recog 2.1.22 → 2.1.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -5,6 +5,11 @@
5
5
  the identification string after "SSH-x.x-") are matched against these patterns to
6
6
  fingerprint SSH servers.
7
7
  -->
8
+ <fingerprint pattern="^ArrayOS$">
9
+ <description>Array Networks device</description>
10
+ <example>ArrayOS</example>
11
+ <param pos="0" name="service.vendor" value="Array Networks"/>
12
+ </fingerprint>
8
13
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
9
14
  <description>Allegro RomSShell SSH</description>
10
15
  <example service.version="4.62">RomSShell_4.62</example>
@@ -0,0 +1,819 @@
1
+ <?xml version="1.0" encoding="UTF-8"?>
2
+ <fingerprints protocol="telnet" database_type="service" preference=".80">
3
+ <!--
4
+ TELNET banners with CR/LF/whitespace trimmed from either end.
5
+ Examples with CR, LF, etc must be base64 encoded in order to past tests.
6
+ Please follow the style established below.
7
+ -->
8
+ <!--
9
+ The following 'assert nothing' block is intended to handle banners so simple
10
+ that they cannot be attributed to a product or vendor. They are at the
11
+ beginning of the file as a performance tweak given how frequenty they occur.
12
+
13
+ NOTE:
14
+ Due to the multi-line nature of TELNET banners the regex are leveraging \A
15
+ instead of ^ to prevent matching in the beginning of a 'line' (^) instead of
16
+ at the beginning of the string (\A). This has been verified to work with
17
+ Ruby, Python, Java, and Golang.
18
+ -->
19
+ <fingerprint pattern="\A(?i)(?:\r|\n)*login:\s*$">
20
+ <description>bare 'login:' -- assert nothing.</description>
21
+ <example>login:</example>
22
+ </fingerprint>
23
+ <fingerprint pattern="\A(?i)(?:\r|\n)*User(?:name)?\s*:\s*$">
24
+ <description>bare 'Username:' -- assert nothing.</description>
25
+ <example>Username:</example>
26
+ <example>User:</example>
27
+ </fingerprint>
28
+ <fingerprint pattern="\A(?i)(?:\r|\n)*Password:\s*$">
29
+ <description>bare 'Password:' -- assert nothing.</description>
30
+ <example>Password:</example>
31
+ </fingerprint>
32
+ <fingerprint pattern="\A(?i)(?:\r|\n)*Account:\s*$">
33
+ <description>bare 'Account:' -- assert nothing.</description>
34
+ <example>Account:</example>
35
+ </fingerprint>
36
+ <fingerprint pattern="\A(?i)Connection refused(?:\r|\n)*$">
37
+ <description>bare 'Connection refused' -- assert nothing.</description>
38
+ <example>Connection refused</example>
39
+ </fingerprint>
40
+ <!-- end of assert nothing block -->
41
+ <fingerprint pattern="^(?:\r|\n)*User Access Verification(?:\r|\n)+(?:Username|Password):\s*$">
42
+ <description>Cisco switch or router - user access variant</description>
43
+ <!-- User Access Verification\r\n\r\nUsername: -->
44
+ <example _encoding="base64">VXNlciBBY2Nlc3MgVmVyaWZpY2F0aW9uDQoNClVzZXJuYW1lOgo=</example>
45
+ <!-- User Access Verification\r\n\r\nPassword: -->
46
+ <example _encoding="base64">VXNlciBBY2Nlc3MgVmVyaWZpY2F0aW9uDQoNClBhc3N3b3JkOgo=</example>
47
+ <param pos="0" name="service.vendor" value="Cisco"/>
48
+ <param pos="0" name="os.vendor" value="Cisco"/>
49
+ <param pos="0" name="hw.vendor" value="Cisco"/>
50
+ </fingerprint>
51
+ <fingerprint pattern="^(?:\r|\n)*Password required, but none set(?:\r|\n)*$">
52
+ <description>Cisco switch or router - password not set variant</description>
53
+ <example>Password required, but none set</example>
54
+ <param pos="0" name="service.vendor" value="Cisco"/>
55
+ <param pos="0" name="os.vendor" value="Cisco"/>
56
+ <param pos="0" name="hw.vendor" value="Cisco"/>
57
+ </fingerprint>
58
+ <fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \(\w+\))?(?:\r|\n)+Login:\s*$">
59
+ <description>MikroTik RouterOS</description>
60
+ <!-- MikroTik v5.2\r\nLogin: -->
61
+ <example _encoding="base64" os.version="5.2">TWlrcm9UaWsgdjUuMg0KTG9naW46Cg==</example>
62
+ <!-- MikroTik v6.42.3 (stable)\r\nLogin: -->
63
+ <example _encoding="base64" os.version="6.42.3">TWlrcm9UaWsgdjYuNDIuMyAoc3RhYmxlKQ0KTG9naW46Cg==</example>
64
+ <!-- MikroTik v6.40.8 (bugfix)\r\nLogin: -->
65
+ <example _encoding="base64" os.version="6.40.8">TWlrcm9UaWsgdjYuNDAuOCAoYnVnZml4KQ0KTG9naW46Cg==</example>
66
+ <!-- MikroTik v6.36rc12 (testing)\r\nLogin: -->
67
+ <example _encoding="base64" os.version="6.36rc12">TWlrcm9UaWsgdjYuMzZyYzEyICh0ZXN0aW5nKQ0KTG9naW46Cg==</example>
68
+ <param pos="0" name="os.vendor" value="MikroTik"/>
69
+ <param pos="0" name="os.device" value="Router"/>
70
+ <param pos="0" name="os.product" value="RouterOS"/>
71
+ <param pos="1" name="os.version"/>
72
+ <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
73
+ <param pos="0" name="hw.vendor" value="MikroTik"/>
74
+ <param pos="0" name="hw.device" value="Router"/>
75
+ </fingerprint>
76
+ <fingerprint pattern="^(?:\r|\n)?ZXHN (\w+)(?: V([\d.]+))?(?:\r|\n)*Login:\s*$">
77
+ <description>ZTE ZXHN router</description>
78
+ <!-- ZXHN H108N\r\nLogin: -->
79
+ <example _encoding="base64" hw.product="H108N">WlhITiBIMTA4Tg0KTG9naW46Cg==</example>
80
+ <!-- ZXHN H298A V1.1\r\nLogin: -->
81
+ <example _encoding="base64" hw.product="H298A" hw.version="1.1">WlhITiBIMjk4QSBWMS4xDQpMb2dpbjoK</example>
82
+ <!-- ZXHN H367N\r\n\rLogin: -->
83
+ <example _encoding="base64" hw.product="H367N">WlhITiBIMzY3Tg0KDUxvZ2luOgo=</example>
84
+ <param pos="0" name="hw.vendor" value="ZTE"/>
85
+ <param pos="0" name="hw.device" value="Router"/>
86
+ <param pos="0" name="hw.family" value="ZXHN"/>
87
+ <param pos="1" name="hw.product"/>
88
+ <param pos="2" name="hw.version"/>
89
+ </fingerprint>
90
+ <fingerprint pattern="^(F6\d+\w?)\r\n\rLogin:\s*$">
91
+ <description>ZTE F6xx series GPON router</description>
92
+ <!-- F668\r\n\rLogin: -->
93
+ <example _encoding="base64" hw.product="F668">RjY2OA0KDUxvZ2luOgo=</example>
94
+ <!-- F612W\r\n\rLogin: -->
95
+ <example _encoding="base64" hw.product="F612W">RjYxMlcNCg1Mb2dpbjoK</example>
96
+ <param pos="0" name="hw.vendor" value="ZTE"/>
97
+ <param pos="0" name="hw.device" value="Router"/>
98
+ <param pos="1" name="hw.product"/>
99
+ </fingerprint>
100
+ <fingerprint pattern="^(?:\r|\n)*DD-WRT v([\d.]+)(?:-(\w+))? ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+ \(SVN revision: ([:\w]+)\)(?:\r|\n)+.* login:\s*$">
101
+ <description>DD-WRT - 24 family</description>
102
+ <!-- DD-WRT v24-sp2 mini (c) 2013 NewMedia-NET GmbH\r\nRelease: 05/27/13 (SVN revision: 21676)\r\n\r\nDD-WRT login: -->
103
