recog 2.0.9 → 2.0.10

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/recog/version.rb +1 -1
  3. data/xml/smtp_banners.xml +11 -23
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 7d1785649ccc5bd00c514b2963c659413584e803
4
- data.tar.gz: 7f48e11585c4af802e79a1dedb68b504d54f6142
3
+ metadata.gz: 3afb2c6d348dfbe16dec6f3acf82455e48b15d23
4
+ data.tar.gz: 152196328e6d0ed66ced47488e2f89b5a7992694
5
5
  SHA512:
6
- metadata.gz: 4a6b6a0648b32bc35a1c56c581c0f906ab0fef35e53e44d139aa1e3eaa8b0e04e3b4e26bc84df356937cce15bfd50d18c9dab59e7badc750f38de968de0a9eed
7
- data.tar.gz: 9228765a199a1f24b1d001177cf77192de63bd03bb6989864f354b4be9bdddf4eda1af0240a4b4e498847ef0cad17b82ede5ab44ac44783363a3f876e80119ea
6
+ metadata.gz: 61ecb9f64e183652812e3722a65b0317f9f8cf89fbf58cb1a0d4db0bb65016f861b334b8a6531b26c25f76f9067a0255ebe16428814077393e616e13cf49938a
7
+ data.tar.gz: 1d28d10d0cf12f77261669ffbd78a0f956fadb2558cf8fc346977f2407374140ac7a67e3e9700415eb1045738fc69a30f4f3ff3e45bc19bc90e2a7aec4b4d89b
data/lib/recog/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Recog
2
- VERSION = '2.0.9'
2
+ VERSION = '2.0.10'
3
3
  end
data/xml/smtp_banners.xml CHANGED
@@ -1222,11 +1222,12 @@ The system or service fingerprint with the highest certainty overwrites the othe
1222
1222
  <param pos="5" name="system.time"/>
1223
1223
  </fingerprint>
1224
1224
 
1225
- <fingerprint pattern="^([^ ]+) ESMTP Sendmail AIX([^/]+)/([^/]+)/([^;]+); (.+) \(.+\)$">
1225
+ <fingerprint pattern="^([^ ]+) ESMTP Sendmail AIX([^/]+)/([^/]+)/([^;]+); (.+)(?: \(.+\))?$">
1226
1226
  <description>
1227
1227
  sendmail on AIX
1228
1228
  </description>
1229
- <example>foo.bar.com ESMTP Sendmail AIX4.2/8.7/8.7; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
1229
+ <example host.name="example.com" os.version="4.2" service.version="8.7" sendmail.config.version="8.8">example.com ESMTP Sendmail AIX4.2/8.7/8.8; Sun, 29 Jul 2001 22:34:37 -0400 (EDT)</example>
1230
+ <example host.name="example.com" os.version="5.1" service.version="8.11.6p2" sendmail.config.version="8.11.0">example.com ESMTP Sendmail AIX5.1/8.11.6p2/8.11.0; Fri, 28 Aug 1970 19:42:05 -0800</example>
1230
1231
  <param pos="0" name="service.family" value="Sendmail"/>
1231
1232
  <param pos="0" name="service.product" value="Sendmail"/>
1232
1233
  <param pos="0" name="os.vendor" value="IBM"/>
@@ -1421,12 +1422,14 @@ The system or service fingerprint with the highest certainty overwrites the othe
1421
1422
  <param pos="4" name="system.time"/>
1422
1423
  </fingerprint>
1423
1424
 
