|
504
440
|
-->
|
505
|
-
|
506
|
-
<!-- This is in various PHP coding examples, but is not a reliable FP source:
|
441
|
+
<!-- This is in various PHP coding examples, but is not a reliable FP source:
|
507
442
|
Basic realm="User Login"
|
508
443
|
-->
|
509
|
-
|
510
444
|
</fingerprints>
|
511
|
-
|