recog 2.1.20 → 2.1.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/recog/version.rb +1 -1
- data/remap.json +131 -0
- data/spec/lib/fingerprint_self_test_spec.rb +16 -1
- data/update_cpes.py +202 -0
- data/xml/apache_os.xml +29 -5
- data/xml/architecture.xml +3 -3
- data/xml/dns_versionbind.xml +56 -10
- data/xml/ftp_banners.xml +56 -12
- data/xml/h323_callresp.xml +4 -4
- data/xml/hp_pjl_id.xml +8 -8
- data/xml/http_cookies.xml +20 -8
- data/xml/http_servers.xml +122 -8
- data/xml/http_wwwauth.xml +13 -3
- data/xml/imap_banners.xml +19 -1
- data/xml/ldap_searchresult.xml +44 -68
- data/xml/mdns_device-info_txt.xml +18 -7
- data/xml/mdns_workstation_txt.xml +7 -7
- data/xml/mysql_banners.xml +159 -13
- data/xml/mysql_error.xml +124 -21
- data/xml/nntp_banners.xml +10 -4
- data/xml/ntp_banners.xml +144 -84
- data/xml/operating_system.xml +39 -10
- data/xml/pop_banners.xml +32 -12
- data/xml/rsh_resp.xml +8 -3
- data/xml/sip_banners.xml +4 -3
- data/xml/sip_user_agents.xml +4 -3
- data/xml/smb_native_lm.xml +9 -4
- data/xml/smb_native_os.xml +50 -25
- data/xml/smtp_banners.xml +108 -33
- data/xml/smtp_debug.xml +11 -8
- data/xml/smtp_ehlo.xml +14 -11
- data/xml/smtp_expn.xml +17 -11
- data/xml/smtp_help.xml +17 -11
- data/xml/smtp_mailfrom.xml +4 -3
- data/xml/smtp_noop.xml +13 -8
- data/xml/smtp_quit.xml +10 -8
- data/xml/smtp_rcptto.xml +1 -3
- data/xml/smtp_rset.xml +10 -8
- data/xml/smtp_turn.xml +10 -8
- data/xml/smtp_vrfy.xml +18 -11
- data/xml/snmp_sysdescr.xml +157 -451
- data/xml/snmp_sysobjid.xml +57 -4
- data/xml/ssh_banners.xml +104 -5
- data/xml/upnp_banners.xml +16 -1
- data/xml/x11_banners.xml +34 -9
- metadata +4 -2
data/xml/operating_system.xml
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<!--
|
|
3
|
-
Patterns for common names of various operating systems.
|
|
4
|
-
-->
|
|
5
2
|
<fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
|
|
3
|
+
<!--
|
|
4
|
+
Patterns for common names of various operating systems.