1424
- <fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^ ]+) */ *([^ ]+); *(.+) \(.+\)$">
1425
+ <fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^/ ]+) */ *([^/ ]+); *(.+)(?: \(.+\))?$">
1425
1426
  <description>
1426
- sendmail where neither daemon nor config file are patched (with timezone)
1427
+ sendmail where neither daemon nor config file are patched, with and without timezone
1427
1428
  </description>
1428
- <example>mail.foo.bar ESMTP Sendmail 8.8.8/8.8.8; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
1429
- <example>mail.foo.bar ESMTP blah Sendmail 8.8.8/8.8.8; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
1429
+ <example host.name="example.com" service.version="8.8.8" sendmail.config.version="8.8.9">example.com ESMTP Sendmail 8.8.8/8.8.9; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
1430
+ <example host.name="example.com" service.version="8.8.8" sendmail.config.version="8.8.9">example.com ESMTP blah Sendmail 8.8.8/8.8.9; Wed, 21 Nov 2001 23:39:07 +0100 (CET)</example>
1431
+ <example host.name="example.com" service.version="8.10.2" sendmail.config.version="8.10.3">example.com ESMTP Sendmail 8.10.2/8.10.3; Mon, 10 Sep 2001 08:37:14 -0400</example>
1432
+ <example host.name="example.com" service.version="8.13.8" sendmail.config.version="8.13.9">example.com ESMTP foo-MTA Sendmail 8.13.8/8.13.9; Mon, 18 Apr 2011 08:52:38 -0700</example>
1430
1433
  <param pos="0" name="service.family" value="Sendmail"/>
1431
1434
  <param pos="0" name="service.product" value="Sendmail"/>
1432
1435
  <param pos="0" name="system.time.format" value="EEE, dd MMM yyyy HH:mm:ss zzz"/>
@@ -1436,22 +1439,6 @@ The system or service fingerprint with the highest certainty overwrites the othe
1436
1439
  <param pos="4" name="system.time"/>
1437
1440
  </fingerprint>
1438
1441
 
1439
- <fingerprint pattern="^([^ ]+) +ESMTP .*Sendmail +([^ ]+) */ *([^ ]+) *; *(.+) *$">
1440
- <description>
1441
- sendmail where neither daemon nor config file are patched (without timezone)
1442
- </description>
1443
- <example>mail.foo.bar ESMTP Sendmail 8.10.2/8.10.2; Mon, 10 Sep 2001 08:37:14 -0400</example>
1444
- <example>mail.foo.bar ESMTP Sendmail 8.8.7/8.8.7; Mon, 2 Jul 2001 14:19:18 -0700</example>
1445
- <example>foo.example.com ESMTP foo-MTA Sendmail 8.13.8/8.13.8; Mon, 18 Apr 2011 08:52:38 -0700</example>
1446
- <param pos="0" name="service.family" value="Sendmail"/>
1447
- <param pos="0" name="service.product" value="Sendmail"/>
1448
- <param pos="0" name="system.time.format" value="EEE, dd MMM yyyy HH:mm:ss zzz"/>
1449
- <param pos="1" name="host.name"/>
1450
- <param pos="2" name="service.version"/>
1451
- <param pos="3" name="sendmail.config.version"/>
1452
- <param pos="4" name="system.time"/>
1453
- </fingerprint>
1454
-
1455
1442
  <fingerprint pattern="^([^ ]+) +Sendmail ready\. *$">
1456
1443
  <description>
1457
1444
  some old version of sendmail - TODO: figure out which versions this could be
@@ -1588,11 +1575,12 @@ The system or service fingerprint with the highest certainty overwrites the othe
1588
1575
  <param pos="1" name="host.name"/>
1589
1576
  </fingerprint>
1590
1577
 
1591
- <fingerprint pattern="^(\S+) ESMTP Sendmail (\S{3}, \d{2} \S{3} \d{4} \d{2}:\d{2}:\d{2} \S+)$">
1578
+ <fingerprint pattern="^(\S+) ESMTP Sendmail (\S{3}, \d{1,2} \S{3} \d{4} \d{2}:\d{2}:\d{2} \S+)$">
1592
1579
  <description>
1593
1580
  catch all for other versions of sendmail, with a date/time
1594
1581
  </description>
1595
1582
  <example host.name="example.com">example.com ESMTP Sendmail Wed, 20 May 2015 17:17:56 -0600</example>
1583
+ <example host.name="example.com">example.com ESMTP Sendmail Wed, 5 Aug 2015 17:40:38 -0400</example>
1596
1584
  <param pos="0" name="service.family" value="Sendmail"/>
1597
1585
  <param pos="0" name="service.product" value="Sendmail"/>
1598
1586
  <param pos="1" name="host.name"/>
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: recog
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.9
4
+ version: 2.0.10
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rapid7 Research
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-24 00:00:00.000000000 Z
11
+ date: 2015-08-06 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec