recog 2.3.11 → 2.3.16

Sign up to get free protection for your applications and to get access to all the features.
@@ -15,6 +15,7 @@
15
15
  <param pos="0" name="service.family" value="Mail Server"/>
16
16
  <param pos="0" name="service.product" value="Mail Server"/>
17
17
  <param pos="1" name="service.version"/>
18
+ <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
18
19
  </fingerprint>
19
20
 
20
21
  <fingerprint pattern="^214[ -].*support@argosoft\.com *$">
@@ -23,6 +24,7 @@
23
24
  <param pos="0" name="service.vendor" value="ArGoSoft"/>
24
25
  <param pos="0" name="service.family" value="Mail Server"/>
25
26
  <param pos="0" name="service.product" value="Mail Server"/>
27
+ <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:-"/>
26
28
  </fingerprint>
27
29
 
28
30
  <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX&quot; unrecognized$">
@@ -2403,7 +2403,7 @@ Copyright (c) 1995-2005 by Cisco Systems
2403
2403
  <param pos="2" name="hw.product"/>
2404
2404
  <param pos="3" name="os.version"/>
2405
2405
  <param pos="4" name="os.version.version"/>
2406
- <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:{os.version}"/>
2406
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
2407
2407
  </fingerprint>
2408
2408
 
2409
2409
  <fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
@@ -6099,6 +6099,18 @@ Copyright (c) 1995-2005 by Cisco Systems
6099
6099
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
6100
6100
  </fingerprint>
6101
6101
 
6102
+ <fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
6103
+ <description>SonicWall - SonicOS Enhanced variant without hardware model</description>
6104
+ <example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>
6105
+ <example hw.product="SOHO" os.version="6.2.5.1-26n">SonicWALL SOHO wireless-N (SonicOS Enhanced 6.2.5.1-26n--HF175723-2n)</example>
6106
+ <param pos="0" name="os.vendor" value="SonicWall"/>
6107
+ <param pos="0" name="os.device" value="Firewall"/>
6108
+ <param pos="0" name="os.product" value="SonicOS"/>
6109
+ <param pos="1" name="hw.product"/>
6110
+ <param pos="2" name="os.version"/>
6111
+ <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
6112
+ </fingerprint>
6113
+
6102
6114
  <fingerprint pattern="^SonicWALL (.*?)\s+\(([^\)]+)\)\s*$">
6103
6115
  <description>SonicWall</description>
6104
6116
  <example>SonicWALL StrongARM / 233 Mhz (PRO 200)</example>
@@ -6314,96 +6326,121 @@ Copyright (c) 1995-2005 by Cisco Systems
6314
6326
 
6315
6327
  <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*FW:\s*V([^,]+).*$">
6316
6328
  <description>Siemens HMI - firmware variant</description>
6317
- <example>Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
6318
- <example>Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
6329
+ <example hw.product="KTP1000 Basic PN">Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
6330
+ <example hw.version="01.06.00">Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
6319
6331
  <example>Siemens, SIMATIC HMI, KTP600 Basic color PN, 6AV6 647-0AD11-3AX0, HW:1, FW:V11.00.02.00</example>
6320
- <param pos="0" name="os.vendor" value="Siemens"/>
6321
- <param pos="0" name="os.device" value="Monitoring"/>
6322
- <param pos="0" name="os.family" value="Simatic HMI"/>
6323
- <param pos="1" name="os.product"/>
6324
- <param pos="2" name="os.version"/>
6332
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6333
+ <param pos="0" name="os.device" value="HMI Controller"/>
6334
+ <param pos="0" name="os.family" value="Windows"/>
6335
+ <param pos="0" name="os.product" value="Windows CE"/>
6336
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
6337
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6338
+ <param pos="0" name="hw.family" value="Simatic HMI"/>
6339
+ <param pos="0" name="hw.device" value="HMI Controller"/>
6340
+ <param pos="1" name="hw.product"/>
6341
+ <param pos="2" name="hw.version"/>
6325
6342
  </fingerprint>
6326
6343
 