|
|
5
|
+
-->
|
|
6
6
|
<!-- Windows begin -->
|
|
7
7
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
|
8
8
|
<description>Windows Server 2003 and later</description>
|
|
@@ -60,6 +60,7 @@
|
|
|
60
60
|
<param pos="0" name="os.product" value="Windows 2000"/>
|
|
61
61
|
<param pos="1" name="os.edition"/>
|
|
62
62
|
<param pos="2" name="os.version"/>
|
|
63
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
|
|
63
64
|
</fingerprint>
|
|
64
65
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
|
|
65
66
|
<description>Windows NT</description>
|
|
@@ -72,6 +73,7 @@
|
|
|
72
73
|
<param pos="0" name="os.product" value="NT"/>
|
|
73
74
|
<param pos="1" name="os.version"/>
|
|
74
75
|
<param pos="2" name="os.edition"/>
|
|
76
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
|
|
75
77
|
</fingerprint>
|
|
76
78
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
|
|
77
79
|
<description>Windows Phone 7 and later</description>
|
|
@@ -104,7 +106,7 @@
|
|
|
104
106
|
<param pos="0" name="os.family" value="Windows"/>
|
|
105
107
|
<param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
|
|
106
108
|
</fingerprint>
|
|
107
|
-
|
|
109
|
+
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
|
|
108
110
|
<description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
|
|
109
111
|
<example>Windows 6.3</example>
|
|
110
112
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
@@ -126,9 +128,9 @@
|
|
|
126
128
|
<param pos="0" name="os.family" value="Windows"/>
|
|
127
129
|
<param pos="0" name="os.product" value="Windows"/>
|
|
128
130
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
131
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
129
132
|
</fingerprint>
|
|
130
133
|
<!-- Windows end -->
|
|
131
|
-
|
|
132
134
|
<!-- Liunx begin -->
|
|
133
135
|
<fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
|
|
134
136
|
<description>Alpine Linux</description>
|
|
@@ -170,6 +172,7 @@
|
|
|
170
172
|
<param pos="0" name="os.family" value="Linux"/>
|
|
171
173
|
<param pos="0" name="os.product" value="Linux"/>
|
|
172
174
|
<param pos="1" name="os.version"/>
|
|
175
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
|
|
173
176
|
</fingerprint>
|
|
174
177
|
<fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
|
|
175
178
|
<description>Debian Linux</description>
|
|
@@ -181,16 +184,18 @@
|
|
|
181
184
|
<param pos="0" name="os.family" value="Linux"/>
|
|
182
185
|
<param pos="0" name="os.product" value="Linux"/>
|
|
183
186
|
<param pos="1" name="os.version"/>
|
|
187
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
|
|
184
188
|
</fingerprint>
|
|
185
189
|
<fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
|
|
186
190
|
<description>Fedora Linux</description>
|
|
187
191
|
<example os.version="6">Fedora Core 6</example>
|
|
188
192
|
<example os.version="25">Fedora 25</example>
|
|
189
193
|
<example os.version="26">Fedora release 26 (Twenty Six)</example>
|
|
190
|
-
<param pos="0" name="os.vendor" value="
|
|
194
|
+
<param pos="0" name="os.vendor" value="Red Hat"/>
|
|
191
195
|
<param pos="0" name="os.family" value="Linux"/>
|
|
192
196
|
<param pos="0" name="os.product" value="Linux"/>
|
|
193
197
|
<param pos="1" name="os.version"/>
|
|
198
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
|
194
199
|
</fingerprint>
|
|
195
200
|
<!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
|
|
196
201
|
<fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
@@ -200,6 +205,7 @@
|
|
|
200
205
|
<param pos="0" name="os.family" value="Linux"/>
|
|
201
206
|
<param pos="0" name="os.product" value="Linux"/>
|
|
202
207
|
<param pos="1" name="os.version"/>
|
|
208
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
|
|
203
209
|
</fingerprint>
|
|
204
210
|
<!-- Kali switched to rolling release in January 2016. -->
|
|
205
211
|
<fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
|
|
@@ -234,6 +240,7 @@
|
|
|
234
240
|
<param pos="0" name="os.family" value="Enterprise Linux"/>
|
|
235
241
|
<param pos="0" name="os.product" value="Linux"/>
|
|
236
242
|
<param pos="1" name="os.version"/>
|
|
243
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
|
|
237
244
|
</fingerprint>
|
|
238
245
|
<fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
|
|
239
246
|
<description>OpenSUSE Linux</description>
|
|
@@ -256,6 +263,7 @@
|
|
|
256
263
|
<param pos="0" name="os.family" value="Linux"/>
|
|
257
264
|
<param pos="0" name="os.product" value="Enterprise Linux"/>
|
|
258
265
|
<param pos="1" name="os.version"/>
|
|
266
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
|
|
259
267
|
</fingerprint>
|
|
260
268
|
<!-- Red Hat Enterprise Linux derivative -->
|
|
261
269
|
<fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
@@ -284,6 +292,7 @@
|
|
|
284
292
|
<param pos="0" name="os.family" value="Linux"/>
|
|
285
293
|
<param pos="0" name="os.product" value="Linux Enterprise Desktop"/>
|
|
286
294
|
<param pos="1" name="os.version"/>
|
|
295
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
|
|
287
296
|
</fingerprint>
|
|
288
297
|
<fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
289
298
|
<description>SUSE Linux Enterprise Server</description>
|
|
@@ -293,6 +302,7 @@
|
|
|
293
302
|
<param pos="0" name="os.family" value="Linux"/>
|
|
294
303
|
<param pos="0" name="os.product" value="Linux Enterprise Server"/>
|
|
295
304
|
<param pos="1" name="os.version"/>
|
|
305
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
|
296
306
|
</fingerprint>
|
|
297
307
|
<fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
298
308
|
<description>SLES Linux Enterprise Server</description>
|
|
@@ -302,6 +312,7 @@
|
|
|
302
312
|
<param pos="0" name="os.family" value="Linux"/>
|
|
303
313
|
<param pos="0" name="os.product" value="Linux Enterprise Server"/>
|
|
304
314
|
<param pos="1" name="os.version"/>
|
|
315
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
|
305
316
|
</fingerprint>
|
|
306
317
|
<fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
|
307
318
|
<description>Ubuntu Linux</description>
|
|
@@ -314,6 +325,7 @@
|
|
|
314
325
|
<param pos="0" name="os.product" value="Linux"/>
|
|
315
326
|
<param pos="1" name="os.version"/>
|
|
316
327
|
<param pos="2" name="os.edition"/>
|
|
328
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
|
|
317
329
|
</fingerprint>
|
|
318
330
|
<!-- Ubuntu derivative -->
|
|
319
331
|
<fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
|
@@ -335,6 +347,7 @@
|
|
|
335
347
|
<param pos="0" name="os.family" value="Linux"/>
|
|
336
348
|
<param pos="0" name="os.product" value="Photon Linux"/>
|
|
337
349
|
<param pos="1" name="os.version"/>
|
|
350
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
|
|
338
351
|
</fingerprint>
|
|
339
352
|
<!-- Vendor-based distribution catch-call -->
|
|
340
353
|
<fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
|
|
@@ -355,9 +368,9 @@
|
|
|
355
368
|
<param pos="0" name="os.product" value="Linux"/>
|
|
356
369
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
357
370
|
<param pos="1" name="os.version"/>
|
|
371
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
|
358
372
|
</fingerprint>
|
|
359
373
|
<!-- Linux end -->
|
|
360
|
-
|
|
361
374
|
<!-- Mac begin -->
|
|
362
375
|
<!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
|
|
363
376
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
|
|
@@ -368,6 +381,7 @@
|
|
|
368
381
|
<param pos="0" name="os.family" value="Mac OS"/>
|
|
369
382
|
<param pos="0" name="os.product" value="Mac OS"/>
|
|
370
383
|
<param pos="1" name="os.version"/>
|
|
384
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
|
|
371
385
|
</fingerprint>
|
|
372
386
|
<fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
373
387
|
<description>Mac OS X with version number</description>
|
|
@@ -378,6 +392,7 @@
|
|
|
378
392
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
379
393
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
380
394
|
<param pos="1" name="os.version"/>
|
|
395
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
|
381
396
|
</fingerprint>
|
|
382
397
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
|
|
383
398
|
<description>Mac OS X Cheetah</description>
|
|
@@ -386,6 +401,7 @@
|
|
|
386
401
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
387
402
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
388
403
|
<param pos="0" name="os.version" value="10.0"/>
|
|
404
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
|
|
389
405
|
</fingerprint>
|
|
390
406
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
|
|
391
407
|
<description>Mac OS X Puma</description>
|
|
@@ -394,6 +410,7 @@
|
|
|
394
410
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
395
411
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
396
412
|
<param pos="0" name="os.version" value="10.1"/>
|
|
413
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
|
|
397
414
|
</fingerprint>
|
|
398
415
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
|
|
399
416
|
<description>Mac OS X Jaguar</description>
|
|
@@ -402,6 +419,7 @@
|
|
|
402
419
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
403
420
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
404
421
|
<param pos="0" name="os.version" value="10.2"/>
|
|
422
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
|
405
423
|
</fingerprint>
|
|
406
424
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
|
|
407
425
|
<description>Mac OS X Panther</description>
|
|
@@ -410,6 +428,7 @@
|
|
|
410
428
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
411
429
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
412
430
|
<param pos="0" name="os.version" value="10.3"/>
|
|
431
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
|
413
432
|
</fingerprint>
|
|
414
433
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
|
|
415
434
|
<description>Mac OS X Tiger</description>
|
|
@@ -418,6 +437,7 @@
|
|
|
418
437
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
419
438
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
420
439
|
<param pos="0" name="os.version" value="10.4"/>
|
|
440
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
|
421
441
|
</fingerprint>
|
|
422
442
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
|
|
423
443
|
<description>Mac OS X Leopard</description>
|
|
@@ -426,6 +446,7 @@
|
|
|
426
446
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
427
447
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
428
448
|
<param pos="0" name="os.version" value="10.5"/>
|
|
449
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
|
429
450
|
</fingerprint>
|
|
430
451
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
|
|
431
452
|
<description>Mac OS X Snow Leopard</description>
|
|
@@ -434,6 +455,7 @@
|
|
|
434
455
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
435
456
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
436
457
|
<param pos="0" name="os.version" value="10.6"/>
|
|
458
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
|
437
459
|
</fingerprint>
|
|
438
460
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
|
|
439
461
|
<description>Mac OS X Lion</description>
|
|
@@ -442,6 +464,7 @@
|
|
|
442
464
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
443
465
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
444
466
|
<param pos="0" name="os.version" value="10.7"/>
|
|
467
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
|
445
468
|
</fingerprint>
|
|
446
469
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
|
|
447
470
|
<description>Mac OS X Mountain Lion</description>
|
|
@@ -450,6 +473,7 @@
|
|
|
450
473
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
451
474
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
452
475
|
<param pos="0" name="os.version" value="10.8"/>
|
|
476
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
|
453
477
|
</fingerprint>
|
|
454
478
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
|
|
455
479
|
<description>Mac OS X Mavericks</description>
|
|
@@ -458,6 +482,7 @@
|
|
|
458
482
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
459
483
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
460
484
|
<param pos="0" name="os.version" value="10.9"/>
|
|
485
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
|
461
486
|
</fingerprint>
|
|
462
487
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
|
|
463
488
|
<description>Mac OS X Yosemite</description>
|
|
@@ -466,6 +491,7 @@
|
|
|
466
491
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
467
492
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
468
493
|
<param pos="0" name="os.version" value="10.10"/>
|
|
494