+ <example _encoding="base64" os.version="24" os.version.version="sp2" os.edition="mini" os.build="21676">
104
+ REQtV1JUIHYyNC1zcDIgbWluaSAoYykgMjAxMyBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZWFzZ
105
+ TogMDUvMjcvMTMgKFNWTiByZXZpc2lvbjogMjE2NzYpDQoNCkRELVdSVCBsb2dpbjoK
106
+ </example>
107
+ <!-- DD-WRT v24 micro (c) 2010 NewMedia-NET GmbH\r\nRelease: 08/07/10 (SVN revision: 14896)\r\n\r\nProliant DL980R07 X6550 8-core 4P SAS login: -->
108
+ <example _encoding="base64" os.version="24" os.edition="micro" os.build="14896">
109
+ REQtV1JUIHYyNCBtaWNybyAoYykgMjAxMCBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZWFzZTogM
110
+ DgvMDcvMTAgKFNWTiByZXZpc2lvbjogMTQ4OTYpDQoNClByb2xpYW50IERMOTgwUjA3IFg2NT
111
+ UwIDgtY29yZSA0UCBTQVMgbG9naW46Cg==
112
+ </example>
113
+ <param pos="0" name="os.vendor" value="DD-WRT"/>
114
+ <param pos="0" name="os.product" value="DD-WRT"/>
115
+ <param pos="0" name="os.device" value="Router"/>
116
+ <param pos="1" name="os.version"/>
117
+ <param pos="2" name="os.version.version"/>
118
+ <param pos="3" name="os.edition"/>
119
+ <param pos="4" name="os.build"/>
120
+ <param pos="0" name="hw.device" value="Router"/>
121
+ </fingerprint>
122
+ <fingerprint pattern="^(?:\r|\n)*DD-WRT v(3.\d)-(r([\w]+)) ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+(?:\r|\n)+.* login:\s*$">
123
+ <description>DD-WRT - 3.0 family</description>
124
+ <!-- DD-WRT v3.0-r34886M std (c) 2018 NewMedia-NET GmbH\r\nRelease: 02/10/18\r\n\r\nwibrate login: -->
125
+ <example _encoding="base64" os.version="3.0" os.version.version="r34886M" os.edition="std" os.build="34886M">
126
+ REQtV1JUIHYzLjAtcjM0ODg2TSBzdGQgKGMpIDIwMTggTmV3TWVkaWEtTkVUIEdtYkgNClJlb
127
+ GVhc2U6IDAyLzEwLzE4DQoNCndpYnJhdGUgbG9naW46Cg==
128
+ </example>
129
+ <param pos="0" name="os.vendor" value="DD-WRT"/>
130
+ <param pos="0" name="os.product" value="DD-WRT"/>
131
+ <param pos="0" name="os.device" value="Router"/>
132
+ <param pos="1" name="os.version"/>
133
+ <param pos="2" name="os.version.version"/>
134
+ <param pos="3" name="os.build"/>
135
+ <param pos="4" name="os.edition"/>
136
+ <param pos="0" name="hw.device" value="Router"/>
137
+ </fingerprint>
138
+ <fingerprint pattern="^(TD-\w+) [\d.]+ DSL Modem Router(?:\r|\n)+Authorization failed after trying \d+ times!!!\.(?:\r|\n)+Please login after \d+ seconds!\s*$">
139
+ <description>TP-LINK TD Family DSL Modem/Router</description>
140
+ <!-- TD-W8960N 5.0 DSL Modem Router\r\nAuthorization failed after trying 5 times!!!.\r\nPlease login after 416 seconds! -->
141
+ <example _encoding="base64" hw.product="TD-W8960N">
142
+ VEQtVzg5NjBOIDUuMCBEU0wgTW9kZW0gUm91dGVyDQpBdXRob3JpemF0aW9uIGZhaWxlZCBhZ
143
+ nRlciB0cnlpbmcgNSB0aW1lcyEhIS4NClBsZWFzZSBsb2dpbiBhZnRlciA0MTYgc2Vjb25kcy
144
+ E=
145
+ </example>
146
+ <param pos="0" name="hw.vendor" value="TP-Link"/>
147
+ <param pos="1" name="hw.product"/>
148
+ <param pos="0" name="hw.device" value="Router"/>
149
+ </fingerprint>
150
+ <fingerprint pattern="^(?:\r|\n)*ZyXEL login:$">
151
+ <description>ZyXEL simple</description>
152
+ <example>ZyXEL login:</example>
153
+ <param pos="0" name="hw.vendor" value="ZyXEL"/>
154
+ </fingerprint>
155
+ <fingerprint pattern="^ZyXEL \w?DSL Router\r\nLogin:$">
156
+ <description>ZyXEL Router - simple</description>
157
+ <!-- ZyXEL VDSL Router\r\nLogin: -->
158
+ <example _encoding="base64">WnlYRUwgVkRTTCBSb3V0ZXINCkxvZ2luOgo=</example>
159
+ <param pos="0" name="hw.vendor" value="ZyXEL"/>
160
+ <param pos="0" name="hw.device" value="Router"/>
161
+ </fingerprint>
162
+ <fingerprint pattern="^Debian GNU\/Linux 9(?:\r|\n)+([\w.-]+) login:\s*$">
163
+ <description>Debian 9.0 (stretch)</description>
164
+ <!-- Debian GNU/Linux 9\r\nserver-01.2 login: -->
165
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA5DQpzZXJ2ZXItMDEuMiBsb2dpbjoK</example>
166
+ <param pos="0" name="os.vendor" value="Debian"/>
167
+ <param pos="0" name="os.family" value="Linux"/>
168
+ <param pos="0" name="os.product" value="Linux"/>
169
+ <param pos="0" name="os.version" value="9.0"/>
170
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
171
+ <param pos="1" name="host.name"/>
172
+ </fingerprint>
173
+ <fingerprint pattern="^Debian GNU\/Linux 8(?:.0)?(?:\r|\n)+([\w.-]+) login:\s*$">
174
+ <description>Debian 8.0 (jessie)</description>
175
+ <!-- Debian GNU/Linux 8\r\nserver-01.2 login: -->
176
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA4DQpzZXJ2ZXItMDEuMiBsb2dpbjoK</example>
177
+ <param pos="0" name="os.vendor" value="Debian"/>
178
+ <param pos="0" name="os.family" value="Linux"/>
179
+ <param pos="0" name="os.product" value="Linux"/>
180
+ <param pos="0" name="os.version" value="8.0"/>
181
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
182
+ <param pos="1" name="host.name"/>
183
+ </fingerprint>
184
+ <fingerprint pattern="^(?:\r|\n)*Debian GNU\/Linux 7(?:.0)?(?:\r|\n)+([\w.-]+) login:\s*$">
185
+ <description>Debian 7.0 (wheezy)</description>
186
+ <!-- Debian GNU/Linux 7\r\nserver-01.2 login: -->
187
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA3DQpzZXJ2ZXItMDEuMiBsb2dpbjoK</example>
188
+ <param pos="0" name="os.vendor" value="Debian"/>
189
+ <param pos="0" name="os.family" value="Linux"/>
190
+ <param pos="0" name="os.product" value="Linux"/>
191
+ <param pos="0" name="os.version" value="7.0"/>
192
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
193
+ <param pos="1" name="host.name"/>
194
+ </fingerprint>
195
+ <fingerprint pattern="^(?:\r|\n)*Debian GNU\/Linux 6(?:.0)?(?:\r|\n)+([\w.-]+) login:\s*$">
196
+ <description>Debian 6.0 (sqeeze)</description>
197
+ <!-- Debian GNU/Linux 6.0\r\nserver-01.2 login: -->
198
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA2LjANCnNlcnZlci0wMS4yIGxvZ2luOgo=</example>
199
+ <param pos="0" name="os.vendor" value="Debian"/>
200
+ <param pos="0" name="os.family" value="Linux"/>
201
+ <param pos="0" name="os.product" value="Linux"/>
202
+ <param pos="0" name="os.version" value="6.0"/>
203
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
204
+ <param pos="1" name="host.name"/>
205
+ </fingerprint>
206
+ <fingerprint pattern="^(?:\r|\n)*Debian GNU\/Linux 5(?:.0)?(?:\r|\n)+([\w.-]+) login:\s*$">
207
+ <description>Debian 5.0 (lenny)</description>
208
+ <!-- Debian GNU/Linux 5.0\r\nserver-01.2 login: -->
209
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA1LjANCnNlcnZlci0wMS4yIGxvZ2luOgo=</example>
210
+ <param pos="0" name="os.vendor" value="Debian"/>
211
+ <param pos="0" name="os.family" value="Linux"/>
212
+ <param pos="0" name="os.product" value="Linux"/>
213
+ <param pos="0" name="os.version" value="5.0"/>
214
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
215
+ <param pos="1" name="host.name"/>
216
+ </fingerprint>
217
+ <fingerprint pattern="^(?:\r|\n)*Debian GNU\/Linux 4(?:.0)?(?:\r|\n)+([\w.-]+) login:\s*$">
218
+ <description>Debian 4.0 (etch)</description>
219
+ <!-- Debian GNU/Linux 4.0\r\nserver-01.2 login: -->
220
+ <example _encoding="base64" host.name="server-01.2">RGViaWFuIEdOVS9MaW51eCA0LjANCnNlcnZlci0wMS4yIGxvZ2luOgo=</example>
221
+ <param pos="0" name="os.vendor" value="Debian"/>
222
+ <param pos="0" name="os.family" value="Linux"/>
223
+ <param pos="0" name="os.product" value="Linux"/>
224
+ <param pos="0" name="os.version" value="4.0"/>
225
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
226
+ <param pos="1" name="host.name"/>
227
+ </fingerprint>
228
+ <fingerprint pattern="^(?:\r|\n)*Debian GNU\/Linux (3.\d)(?: [\w.-]+)?(?:\r|\n)+([\w.-]+) login:\s*$">
229
+ <description>Debian 3.x (woody/sarge)</description>
230
+ <!-- Debian GNU/Linux 3.1\r\nserver-01.2 login: -->
231
+ <example _encoding="base64" os.version="3.1" host.name="server-01.2">
232
+ RGViaWFuIEdOVS9MaW51eCAzLjENCnNlcnZlci0wMS4yIGxvZ2luOgo=
233
+ </example>
234
+ <param pos="0" name="os.vendor" value="Debian"/>
235
+ <param pos="0" name="os.family" value="Linux"/>
236
+ <param pos="0" name="os.product" value="Linux"/>
237
+ <param pos="1" name="os.version"/>
238
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
239
+ <param pos="2" name="host.name"/>
240
+ </fingerprint>
241
+ <fingerprint pattern="^(?:\r|\n)*Ubuntu ([\d.]+)(?: LTS)?(?:\r|\n)+([\w.-]+) login:\s*$">
242
+ <description>Ubuntu - most versions</description>
243
+ <!-- Ubuntu 16.04.4 LTS\r\nserver-01.2 login: -->
244
+ <example _encoding="base64" os.version="16.04.4" host.name="server-01.2">
245
+ VWJ1bnR1IDE2LjA0LjQgTFRTDQpzZXJ2ZXItMDEuMiBsb2dpbjoK
246
+ </example>
247
+ <!-- Ubuntu 17.04\r\nnginx login: -->
248
+ <example _encoding="base64" os.version="17.04" host.name="nginx">
249
+ VWJ1bnR1IDE3LjA0DQpuZ2lueCBsb2dpbjoK
250
+ </example>
251
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
252
+ <param pos="0" name="os.family" value="Linux"/>
253
+ <param pos="0" name="os.product" value="Ubuntu Linux"/>
254
+ <param pos="1" name="os.version"/>
255
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
256
+ <param pos="2" name="host.name"/>
257
+ </fingerprint>
258
+ <fingerprint pattern="(?:\r|\n)*Debian GNU\/Linux (2.\d)(?: [\w.-]+)?(?:\r|\n)+([\w.-]+) login:\s*">
259
+ <description>Debian 2.x (hamm/slink/potato)</description>
260
+ <!-- Debian GNU/Linux 2.2\r\nserver-01.2 login: -->
261
+ <example _encoding="base64" os.version="2.2" host.name="server-01.2">
262
+ RGViaWFuIEdOVS9MaW51eCAyLjINCnNlcnZlci0wMS4yIGxvZ2luOgo=
263
+ </example>
264
+ <!-- Debian GNU/Linux 2.2 localhost.localdomain\r\nmoon login: -->
265
+ <example _encoding="base64" os.version="2.2" host.name="moon">
266
+ RGViaWFuIEdOVS9MaW51eCAyLjIgbG9jYWxob3N0LmxvY2FsZG9tYWluDQptb29uIGxvZ2luOgo=
267
+ </example>
268
+ <param pos="0" name="os.vendor" value="Debian"/>
269
+ <param pos="0" name="os.family" value="Linux"/>
270
+ <param pos="0" name="os.product" value="Linux"/>
271
+ <param pos="1" name="os.version"/>
272
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
273
+ <param pos="2" name="host.name"/>
274
+ </fingerprint>
275
+ <fingerprint pattern="^CentOS release ([\d.]+) \(Final\)(?:\r|\n)+Kernel ([\w.-]+) on an (\w+)(?:\r|\n)+(?:([\w.-]+) )?login:\s*$">
276
+ <description>CentOS</description>
277
+ <!-- CentOS release 5.9 (Final)\r\nKernel 2.6.18-348.6.1.el5 on an i686\r\nlogin: -->
278
+ <example _encoding="base64" os.version="5.9" linux.kernel.version="2.6.18-348.6.1.el5" os.arch="i686">
279
+ Q2VudE9TIHJlbGVhc2UgNS45IChGaW5hbCkNCktlcm5lbCAyLjYuMTgtMzQ4LjYuMS5lbDUgb
280
+ 24gYW4gaTY4Ng0KbG9naW46Cg==
281
+ </example>
282
+ <!-- CentOS release 6.10 (Final)\r\nKernel 2.6.32-754.2.1.el6.x86_64 on an x86_64\r\nserver-01.2 login: -->
283
+ <example _encoding="base64" os.version="6.10" linux.kernel.version="2.6.32-754.2.1.el6.x86_64" os.arch="x86_64" host.name="server-01.2">
284
+ Q2VudE9TIHJlbGVhc2UgNi4xMCAoRmluYWwpDQpLZXJuZWwgMi42LjMyLTc1NC4yLjEuZWw2L
285
+ ng4Nl82NCBvbiBhbiB4ODZfNjQNCnNlcnZlci0wMS4yIGxvZ2luOgo=
286
+ </example>
287
+ <param pos="0" name="os.vendor" value="CentOS"/>
288
+ <param pos="0" name="os.family" value="Linux"/>
289
+ <param pos="0" name="os.product" value="Linux"/>
290
+ <param pos="1" name="os.version"/>
291
+ <param pos="2" name="linux.kernel.version"/>
292
+ <param pos="3" name="os.arch"/>
293
+ <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
294
+ <param pos="4" name="host.name"/>
295
+ </fingerprint>
296
+ <fingerprint pattern="^(?:\r|\n)*(RT-AC\d\d\w) login:\s*$">
297
+ <description>Asus Wireless Access Point/Router - RT-AC prefix</description>
298
+ <example hw.product="RT-AC54U">RT-AC54U login:</example>
299
+ <example hw.product="RT-AC68R">RT-AC68R login:</example>
300
+ <param pos="0" name="os.family" value="Linux"/>
301
+ <param pos="0" name="os.product" value="Linux"/>
302
+ <param pos="0" name="hw.vendor" value="Asus"/>
303
+ <param pos="0" name="hw.device" value="WAP"/>
304
+ <param pos="1" name="hw.product"/>
305
+ </fingerprint>
306
+ <fingerprint pattern="^(?:\r|\n)*(AC\d\d00) login:\s*$">
307
+ <description>Asus Wireless Access Point/Router - AC prefix</description>
308
+ <example hw.product="AC1000">AC1000 login:</example>
309
+ <example hw.product="AC3000">AC3000 login:</example>
310
+ <param pos="0" name="os.family" value="Linux"/>
311
+ <param pos="0" name="os.product" value="Linux"/>
312
+ <param pos="0" name="hw.vendor" value="Asus"/>
313
+ <param pos="0" name="hw.device" value="WAP"/>
314
+ <param pos="1" name="hw.product"/>
315
+ </fingerprint>
316
+ <fingerprint pattern="^(?:\r|\n)*(Air5\d+\w{0,2}) login:\s*$">
317
+ <description>Airties</description>
318
+ <example hw.product="Air5650">Air5650 login:</example>
319
+ <example hw.product="Air5650TT">Air5650TT login:</example>
320
+ <param pos="0" name="hw.vendor" value="Airties"/>
321
+ <param pos="0" name="hw.device" value="WAP"/>
322
+ <param pos="1" name="hw.product"/>
323
+ </fingerprint>
324