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
|
469
495
|
</fingerprint>
|
|
470
496
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
|
|
471
497
|
<description>Mac OS X El Capitan</description>
|
|
@@ -474,6 +500,7 @@
|
|
|
474
500
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
|
475
501
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
476
502
|
<param pos="0" name="os.version" value="10.11"/>
|
|
503
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
|
|
477
504
|
</fingerprint>
|
|
478
505
|
<!-- This can also match Cisco IOS if the vendor name is not present. -->
|
|
479
506
|
<fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
@@ -488,7 +515,6 @@
|
|
|
488
515
|
<param pos="0" name="os.device" value="Mobile"/>
|
|
489
516
|
</fingerprint>
|
|
490
517
|
<!-- Mac end -->
|
|
491
|
-
|
|
492
518
|
<!-- BSD begin -->
|
|
493
519
|
<fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
|
|
494
520
|
<description>Many BSD family OSes</description>
|
|
@@ -503,7 +529,6 @@
|
|
|
503
529
|
<param pos="2" name="os.version"/>
|
|
504
530
|
</fingerprint>
|
|
505
531
|
<!-- BSD end -->
|
|
506
|
-
|
|
507
532
|
<!-- Other Unix-likes begin -->
|
|
508
533
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
509
534
|
<description>OpenSolaris</description>
|
|
@@ -512,6 +537,7 @@
|
|
|
512
537
|
<param pos="0" name="os.family" value="Solaris"/>
|
|
513
538
|
<param pos="0" name="os.product" value="Solaris"/>
|
|
514
539
|
<param pos="1" name="os.version"/>
|
|
540
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
515
541
|
</fingerprint>
|
|
516
542
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
|
|
517
543
|
<description>Solaris 11 and up</description>
|
|
@@ -521,6 +547,7 @@
|
|
|
521
547
|
<param pos="0" name="os.family" value="Solaris"/>
|
|
522
548
|
<param pos="0" name="os.product" value="Solaris"/>
|
|
523
549
|
<param pos="1" name="os.version"/>
|
|
550
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
524
551
|
</fingerprint>
|
|
525
552
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
|
|
526
553
|
<description>Solaris 7-10</description>
|
|
@@ -532,6 +559,7 @@
|
|
|
532
559
|
<param pos="0" name="os.family" value="Solaris"/>
|
|
533
560
|
<param pos="0" name="os.product" value="Solaris"/>
|
|
534
561
|
<param pos="1" name="os.version"/>
|
|
562
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
535
563
|
</fingerprint>
|
|
536
564
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
|
|
537
565
|
<description>SunOS/Solaris 5.7-5.10</description>
|
|
@@ -541,6 +569,7 @@
|
|
|
541
569
|
<param pos="0" name="os.family" value="Solaris"/>
|
|
542
570
|
<param pos="0" name="os.product" value="Solaris"/>
|
|
543
571
|
<param pos="1" name="os.version"/>
|
|
572
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
|
544
573
|
</fingerprint>
|
|
545
574
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
|
|
546
575
|
<description>Oracle/Solaris 5.11 and upwards</description>
|
|
@@ -549,6 +578,7 @@
|
|
|
549
578
|
<param pos="0" name="os.family" value="Solaris"/>
|
|
550
579
|
<param pos="0" name="os.product" value="Solaris"/>
|
|
551
580
|
<param pos="1" name="os.version"/>
|
|
581
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
|
552
582
|
</fingerprint>
|
|
553
583
|
<fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
554
584
|
<description>IBM OSes</description>
|
|
@@ -575,7 +605,6 @@
|
|
|
575
605
|
<param pos="2" name="os.version"/>
|
|
576
606
|
</fingerprint>
|
|
577
607
|
<!-- Other Unix-likes end -->
|
|
578
|
-
|
|
579
608
|
<!-- Network equipment begin -->
|
|
580
609
|
<fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
|
581
610
|
<description>Juniper</description>
|
data/xml/pop_banners.xml
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
-
<!--
|
|
3
|
-
POP3 greeting messages (part of the banner after the status indicator +OK or -ERR) are
|
|
4
|
-
matched against these patterns to fingerprint POP3 servers.
|
|
5
|
-
-->
|
|
6
2
|
<fingerprints matches="pop3.banner" protocol="pop3" database_type="service" preference="0.90">
|
|
3
|
+
<!--
|
|
4
|
+
POP3 greeting messages (part of the banner after the status indicator +OK or -ERR) are
|
|
5
|
+
matched against these patterns to fingerprint POP3 servers.
|
|
6
|
+
-->
|
|
7
7
|
<fingerprint pattern="^([^ ]+) +Cyrus POP3 v(\d+\.\d+.*)-OS X(?: Server)? ([\d\.]+).* server ready">
|
|
8
8
|
<description>OSX Cyrus POP</description>
|
|
9
9
|
<example host.domain="8.8.8.8" service.version="2.3.8" os.version="10.5">8.8.8.8 Cyrus POP3 v2.3.8-OS X Server 10.5: 9A562 server ready <1999107648.1324502155@8.8.8.8></example>
|
|
@@ -16,6 +16,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
16
16
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
17
17
|
<param pos="0" name="os.device" value="General"/>
|
|
18
18
|
<param pos="3" name="os.version"/>
|
|
19
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
|
19
20
|
<param pos="1" name="host.domain"/>
|
|
20
21
|
</fingerprint>
|
|
21
22
|
<fingerprint pattern="^([^ ]+) +Cyrus POP3 v([\d\.]+)">
|
|
@@ -34,6 +35,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
34
35
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
35
36
|
<param pos="0" name="service.family" value="Lotus Domino"/>
|
|
36
37
|
<param pos="0" name="service.product" value="Lotus Domino"/>
|
|
38
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
|
|
37
39
|
</fingerprint>
|
|
38
40
|
<fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on .*$">
|
|
39
41
|
<description>IBM Lotus Notes/Domino</description>
|
|
@@ -42,6 +44,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
42
44
|
<param pos="0" name="service.family" value="Lotus Domino"/>
|
|
43
45
|
<param pos="0" name="service.product" value="Lotus Domino"/>
|
|
44
46
|
<param pos="1" name="service.version"/>
|
|
47
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:{service.version}"/>
|
|
45
48
|
</fingerprint>
|
|
46
49
|
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\..*$">
|
|
47
50
|
<description>Qpopper with Sphera mods</description>
|
|
@@ -91,11 +94,13 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
91
94
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
|
92
95
|
<param pos="0" name="service.product" value="Exchange 2003 Server"/>
|
|
93
96
|
<param pos="1" name="service.version"/>
|
|
97
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:{service.version}"/>
|
|
94
98
|
<param pos="2" name="host.name"/>
|
|
95
99
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
96
100
|
<param pos="0" name="os.device" value="General"/>
|
|
97
101
|
<param pos="0" name="os.family" value="Windows"/>
|
|
98
102
|
<param pos="0" name="os.product" value="Windows"/>
|
|
103
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
99
104
|
</fingerprint>
|
|
100
105
|
<fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
|
|
101
106
|
<description>Microsoft Exchange Server 2000</description>
|
|
@@ -104,11 +109,13 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
104
109
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
|
105
110
|
<param pos="0" name="service.product" value="Exchange 2000 Server"/>
|
|
106
111
|
<param pos="1" name="service.version"/>
|
|
112
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:{service.version}"/>
|
|
107
113
|
<param pos="2" name="host.name"/>
|
|
108
114
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
109
115
|
<param pos="0" name="os.device" value="General"/>
|
|
110
116
|
<param pos="0" name="os.family" value="Windows"/>
|
|
111
117
|
<param pos="0" name="os.product" value="Windows"/>
|
|
118
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
112
119
|
</fingerprint>
|
|
113
120
|
<fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
|
|
114
121
|
<description>Microsoft Exchange Server</description>
|
|
@@ -117,10 +124,12 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
117
124
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
|
118
125
|
<param pos="0" name="service.product" value="Exchange Server"/>
|
|
119
126
|
<param pos="1" name="service.version"/>
|
|
127
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:{service.version}"/>
|
|
120
128
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
121
129
|
<param pos="0" name="os.device" value="General"/>
|
|
122
130
|
<param pos="0" name="os.family" value="Windows"/>
|
|
123
131
|
<param pos="0" name="os.product" value="Windows"/>
|
|
132
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
124
133
|
</fingerprint>
|
|
125
134
|
<fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 <.+@(.+)> ready.$">
|
|
126
135
|
<description>Microsoft POP3 Services on Windows 2003</description>
|
|
@@ -133,6 +142,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
133
142
|
<param pos="0" name="os.device" value="General"/>
|
|
134
143
|
<param pos="0" name="os.family" value="Windows"/>
|
|
135
144
|
<param pos="0" name="os.product" value="Windows Server 2003"/>
|
|
145
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
|
136
146
|
</fingerprint>
|
|
137
147
|
<fingerprint pattern="^Microsoft Exchange Server 2007 POP3 service ready\.?$">
|
|
138
148
|
<description>Microsoft Exchange Server 2007</description>
|
|
@@ -140,10 +150,12 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
140
150
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
|
141
151
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
|
142
152
|
<param pos="0" name="service.product" value="Exchange 2007 Server"/>
|
|
153
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:-"/>
|
|
143
154
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
144
155
|
<param pos="0" name="os.device" value="General"/>
|
|
145
156
|
<param pos="0" name="os.family" value="Windows"/>
|
|
146
157
|
<param pos="0" name="os.product" value="Windows"/>
|
|
158
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
147
159
|
</fingerprint>
|
|
148
160
|
<fingerprint pattern="^The? Microsoft Exchange POP3 service is ready\.?$">
|
|
149
161
|
<description>Microsoft Exchange Server, generic</description>
|
|
@@ -151,10 +163,12 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
151
163
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
|
152
164
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
|
153
165
|
<param pos="0" name="service.product" value="Exchange Server"/>
|
|
166
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:exchange_server:-"/>
|
|
154
167
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
155
168
|
<param pos="0" name="os.device" value="General"/>
|
|
156
169
|
<param pos="0" name="os.family" value="Windows"/>
|
|
157
170
|
<param pos="0" name="os.product" value="Windows"/>
|
|
171
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
158
172
|
</fingerprint>
|
|
159
173
|
<fingerprint pattern="^[dD]ovecot (?:DA )?ready\.(?: <.+@(.+)>)?$">
|
|
160
174
|
<description>Dovecot Secure POP Server</description>
|
|
@@ -168,6 +182,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
168
182
|
<example>dogfood.example.com Zimbra POP3 server ready</example>
|
|
169
183
|
<param pos="0" name="service.vendor" value="VMware"/>
|
|
170
184
|
<param pos="0" name="service.product" value="Zimbra"/>
|
|
185
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:zimbra_desktop:-"/>
|
|
171
186
|
<param pos="1" name="host.name"/>
|
|
172
187
|
</fingerprint>
|
|
173
188
|
<fingerprint pattern="^(\S+) Zimbra (\S+) POP3 server ready\.?$">
|
|
@@ -176,6 +191,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
176
191
|
<param pos="0" name="service.vendor" value="VMware"/>
|
|
177
192
|
<param pos="0" name="service.product" value="Zimbra"/>
|
|
178
193
|
<param pos="2" name="service.version"/>
|
|
194
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:zimbra_desktop:{service.version}"/>
|
|
179
195
|
<param pos="1" name="host.name"/>
|
|
180
196
|
</fingerprint>
|
|
181
197
|
<fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?<.*@([^>]+)>$">
|
|
@@ -195,6 +211,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
195
211
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
|
196
212
|
<param pos="1" name="os.version"/>
|
|
197
213
|