+ <fingerprint pattern="^Amazon Linux AMI release ([\d.]+)(?:\r|\n)+Kernel ([\w.-]+) on an (\w+)(?:\r|\n)+(?:([\w.-]+) )?login:\s*$">
325
+ <description>Amazon Linux AMI</description>
326
+ <!-- Amazon Linux AMI release 2013.09\r\nKernel 3.4.68-59.97.amzn1.x86_64 on an x86_64\r\nserver-01.2 login: -->
327
+ <example _encoding="base64" os.version="2013.09" linux.kernel.version="3.4.68-59.97.amzn1.x86_64" os.arch="x86_64" host.name="server-01.2">
328
+ QW1hem9uIExpbnV4IEFNSSByZWxlYXNlIDIwMTMuMDkNCktlcm5lbCAzLjQuNjgtNTkuOTcuY
329
+ W16bjEueDg2XzY0IG9uIGFuIHg4Nl82NA0Kc2VydmVyLTAxLjIgbG9naW46Cg==
330
+ </example>
331
+ <param pos="0" name="os.vendor" value="Amazon"/>
332
+ <param pos="0" name="os.family" value="Linux"/>
333
+ <param pos="0" name="os.product" value="Linux"/>
334
+ <param pos="1" name="os.version"/>
335
+ <param pos="2" name="linux.kernel.version"/>
336
+ <param pos="3" name="os.arch"/>
337
+ <param pos="4" name="host.name"/>
338
+ </fingerprint>
339
+ <fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$">
340
+ <description>ALCATEL Service Router running TiMOS</description>
341
+ <!-- TiMOS-C-12.0.R12 cpm/hops64 ALCATEL SR 7750 Copyright (c) 2000-2015 Alcatel-Lucent.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
342
+ <example _encoding="base64" os.version="12.0.R12" hw.product="SR 7750" os.arch="hops64">
343
+ VGlNT1MtQy0xMi4wLlIxMiBjcG0vaG9wczY0IEFMQ0FURUwgU1IgNzc1MCBDb3B5cmlnaHQgK
344
+ GMpIDIwMDAtMjAxNSBBbGNhdGVsLUx1Y2VudC4NDQpCYW5uZXIgU2hvcnRlbmVkIEZvciANDQ
345
+ pCcmV2aXR5DQpMb2dpbjoK
346
+ </example>
347
+ <param pos="0" name="os.vendor" value="ALCATEL"/>
348
+ <param pos="0" name="os.product" value="TimOS"/>
349
+ <param pos="0" name="os.device" value="Router"/>
350
+ <param pos="1" name="os.version"/>
351
+ <param pos="2" name="os.arch"/>
352
+ <param pos="0" name="hw.vendor" value="ALCATEL"/>
353
+ <param pos="0" name="hw.family" value="Service Router"/>
354
+ <param pos="0" name="hw.device" value="Router"/>
355
+ <param pos="3" name="hw.product"/>
356
+ </fingerprint>
357
+ <!-- Nokia purchased Alcatel Lucent, finalized in Nov 2016 -->
358
+ <fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$">
359
+ <description>Nokia Service Router running TiMOS</description>
360
+ <!-- TiMOS-C-14.0.R5 cpm/hops64 Nokia 7750 SR Copyright (c) 2000-2016 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
361
+ <example _encoding="base64" os.version="14.0.R5" os.arch="hops64" hw.product="7750 SR">
362
+ VGlNT1MtQy0xNC4wLlI1IGNwbS9ob3BzNjQgTm9raWEgNzc1MCBTUiBDb3B5cmlnaHQgKGMpI
363
+ DIwMDAtMjAxNiBOb2tpYS4NDQpCYW5uZXIgU2hvcnRlbmVkIEZvciANDQpCcmV2aXR5DQpMb2
364
+ dpbjoK
365
+ </example>
366
+ <!-- TiMOS-C-14.0.R10 cpm/hops64 Nokia 7950 XRS Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
367
+ <example _encoding="base64" os.version="14.0.R10" os.arch="hops64" hw.product="7950 XRS">
368
+ VGlNT1MtQy0xNC4wLlIxMCBjcG0vaG9wczY0IE5va2lhIDc5NTAgWFJTIENvcHlyaWdodCAoY
369
+ ykgMjAwMC0yMDE3IE5va2lhLg0NCkJhbm5lciBTaG9ydGVuZWQgRm9yIA0NCkJyZXZpdHkNCk
370
+ xvZ2luOgo=
371
+ </example>
372
+ <param pos="0" name="os.vendor" value="Nokia"/>
373
+ <param pos="0" name="os.product" value="TimOS"/>
374
+ <param pos="0" name="os.device" value="Router"/>
375
+ <param pos="1" name="os.version"/>
376
+ <param pos="2" name="os.arch"/>
377
+ <param pos="0" name="hw.vendor" value="Nokia"/>
378
+ <param pos="0" name="hw.family" value="Service Router"/>
379
+ <param pos="0" name="hw.device" value="Router"/>
380
+ <param pos="3" name="hw.product"/>
381
+ </fingerprint>
382
+ <fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$">
383
+ <description>Nokia Service Access Switch running TiMOS</description>
384
+ <!-- TiMOS-B-8.0.R12 both/hops Nokia SAS-Mxp 22F2C 4SFP+ 7210 Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
385
+ <example _encoding="base64" os.version="8.0.R12" os.arch="hops" hw.product="SAS-Mxp 22F2C 4SFP+ 7210">
386
+ VGlNT1MtQi04LjAuUjEyIGJvdGgvaG9wcyBOb2tpYSBTQVMtTXhwIDIyRjJDIDRTRlArIDcyM
387
+ TAgQ29weXJpZ2h0IChjKSAyMDAwLTIwMTcgTm9raWEuDQ0KQmFubmVyIFNob3J0ZW5lZCBGb3
388
+ IgDQ0KQnJldml0eQ0KTG9naW46Cg==
389
+ </example>
390
+ <!-- TiMOS-B-9.0.R9 both/mpc Nokia SAS-M 24F 2XFP 7210 Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
391
+ <example _encoding="base64" os.version="9.0.R9" os.arch="mpc" hw.product="SAS-M 24F 2XFP 7210">
392
+ VGlNT1MtQi05LjAuUjkgYm90aC9tcGMgTm9raWEgU0FTLU0gMjRGIDJYRlAgNzIxMCBDb3B5c
393
+ mlnaHQgKGMpIDIwMDAtMjAxNyBOb2tpYS4NDQpCYW5uZXIgU2hvcnRlbmVkIEZvciANDQpCcm
394
+ V2aXR5DQpMb2dpbjoK
395
+ </example>
396
+ <param pos="0" name="os.vendor" value="Nokia"/>
397
+ <param pos="0" name="os.product" value="TimOS"/>
398
+ <param pos="0" name="os.device" value="Switch"/>
399
+ <param pos="1" name="os.version"/>
400
+ <param pos="2" name="os.arch"/>
401
+ <param pos="0" name="hw.vendor" value="Nokia"/>
402
+ <param pos="0" name="hw.family" value="Service Access Switch"/>
403
+ <param pos="0" name="hw.device" value="Switch"/>
404
+ <param pos="3" name="hw.product"/>
405
+ </fingerprint>
406
+ <fingerprint pattern="^(?:\r|\n)*Grandstream (HT[\d-]+)\s+(?:V\d\.\d\w?\s+)?Command Shell Copyright \d\d\d\d-\d\d\d\d(?:\r|\n)+Password:\s*$">
407
+ <description>Grandstream HandyTone Analog Telephone Adapters</description>
408
+ <!-- Grandstream HT812 Command Shell Copyright 2006-2017\r\nPassword: -->
409
+ <example _encoding="base64" hw.product="HT812">
410
+ R3JhbmRzdHJlYW0gSFQ4MTIgQ29tbWFuZCBTaGVsbCBDb3B5cmlnaHQgMjAwNi0yMDE3DQpQY
411
+ XNzd29yZDoK
412
+ </example>
413
+ <!-- Grandstream HT-502 V2.0A Command Shell Copyright 2006-2014\r\nPassword: -->
414
+ <example _encoding="base64" hw.product="HT-502">
415
+ R3JhbmRzdHJlYW0gSFQtNTAyICBWMi4wQSBDb21tYW5kIFNoZWxsIENvcHlyaWdodCAyMDA2L
416
+ TIwMTQNClBhc3N3b3JkOgo=
417
+ </example>
418
+ <param pos="0" name="hw.vendor" value="Grandstream"/>
419
+ <param pos="0" name="hw.family" value="HandyTone"/>
420
+ <param pos="0" name="hw.device" value="VoIP"/>
421
+ <param pos="1" name="hw.product"/>
422
+ </fingerprint>
423
+ <fingerprint pattern="^(?:\r|\n)*Grandstream (GXW[\d-]+)\s+(?:V\d\.\d\w?\s+)?Command Shell Copyright \d\d\d\d(?:-\d\d\d\d)?(?:\r|\n)+Password:\s*$">
424
+ <description>Grandstream Analog VoIP Gateways</description>
425
+ <!-- Grandstream GXW-4008 V1.5A Command Shell Copyright 2006-2015\r\nPassword: -->
426
+ <example _encoding="base64" hw.product="GXW-4008">
427
+ R3JhbmRzdHJlYW0gR1hXLTQwMDggIFYxLjVBIENvbW1hbmQgU2hlbGwgQ29weXJpZ2h0IDIwM
428
+ DYtMjAxNQ0KUGFzc3dvcmQ6Cg==
429
+ </example>
430
+ <!-- Grandstream GXW4216 V2.3B Command Shell Copyright 2015\r\nPassword: -->
431
+ <example _encoding="base64" hw.product="GXW4216">
432
+ R3JhbmRzdHJlYW0gR1hXNDIxNiAgVjIuM0IgQ29tbWFuZCBTaGVsbCBDb3B5cmlnaHQgMjAxN
433
+ Q0KUGFzc3dvcmQ6Cg==
434
+ </example>
435
+ <param pos="0" name="hw.vendor" value="Grandstream"/>
436
+ <param pos="0" name="hw.family" value="GXW"/>
437
+ <param pos="0" name="hw.device" value="VoIP"/>
438
+ <param pos="1" name="hw.product"/>
439
+ </fingerprint>
440
+ <fingerprint pattern="^(?:\r|\n|\s)*Grandstream (GXV[\w-]+)\s+(?:V\d\.\d\w?\s+)?Shell Command.Copyight \d\d\d\d-\d\d\d\d(?:\r|\n)+Username:\s*$">
441
+ <description>Grandstream IP Cameras</description>
442
+ <!-- Grandstream GXV3674_FHD_VF Shell Command.Copyight 2011-2014\r\nUsername: -->
443
+ <example _encoding="base64" hw.product="GXV3674_FHD_VF">
444
+ R3JhbmRzdHJlYW0gR1hWMzY3NF9GSERfVkYgICAgU2hlbGwgQ29tbWFuZC5Db3B5aWdodCAyM
445
+ DExLTIwMTQNClVzZXJuYW1lOgo=
446
+ </example>
447
+ <param pos="0" name="hw.vendor" value="Grandstream"/>
448
+ <param pos="0" name="hw.family" value="GXV"/>
449
+ <param pos="0" name="hw.device" value="Camera"/>
450
+ <param pos="1" name="hw.product"/>
451
+ </fingerprint>
452
+ <fingerprint pattern="^(?:\r|\n)*Welcome to Polycom RMX\s*(\w+) \(COP\) Console Utility(?:\r|\n)+Copyright \(C\) \d\d\d\d-\d\d\d\d POLYCOM(?:\r|\n)+Password:\s*$">
453
+ <description>Polycom Real Time Media Conferencing</description>
454
+ <!-- Welcome to Polycom RMX 500 (COP) Console Utility\r\n\rCopyright (C) 2008-2010 POLYCOM\r\n\r\r\n\rPassword: -->
455
+ <example _encoding="base64" hw.product="500">
456
+ V2VsY29tZSB0byBQb2x5Y29tIFJNWCA1MDAgKENPUCkgQ29uc29sZSBVdGlsaXR5DQoNQ29we
457
+ XJpZ2h0IChDKSAyMDA4LTIwMTAgUE9MWUNPTQ0KDQ0KDVBhc3N3b3JkOgo=
458
+ </example>
459
+ <!-- Welcome to Polycom RMX 1000C (COP) Console Utility\r\n\rCopyright (C) 2008-2012 POLYCOM\r\n\r\r\n\rPassword: -->
460
+ <example _encoding="base64" hw.product="1000C">
461
+ V2VsY29tZSB0byBQb2x5Y29tIFJNWCAxMDAwQyAoQ09QKSBDb25zb2xlIFV0aWxpdHkNCg1Db
462
+ 3B5cmlnaHQgKEMpIDIwMDgtMjAxMiBQT0xZQ09NDQoNDQoNUGFzc3dvcmQ6Cg==
463
+ </example>
464
+ <param pos="0" name="hw.vendor" value="Polycom"/>
465
+ <param pos="0" name="hw.family" value="RMX"/>
466
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
467
+ <param pos="1" name="hw.product"/>
468
+ </fingerprint>
469
+ <fingerprint pattern="^(?:\r|\n)*Hi, my name is :\s+[\w.\s-]+(?:\r|\n)+Here is what I know about myself:(?:\r|\n)+Model:\s+VSX (\w+)(?:\r|\n)+Serial Number:\s+(\w+)(?:\r|\n)+Software Version:\s+Release ([\d.-]+)\s">
470
+ <description>Polycom Video Conferencing - VSX Family</description>
471
+ <!-- Hi, my name is : Something Pity\r\nHere is what I know about myself:\r\nModel: VSX 6000A\r\nSerial Number: 00070906FC34F6\r\nSoftware Version: Release 9.0.6.2-103 - 04Sep2011 21:27\r\nBuild Information: ecomman -->
472
+ <example _encoding="base64" hw.product="6000A" host.id="00070906FC34F6" os.version="9.0.6.2-103">
473
+ SGksIG15IG5hbWUgaXMgOiAgICAgU29tZXRoaW5nIFBpdHkNCkhlcmUgaXMgd2hhdCBJIGtub
474
+ 3cgYWJvdXQgbXlzZWxmOg0KTW9kZWw6ICAgICAgICAgICAgICAgVlNYIDYwMDBBDQpTZXJpYW
475
+ wgTnVtYmVyOiAgICAgICAwMDA3MDkwNkZDMzRGNg0KU29mdHdhcmUgVmVyc2lvbjogICAgUmV
476
+ sZWFzZSA5LjAuNi4yLTEwMyAtIDA0U2VwMjAxMSAyMToyNw0KQnVpbGQgSW5mb3JtYXRpb246
477
+ ICAgZWNvbW1hbgo=
478
+ </example>
479
+ <param pos="0" name="hw.vendor" value="Polycom"/>
480
+ <param pos="0" name="hw.family" value="VSX"/>
481
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
482
+ <param pos="1" name="hw.product"/>
483
+ <param pos="2" name="host.id"/>
484
+ <param pos="3" name="os.version"/>
485
+ </fingerprint>
486
+ <fingerprint pattern="Polycom Command Shell(?:\r|\n)+XCOM host:\s+localhost port: \d+">
487
+ <description>Polycom Diagnotic Service</description>
488
+ <!-- Polycom Command Shell\r\r\nXCOM host: localhost port: 4121\r\r\nTTY name: /dev/pts/0\r\r\nSession type: telnet\r\r\nNCF\r\nNCF\r\n2018-08-15 18:03:10 DEBUG -->
489
+ <example _encoding="base64">
490
+ UG9seWNvbSBDb21tYW5kIFNoZWxsDQ0KWENPTSBob3N0OiAgICBsb2NhbGhvc3QgcG9ydDogN
491
+ DEyMQ0NClRUWSBuYW1lOiAgICAgL2Rldi9wdHMvMA0NClNlc3Npb24gdHlwZTogdGVsbmV0DQ
492
+ 0KTkNGDQpOQ0YNCjIwMTgtMDgtMTUgMTg6MDM6MTAgREVCVUcK
493
+ </example>
494
+ <param pos="0" name="hw.vendor" value="Polycom"/>
495
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
496
+ </fingerprint>
497
+ <fingerprint pattern="^Welcome to the Windows CE Telnet Service on (WEBBOX[\w.-]+)(?:\r|\n)+login:\s*$">
498
+ <description>Sunny WebBox Windows CE</description>
499
+ <!-- Welcome to the Windows CE Telnet Service on WEBBOX150000000\r\n\r\nlogin: -->
500
+ <example _encoding="base64" host.name="WEBBOX150000000">
501
+ V2VsY29tZSB0byB0aGUgV2luZG93cyBDRSBUZWxuZXQgU2VydmljZSBvbiBXRUJCT1gxNTAwM
502
+ DAwMDANCg0KbG9naW46Cg==
503
+ </example>
504
+ <param pos="0" name="hw.vendor" value="SMA Solar Technology Ag"/>
505
+ <param pos="0" name="hw.family" value="Sunny"/>
506
+ <param pos="0" name="hw.product" value="WebBox"/>
507
+ <param pos="0" name="hw.device" value="Power Management"/>
508
+ <param pos="0" name="os.vendor" value="Microsoft"/>
509
+ <param pos="0" name="os.family" value="Windows"/>
510
+ <param pos="0" name="os.product" value="Windows CE"/>
511
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
512
+ <param pos="1" name="host.name"/>
513
+ </fingerprint>
514
+ <fingerprint pattern="^Welcome to the Windows CE Telnet Service on ([\w.-]+)(?:\r|\n)+login:\s*$">
515
+ <description>Windows CE</description>
516
+ <!-- Welcome to the Windows CE Telnet Service on MY-CE-DEVICE\r\n\r\nlogin: -->
517
+ <example _encoding="base64" host.name="MY-CE-DEVICE">
518
+ V2VsY29tZSB0byB0aGUgV2luZG93cyBDRSBUZWxuZXQgU2VydmljZSBvbiBNWS1DRS1ERVZJQ
519
+ 0UNCg0KbG9naW46Cg==
520
+ </example>
521
+ <param pos="0" name="os.vendor" value="Microsoft"/>
522
+ <param pos="0" name="os.family" value="Windows"/>
523
+ <param pos="0" name="os.product" value="Windows CE"/>
524
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
525
+ <param pos="1" name="host.name"/>
526
+ </fingerprint>
527
+ <fingerprint pattern="^(?:\r|\n)*HP JetDirect(?:\r|\n)+$">
528
+ <description>HP Printer - Jet Direct</description>
529
+ <!-- HP JetDirect\r\nPassword is not set\r\n\r\nPlease type "menu" for the MENU system, \r\nor "?" for help, or "/" for current settings.\r\n> -->