<param pos="0" name="os.certainty" value="0.5"/>
|
|
214
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
|
198
215
|
</fingerprint>
|
|
199
216
|
<fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+), .*$">
|
|
200
217
|
<description>TCP/IP Services for OpenVMS POP server</description>
|
|
@@ -207,6 +224,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
207
224
|
<param pos="0" name="os.product" value="OpenVMS"/>
|
|
208
225
|
<param pos="0" name="os.device" value="General"/>
|
|
209
226
|
<param pos="1" name="os.version"/>
|
|
227
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:{os.version}"/>
|
|
210
228
|
<param pos="2" name="host.name"/>
|
|
211
229
|
</fingerprint>
|
|
212
230
|
<fingerprint pattern="^Hello there\.$">
|
|
@@ -216,16 +234,16 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
216
234
|
<param pos="0" name="service.family" value="Courier MTA"/>
|
|
217
235
|
<param pos="0" name="service.product" value="Courier POP"/>
|
|
218
236
|
</fingerprint>
|
|
219
|
-
<fingerprint pattern=
|
|
237
|
+
<fingerprint pattern="^CMailServer ([\d\.]+) POP3 Service Ready$">
|
|
220
238
|
<description>CMailServer</description>
|
|
221
239
|
<example service.version="5.0.0">CMailServer 5.0.0 POP3 Service Ready</example>
|
|
222
240
|
<param pos="0" name="service.product" value="CMailServer"/>
|
|
223
241
|
<param pos="0" name="service.vendor" value="Youngzsoft"/>
|
|
224
|
-
<param pos="0" name="os.family" value="Windows"
|
|
242
|
+
<param pos="0" name="os.family" value="Windows"/>
|
|
225
243
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
226
|
-
<param pos=
|
|
244
|
+
<param pos="1" name="service.version"/>
|
|
227
245
|
</fingerprint>
|
|
228
|
-
<fingerprint pattern=
|
|
246
|
+
<fingerprint pattern="^POP3 Bigfoot v(\d\.\d) server ready$">
|
|
229
247
|
<description>POP3 Bigfoot server</description>
|
|
230
248
|
<example service.version="1.0">POP3 Bigfoot v1.0 server ready</example>
|
|
231
249
|
<param pos="0" name="service.vendor" value="Bigfoot"/>
|
|
@@ -243,7 +261,7 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
243
261
|
<param pos="0" name="service.product" value="CCProxy"/>
|
|
244
262
|
<param pos="1" name="service.version"/>
|
|
245
263
|
</fingerprint>
|
|
246
|
-
<fingerprint pattern=
|
|
264
|
+
<fingerprint pattern="^POP3 on WinWebMail \[([\d.]+)\] ready\.$">
|
|
247
265
|
<description>WinWebmail POP3</description>
|
|
248
266
|
<example service.version="1.1.1.1">POP3 on WinWebMail [1.1.1.1] ready.</example>
|
|
249
267
|
<param pos="0" name="service.product" value="WinWebMail"/>
|
|
@@ -251,19 +269,21 @@ matched against these patterns to fingerprint POP3 servers.
|
|
|
251
269
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
252
270
|
<param pos="0" name="os.family" value="Windows"/>
|
|
253
271
|
<param pos="0" name="os.product" value="Windows"/>
|
|
272
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
254
273
|
<param pos="1" name="service.version"/>
|
|
255
274
|
</fingerprint>
|
|
256
|
-
<fingerprint pattern=
|
|
275
|
+
<fingerprint pattern="^BlackJumboDog \(Version ([\d\.]+)\) ready$">
|
|
257
276
|
<description>BlackJumboDog</description>
|
|
258
277
|
<example service.version="5.7.5.0">BlackJumboDog (Version 5.7.5.0) ready</example>
|
|
259
|
-
<param pos="0" name="service.vendor" value=
|
|
278
|
+
<param pos="0" name="service.vendor" value="SapporoWorks"/>
|
|
260
279
|
<param pos="0" name="service.product" value="BlackJumboDog"/>
|
|
261
280
|
<param pos="0" name="os.family" value="Windows"/>
|
|
262
281
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
|
263
282
|
<param pos="0" name="os.product" value="Windows"/>
|
|
283
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
264
284
|
<param pos="1" name="service.version"/>
|
|
265
285
|
</fingerprint>
|
|
266
|
-
<!--
|
|
286
|
+
<!--
|
|
267
287
|
; Mandrake 8.1 - uses UW IMAP
|
|
268
288
|
; +OK POP3 mandrake81-f540k v2000.70mdk server ready
|
|
269
289
|
// wu-imap?
|