530
+ <example _encoding="base64">
531
+ SFAgSmV0RGlyZWN0DQpQYXNzd29yZCBpcyBub3Qgc2V0DQoNClBsZWFzZSB0eXBlICJtZW51I
532
+ iBmb3IgdGhlIE1FTlUgc3lzdGVtLCANCm9yICI/IiBmb3IgaGVscCwgb3IgIi8iIGZvciBjdX
533
+ JyZW50IHNldHRpbmdzLg0KPgo=
534
+ </example>
535
+ <!-- HP JetDirect\r\n\r\nEnter username: -->
536
+ <example _encoding="base64">SFAgSmV0RGlyZWN0DQoNCkVudGVyIHVzZXJuYW1lOgo=</example>
537
+ <param pos="0" name="service.vendor" value="HP"/>
538
+ <param pos="0" name="service.product" value="JetDirect"/>
539
+ <param pos="0" name="service.family" value="JetDirect"/>
540
+ <param pos="0" name="os.vendor" value="HP"/>
541
+ <param pos="0" name="os.device" value="Printer"/>
542
+ <param pos="0" name="os.family" value="JetDirect"/>
543
+ <param pos="0" name="os.product" value="JetDirect"/>
544
+ <param pos="0" name="hw.vendor" value="HP"/>
545
+ <param pos="0" name="hw.family" value="JetDirect"/>
546
+ <param pos="0" name="hw.product" value="JetDirect"/>
547
+ <param pos="0" name="hw.device" value="Printer"/>
548
+ </fingerprint>
549
+ <fingerprint pattern="^(?:\r|\n)*%connection closed by remote host!(?:\u0000)?$">
550
+ <description>HP switch blocking connection using network ACL</description>
551
+ <!-- %connection closed by remote host! -->
552
+ <example _encoding="base64">JWNvbm5lY3Rpb24gY2xvc2VkIGJ5IHJlbW90ZSBob3N0IQ==</example>
553
+ <param pos="0" name="hw.vendor" value="HP"/>
554
+ <param pos="0" name="hw.device" value="Switch"/>
555
+ </fingerprint>
556
+ <fingerprint pattern="^(?:\r|\n)*Welcome Visiting Huawei Home Gateway\r\nCopyright by Huawei Technologies Co., Ltd.\r\n\r\nLogin:$">
557
+ <description>Huawei HG series Home Gateway routers</description>
558
+ <!-- Welcome Visiting Huawei Home Gateway\r\nCopyright by Huawei Technologies Co., Ltd.\r\n\r\nLogin: -->
559
+ <example _encoding="base64">
560
+ V2VsY29tZSBWaXNpdGluZyBIdWF3ZWkgSG9tZSBHYXRld2F5DQpDb3B5cmlnaHQgYnkgSHVhd
561
+ 2VpIFRlY2hub2xvZ2llcyBDby4sIEx0ZC4NCg0KTG9naW46Cg==
562
+ </example>
563
+ <param pos="0" name="hw.vendor" value="Huawei"/>
564
+ <param pos="0" name="hw.device" value="Router"/>
565
+ </fingerprint>
566
+ <fingerprint pattern="^(?:\r|\n)*Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.(?:(?:\r|\n)+Login authentication)?(?:\r|\n)+Username:$">
567
+ <description>Huawei Router</description>
568
+ <!-- Warning: Telnet is not a secure protocol, and it is recommended to use Stelnet.\r\n\r\nLogin authentication\r\n\r\n\r\nUsername: -->
569
+ <example _encoding="base64">
570
+ V2FybmluZzogVGVsbmV0IGlzIG5vdCBhIHNlY3VyZSBwcm90b2NvbCwgYW5kIGl0IGlzIHJlY
571
+ 29tbWVuZGVkIHRvIHVzZSBTdGVsbmV0Lg0KDQpMb2dpbiBhdXRoZW50aWNhdGlvbg0KDQoNCl
572
+ VzZXJuYW1lOgo=
573
+ </example>
574
+ <param pos="0" name="hw.vendor" value="Huawei"/>
575
+ <param pos="0" name="hw.device" value="Router"/>
576
+ </fingerprint>
577
+ <fingerprint pattern="^(?:\r|\n)*(?:% Password expiration warning.\r\n)?-+\r\nCisco Configuration Professional \(Cisco CP\) is installed on this device. \r\nThis feature requires the one-time use of the username">
578
+ <description>Cisco router - Cisco Configuration Pro variant</description>
579
+ <!-- There are are roughly 69 dash characters before the CRLF in the banner below but can't be included in XML comments. -->
580
+ <!-- \r\nCisco Configuration Professional (Cisco CP) is installed on this device. \r\nThis feature requires the one-time use of the username -->
581
+ <example _encoding="base64">
582
+ LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tL
583
+ S0tLS0tLS0tLS0tLS0tLS0NCkNpc2NvIENvbmZpZ3VyYXRpb24gUHJvZmVzc2lvbmFsIChDaX
584
+ NjbyBDUCkgaXMgaW5zdGFsbGVkIG9uIHRoaXMgZGV2aWNlLiANClRoaXMgZmVhdHVyZSByZXF
585
+ 1aXJlcyB0aGUgb25lLXRpbWUgdXNlIG9mIHRoZSB1c2VybmFtZQo=
586
+ </example>
587
+ <param pos="0" name="service.vendor" value="Cisco"/>
588
+ <param pos="0" name="os.vendor" value="Cisco"/>
589
+ <param pos="0" name="os.family" value="IOS"/>
590
+ <param pos="0" name="os.product" value="IOS"/>
591
+ <param pos="0" name="os.device" value="Router"/>
592
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
593
+ <param pos="0" name="hw.vendor" value="Cisco"/>
594
+ <param pos="0" name="hw.device" value="Router"/>
595
+ </fingerprint>
596
+ <fingerprint pattern="^(?m)(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply">
597
+ <description>Cisco Catalyst 1900</description>
598
+ <!-- Catalyst 1900, unlike other Catalyst models, didn't run CatOS or IOS -->
599
+ <!-- Catalyst 1900 Management Console\r\nCopyright (c) Cisco Systems, Inc. 1993-1998\r\nAll rights reserved.\r\nEnterprise Edition Software\r\nEthernet Address: 00-AA-19-38-AA-00\r\n\r\nPCA Number: 73-31AA-AA\r\nPCA Serial Number: FAB033AAAAA\r\nModel Number: WS-C1924-EN\r\nSystem Serial Number: FAB0341AAAA\r\nPower Supply S/N: -->
600
+ <example _encoding="base64" host.mac="00-AA-19-38-AA-00" hw.model="WS-C1924-EN" host.id="FAB0341AAAA">
601
+ Q2F0YWx5c3QgMTkwMCBNYW5hZ2VtZW50IENvbnNvbGUNCkNvcHlyaWdodCAoYykgQ2lzY28gU
602
+ 3lzdGVtcywgSW5jLiAgMTk5My0xOTk4DQpBbGwgcmlnaHRzIHJlc2VydmVkLg0KRW50ZXJwcm
603
+ lzZSBFZGl0aW9uIFNvZnR3YXJlDQpFdGhlcm5ldCBBZGRyZXNzOiAgICAgIDAwLUFBLTE5LTM
604
+ 4LUFBLTAwDQoNClBDQSBOdW1iZXI6ICAgICAgICAgICAgNzMtMzFBQS1BQQ0KUENBIFNlcmlh
605
+ bCBOdW1iZXI6ICAgICBGQUIwMzNBQUFBQQ0KTW9kZWwgTnVtYmVyOiAgICAgICAgICBXUy1DM
606
+ TkyNC1FTg0KU3lzdGVtIFNlcmlhbCBOdW1iZXI6ICBGQUIwMzQxQUFBQQ0KUG93ZXIgU3VwcG
607
+ x5IFMvTjogICAK
608
+ </example>
609
+ <param pos="0" name="service.vendor" value="Cisco"/>
610
+ <param pos="0" name="os.vendor" value="Cisco"/>
611
+ <param pos="0" name="os.device" value="Switch"/>
612
+ <param pos="0" name="hw.vendor" value="Cisco"/>
613
+ <param pos="0" name="hw.product" value="Catalyst 1900"/>
614
+ <param pos="0" name="hw.device" value="Switch"/>
615
+ <param pos="1" name="host.mac"/>
616
+ <param pos="2" name="hw.model"/>
617
+ <param pos="3" name="host.id"/>
618
+ </fingerprint>
619
+ <fingerprint pattern="^192.0.0.64 login:\s*$">
620
+ <description>Hikvision cameras and NVRs (multiple)</description>
621
+ <example>192.0.0.64 login:</example>
622
+ <param pos="0" name="os.vendor" value="Hikvision"/>
623
+ <param pos="0" name="hw.vendor" value="Hikvision"/>
624
+ </fingerprint>
625
+ <fingerprint pattern="^Remote Management Console\r\nlogin:\s*$">
626
+ <description>Juniper Netscreen</description>
627
+ <!-- Remote Management Console\r\nlogin: -->
628
+ <example _encoding="base64">UmVtb3RlIE1hbmFnZW1lbnQgQ29uc29sZQ0KbG9naW46Cg==</example>
629
+ <param pos="0" name="os.vendor" value="Juniper"/>
630
+ <param pos="0" name="os.device" value="Firewall"/>
631
+ <param pos="0" name="os.family" value="ScreenOS"/>
632
+ <param pos="0" name="os.product" value="ScreenOS"/>
633
+ <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
634
+ <param pos="0" name="hw.vendor" value="Juniper"/>
635
+ <param pos="0" name="hw.device" value="Firewall"/>
636
+ <param pos="0" name="hw.product" value="NetScreen"/>
637
+ </fingerprint>
638
+ <fingerprint pattern="^(?:\r|\n)*(FGT\w{13}) login:\s*$">
639
+ <description>Fortinet FortiGate - w/ autogenerated hostname</description>
640
+ <example host.name="FGT60C3G13001111">FGT60C3G13001111 login:</example>
641
+ <param pos="0" name="os.vendor" value="Fortinet"/>
642
+ <param pos="0" name="os.family" value="FortiOS"/>
643
+ <param pos="0" name="os.product" value="FortiOS"/>
644
+ <param pos="0" name="os.device" value="Firewall"/>
645
+ <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
646
+ <param pos="0" name="hw.vendor" value="Fortinet"/>
647
+ <param pos="0" name="hw.family" value="FortiGate"/>
648
+ <param pos="0" name="hw.device" value="Firewall"/>
649
+ <param pos="1" name="host.name"/>
650
+ </fingerprint>
651
+ <fingerprint pattern="^(?:\r|\n)*KWS-1043N login:\s*$">
652
+ <description>Clipcomm KWS router</description>
653
+ <example hw.product="KWS-1043N">KWS-1043N login:</example>
654
+ <param pos="0" name="hw.vendor" value="Clipcomm"/>
655
+ <param pos="0" name="hw.device" value="Router"/>
656
+ <param pos="0" name="hw.product" value="KWS-1043N"/>
657
+ </fingerprint>
658
+ <fingerprint pattern="^(?:\r|\n)*(SMCD3\w+-\w\w\w) login:\s*$">
659
+ <description>SMC Cable Modem</description>
660
+ <example hw.product="SMCD3GN2-BIZ">SMCD3GN2-BIZ login:</example>
661
+ <param pos="0" name="hw.vendor" value="SMC Networks"/>
662
+ <param pos="0" name="hw.device" value="Cable Modem"/>
663
+ <param pos="1" name="hw.product"/>
664
+ </fingerprint>
665
+ <fingerprint pattern="^(?:\r|\n)*ADB-4820CD login:\s*$"><description>ADB ADB-4820CD DVR</description><example>ADB-4820CD login:</example>&gt;
666
+ <param pos="0" name="hw.vendor" value="ADB"/><param pos="0" name="hw.device" value="DVR"/><param pos="0" name="hw.product" value="ADB-4820CD"/></fingerprint>
667
+ <fingerprint pattern="^(?:\r|\n)*IMDVRS login:\s*$"><description>Rifatron IMDVRS DVR</description><example>IMDVRS login:</example>&gt;
668
+ <param pos="0" name="hw.vendor" value="Rifatron"/><param pos="0" name="hw.family" value="IMDVR"/><param pos="0" name="hw.device" value="DVR"/></fingerprint>
669
+ <fingerprint pattern="^(?:\r|\n)*Ruijie login:\s*$"><description>Ruijie device (likely router/switch) </description><example>Ruijie login:</example>&gt;
670
+ <param pos="0" name="hw.vendor" value="Ruijie"/></fingerprint>
671
+ <fingerprint pattern="^Welcome to Microsoft Telnet Service \r\n\n\rlogin:\s*$">
672
+ <description>Microsoft Windows</description>
673
+ <!-- Welcome to Microsoft Telnet Service \r\n\n\rlogin: -->
674
+ <example _encoding="base64">V2VsY29tZSB0byBNaWNyb3NvZnQgVGVsbmV0IFNlcnZpY2UgDQoKDWxvZ2luOgo=</example>
675
+ <param pos="0" name="os.vendor" value="Microsoft"/>
676
+ <param pos="0" name="os.family" value="Windows"/>
677
+ </fingerprint>
678
+ <!-- The following fingerprints are for generic Broadcom hardware where the
679
+ vendor has left the default banner in place. These could be rebadged by
680
+ ZTE, CenturyLink, Sky, Huawei, etc.
681
+ -->
682
+ <fingerprint pattern="^(BCM\d+) (?:Broadband|ADSL|xDSL|DSL) Router\r\nLogin:\s*">
683
+ <description>OEM'd Broadcom Router</description>
684
+ <!-- BCM963268 Broadband Router\r\nLogin: -->
685
+ <example _encoding="base64" hw.product="BCM963268">QkNNOTYzMjY4IEJyb2FkYmFuZCBSb3V0ZXINCkxvZ2luOgo=</example>
686
+ <param pos="0" name="hw.device" value="Router"/>
687
+ <param pos="1" name="hw.product"/>
688
+ </fingerprint>
689
+ <fingerprint pattern="^(BCM\d+) Broadband Router\r\nTelnet is Disabled in WAN Side$">
690
+ <description>OEM'd Broadcom Router - telnet disabled on WAN side</description>
691
+ <!-- BCM963268 Broadband Router\r\nTelnet is Disabled in WAN Side -->
692
+ <example _encoding="base64" hw.product="BCM963268">QkNNOTYzMjY4IEJyb2FkYmFuZCBSb3V0ZXINClRlbG5ldCBpcyBEaXNhYmxlZCBpbiBXQU4gU2lkZQo=</example>
693
+ <param pos="0" name="hw.device" value="Router"/>
694
+ <param pos="1" name="hw.product"/>
695
+ </fingerprint>
696
+ <fingerprint pattern="^(?m)(BCM\d+) Broadband Router\r\n.*Please input the verification code:$">
697
+ <description>OEM'd Broadcom Router - input validation code</description>
698
+ <!-- BCM96318 Broadband Router\r\n====================================================\r\n * * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * * * * \r\n====================================================\r\nPlease input the verification code: -->
699
+ <example _encoding="base64" hw.product="BCM96318">
700
+ QkNNOTYzMTggQnJvYWRiYW5kIFJvdXRlcg0KPT09PT09PT09PT09PT09PT09PT09PT09PT09P
701
+ T09PT09PT09PT09PT09PT09PT09PT09PQ0KICAgICogKiAgICAgICAgICogKiAqICogICAgIC
702
+ AqICogKiAqICAgICAgKiAqICogKiAgIA0KICAgICAgKiAgICAgICAgICogICAgICAgICAgICA
703
+ gICAgICAqICAgICAgKiAgICAgKiAgIA0KICAgICAgKiAgICAgICAgICogKiAqICogICAgICAq
704
+ ICogKiAqICAgICAgKiAqICogKiAgIA0KICAgICAgKiAgICAgICAgICogICAgICogICAgICAgI
705
+ CAgICAqICAgICAgICAgICAgKiAgIA0KICAgICAgKiAgICAgICAgICogICAgICogICAgICAgIC
706
+ AgICAqICAgICAgICAgICAgKiAgIA0KICAgKiAqICogKiAgICAgICogKiAqICogICAgICAqICo
707
+ gKiAqICAgICAgKiAqICogKiAgIA0KPT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
708
+ PT09PT09PT09PT09PT09PT09PQ0KUGxlYXNlIGlucHV0IHRoZSB2ZXJpZmljYXRpb24gY29kZ
709
+ ToK
710
+ </example>
711
+ <param pos="0" name="hw.device" value="Router"/>
712
+ <param pos="1" name="hw.product"/>
713
+ </fingerprint>
714
+ <fingerprint pattern="^(BCM\d+) Broadband Router\r\nMaximum number of incorrect account entries exceeded.">
715
+ <description>OEM'd Broadcom Router - Max incorrect tries - variant 1</description>
716
+ <!-- BCM96328 Broadband Router\r\nMaximum number of incorrect account entries exceeded. -->
717
+ <example _encoding="base64" hw.product="BCM96328">
718
+ QkNNOTYzMjggQnJvYWRiYW5kIFJvdXRlcg0KTWF4aW11bSBudW1iZXIgb2YgaW5jb3JyZWN0I
719
+ GFjY291bnQgZW50cmllcyBleGNlZWRlZC4K
720
+ </example>
721
+ <param pos="0" name="hw.device" value="Router"/>
722
+ <param pos="1" name="hw.product"/>
723
+ </fingerprint>
724
+ <fingerprint pattern="^(BCM\d+) Broadband Router\r\nSorry, you need to wait for \d+ second before next login attempt.(?:\r|\n)*">
725
+ <description>OEM'd Broadcom Router - Max incorrect tries - variant 2</description>
726
+ <!-- BCM96816 Broadband Router\r\nSorry, you need to wait for 119 second before next login attempt. -->
727
+ <example _encoding="base64" hw.product="BCM96816">
728
+ QkNNOTY4MTYgQnJvYWRiYW5kIFJvdXRlcg0KU29ycnksIHlvdSBuZWVkIHRvIHdhaXQgZm9yI
729
+ DExOSBzZWNvbmQgYmVmb3JlIG5leHQgbG9naW4gYXR0ZW1wdC4K
730
+ </example>
731
+ <param pos="0" name="hw.device" value="Router"/>
732
+ <param pos="1" name="hw.product"/>
733
+ </fingerprint>
734
+ <!-- Moxa Industrial Solutions-->
735
+ <fingerprint pattern="^(?:\r|\n)*NPort (NP6[\w-]+)(?:\r|\n|\x00)+Console terminal type">
736
+ <description>Moxa NPort Terminal Server - 6xxx Series</description>
737
+ <!-- NPort NP6610-32\r\u0000\nConsole terminal type (1: ansi/vt100, 2: vt52) : 1 -->
738
+ <example _encoding="base64" hw.product="NP6610-32">
739
+ TlBvcnQgTlA2NjEwLTMyDQAKQ29uc29sZSB0ZXJtaW5hbCB0eXBlICgxOiBhbnNpL3Z0MTAwLC
740
+ AyOiB2dDUyKSA6IDE=
741
+ </example>
742
+ <param pos="0" name="hw.vendor" value="Moxa"/>
743
+ <param pos="0" name="hw.family" value="NPort"/>
744
+ <param pos="0" name="hw.device" value="Terminal Server"/>
745
+ <param pos="1" name="hw.product"/>
746
+ </fingerprint>
747
+ <fingerprint pattern="^Model name\s+: NPort (IA-\d+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+System uptime">
748
+ <description>Moxa NPort Device Server - IA Series</description>
749
+ <!-- Model name : NPort IA-5250\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 281\r\u0000\nFirmware version : 1.6 Build 17060616\r\u0000\nSystem uptime : 31 days, 06h:03m:45s\r\u0000\n\r\u0000\nPlease keyin your password: -->
750
+ <example _encoding="base64" hw.product="IA-5250" host.mac="00:90:E8:AA:AA:AA" host.id="281" os.version="1.6" os.version.version="17060616">
751
+ TW9kZWwgbmFtZSAgICAgICA6IE5Qb3J0IElBLTUyNTANAApNQUMgYWRkcmVzcyAgICAgIDogM
752
+ DA6OTA6RTg6QUE6QUE6QUENAApTZXJpYWwgTm8uICAgICAgIDogMjgxDQAKRmlybXdhcmUgdm
753
+ Vyc2lvbiA6IDEuNiBCdWlsZCAxNzA2MDYxNg0AClN5c3RlbSB1cHRpbWUgICAgOiAzMSBkYXl
754
+ zLCAwNmg6MDNtOjQ1cw0ACg0AClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3JkOg==
755
+ </example>
756
+ <param pos="0" name="hw.vendor" value="Moxa"/>
757
+ <param pos="0" name="hw.family" value="NPort"/>
758
+ <param pos="0" name="hw.device" value="Device Server"/>
759
+ <param pos="1" name="hw.product"/>
760
+ <param pos="2" name="host.mac"/>
761
+ <param pos="3" name="host.id"/>
762
+ <param pos="4" name="os.version"/>
763
+ <param pos="5" name="os.version.version"/>
764
+ </fingerprint>
765
+ <fingerprint pattern="^(?:\r|\n|\x00|-)*Model name\s+: NPort (5[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
766
+ <description>Moxa NPort Device Server - 5xxx Series</description>
767
+ <!-- Some versions of the banner below have a line full of dashes which cannot be included in the example comment -->
768
+ <!-- Model name : NPort 5610-8-DT\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9522\r\u0000\nFirmware version : 2.2 Build 11090613\r\u0000\nSystem uptime : 8 days, 02h:11m:44s\r\u0000\n\r\u0000\nPlease keyin your password: -->
769
+ <example _encoding="base64" hw.product="5610-8-DT" host.mac="00:90:E8:AA:AA:AA" host.id="9522" os.version="2.2" os.version.version="11090613">
770
+ TW9kZWwgbmFtZSAgICAgICA6IE5Qb3J0IDU2MTAtOC1EVA0ACk1BQyBhZGRyZXNzICAgICAgO
771
+ iAwMDo5MDpFODpBQTpBQTpBQQ0AClNlcmlhbCBOby4gICAgICAgOiA5NTIyDQAKRmlybXdhcm
772
+ UgdmVyc2lvbiA6IDIuMiBCdWlsZCAxMTA5MDYxMw0AClN5c3RlbSB1cHRpbWUgICAgOiA4IGR
773
+ heXMsIDAyaDoxMW06NDRzDQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
774
+ </example>
775
+ <param pos="0" name="hw.vendor" value="Moxa"/>
776
+ <param pos="0" name="hw.family" value="NPort"/>
777
+ <param pos="0" name="hw.device" value="Device Server"/>
778
+ <param pos="1" name="hw.product"/>
779
+ <param pos="2" name="host.mac"/>
780
+ <param pos="3" name="host.id"/>
781
+ <param pos="4" name="os.version"/>
782
+ <param pos="5" name="os.version.version"/>
783
+ </fingerprint>
784
+ <fingerprint pattern="^Model name\s+: MGate (MB3[\w-]+)(?:\r|\n|\x00|)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
785
+ <description>Moxa MGate Modbus Gateway</description>
786
+ <!-- Model name : MGate MB3180\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
787
+ <example _encoding="base64" hw.product="MB3180" host.mac="00:90:E8:AA:AA:AA" host.id="9474" os.version="1.2" os.version.version="09101913">
788
+ TW9kZWwgbmFtZSAgICAgICA6IE1HYXRlIE1CMzE4MA0ACk1BQyBhZGRyZXNzICAgICAgOiAwM
789
+ Do5MDpFODpBQTpBQTpBQQ0AClNlcmlhbCBOby4gICAgICAgOiA5NDc0DQAKRmlybXdhcmUgdm
790
+ Vyc2lvbiA6IDEuMiBCdWlsZCAwOTEwMTkxMw0AClN5c3RlbSB1cHRpbWUgICAgOiAxNSBkYXl
791
+ zLCAxNmg6MzdtOjQ4cw0ACg0AClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3JkOg==
792
+ </example>
793
+ <param pos="0" name="hw.vendor" value="Moxa"/>
794
+ <param pos="0" name="hw.family" value="MGate"/>
795
+ <param pos="0" name="hw.device" value="Industrial Control"/>
796
+ <param pos="1" name="hw.product"/>
797
+ <param pos="2" name="host.mac"/>
798
+ <param pos="3" name="host.id"/>
799
+ <param pos="4" name="os.version"/>
800
+ <param pos="5" name="os.version.version"/>
801
+ </fingerprint>
802
+ <fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
803
+ <description>Moxa NE Series Embedded device server</description>
804
+ <!-- Model name : NE-4110S\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
805
+ <example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" host.id="3616" os.version="4.1" os.version.version="07061517">
806
+ TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQAKTUFDIGFkZHJlc3MgICAgICA6IDAwOjkwO
807
+ kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
808
+ 9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
809
+ </example>
810
+ <param pos="0" name="hw.vendor" value="Moxa"/>
811
+ <param pos="0" name="hw.family" value="NE"/>
812
+ <param pos="0" name="hw.device" value="Device Server"/>
813
+ <param pos="1" name="hw.product"/>
814
+ <param pos="2" name="host.mac"/>
815
+ <param pos="3" name="host.id"/>
816
+ <param pos="4" name="os.version"/>
817
+ <param pos="5" name="os.version.version"/>
818
+ </fingerprint>
819
+ </fingerprints>