6327
6344
  <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*SW:\s*V\s*(\d+ \d+ \d+).*$">
6328
6345
  <description>Siemens HMI</description>
6329
- <example>Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
6330
- <example>Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
6346
+ <example hw.product="MP177">Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
6347
+ <example hw.version="1 0 2">Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
6331
6348
  <example>Siemens, SIMATIC HMI, XP277, 6AV6 643-0CB01-1AX0, HW: 0, SW: V 1 1 2</example>
6332
6349
  <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0GC01-0AX0, HW: 0, SW: V 11 0 2</example>
6333
6350
  <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0JC01-0AX0, HW: 0, SW: V 11 0 0</example>
6334
- <param pos="0" name="os.vendor" value="Siemens"/>
6335
- <param pos="0" name="os.device" value="Monitoring"/>
6336
- <param pos="0" name="os.family" value="Simatic HMI"/>
6337
- <param pos="1" name="os.product"/>
6338
- <param pos="2" name="os.version"/>
6351
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6352
+ <param pos="0" name="os.device" value="HMI Controller"/>
6353
+ <param pos="0" name="os.family" value="Windows"/>
6354
+ <param pos="0" name="os.product" value="Windows CE"/>
6355
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
6356
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6357
+ <param pos="0" name="hw.family" value="Simatic HMI"/>
6358
+ <param pos="0" name="hw.device" value="HMI Controller"/>
6359
+ <param pos="1" name="hw.product"/>
6360
+ <param pos="2" name="hw.version"/>
6339
6361
  </fingerprint>
6340
6362
 
6341
6363
  <fingerprint pattern="^Siemens, SIMATIC NET, ([^,]+),.*FW:\s*(?:Version )?V?([^,]+).*$">
6342
6364
  <description>Siemens NET - verbose variant</description>
6343
- <example os.product="CP 343-1 Advanced" os.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
6344
- <example os.product="CP 343-1 Lean" os.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
6345
- <example os.product="CP 343-1" os.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
6346
- <example os.product="SCALANCE X204-2" os.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
6347
- <example os.product="Scalance S612" os.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
6348
- <param pos="0" name="os.vendor" value="Siemens"/>
6349
- <param pos="0" name="os.device" value="Monitoring"/>
6350
- <param pos="0" name="os.family" value="Simatic NET"/>
6351
- <param pos="1" name="os.product"/>
6352
- <param pos="2" name="os.version"/>
6365
+ <example hw.product="CP 343-1 Advanced" hw.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
6366
+ <example hw.product="CP 343-1 Lean" hw.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
6367
+ <example hw.product="CP 343-1" hw.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
6368
+ <example hw.product="SCALANCE X204-2" hw.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
6369
+ <example hw.product="Scalance S612" hw.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
6370
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6371
+ <param pos="0" name="os.family" value="Windows"/>
6372
+ <param pos="0" name="os.product" value="Windows 7"/>
6373
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
6374
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6375
+ <param pos="0" name="hw.family" value="Simatic NET"/>
6376
+ <param pos="0" name="hw.device" value="Monitoring"/>
6377
+ <param pos="1" name="hw.product"/>
6378
+ <param pos="2" name="hw.version"/>
6353
6379
  </fingerprint>
6354
6380
 
6355
6381
  <fingerprint pattern="^Siemens, SIMATIC NET (\S+) FW V (\S+)$">
6356
6382
  <description>Siemens NET</description>
6357
- <example>Siemens, SIMATIC NET CP1613 FW V 06.33</example>
6358
- <param pos="0" name="os.vendor" value="Siemens"/>
6359
- <param pos="0" name="os.device" value="Monitoring"/>
6360
- <param pos="0" name="os.family" value="Simatic NET"/>
6361
- <param pos="1" name="os.product"/>
6362
- <param pos="2" name="os.version"/>
6383
+ <example hw.product="CP1613" hw.version="06.33">Siemens, SIMATIC NET CP1613 FW V 06.33</example>
6384
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6385
+ <param pos="0" name="os.family" value="Windows"/>
6386
+ <param pos="0" name="os.product" value="Windows 7"/>
6387
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
6388
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6389
+ <param pos="0" name="hw.family" value="Simatic NET"/>
6390
+ <param pos="0" name="hw.device" value="Monitoring"/>
6391
+ <param pos="1" name="hw.product"/>
6392
+ <param pos="2" name="hw.version"/>
6363
6393
  </fingerprint>
6364
6394
 
6365
6395
  <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?FW: (?:Version )?V?\.?([^,]+).*$">
6366
6396
  <description>Siemens S7</description>
6367
- <example os.product="CPU-1200" os.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
6368
- <example os.product="CPU315-2 PN/DP" os.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
6369
- <example os.product="IM151-8" os.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
6370
- <param pos="0" name="os.vendor" value="Siemens"/>
6371
- <param pos="0" name="os.device" value="Monitoring"/>
6372
- <param pos="0" name="os.family" value="Simatic S7"/>
6373
- <param pos="1" name="os.product"/>
6374
- <param pos="2" name="os.version"/>
6397
+ <example hw.product="CPU-1200" hw.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
6398
+ <example hw.product="CPU315-2 PN/DP" hw.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
6399
+ <example hw.product="IM151-8" hw.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
6400
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6401
+ <param pos="0" name="os.family" value="Windows"/>
6402
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6403
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6404
+ <param pos="1" name="hw.product"/>
6405
+ <param pos="2" name="hw.version"/>
6375
6406
  </fingerprint>
6376
6407
 
6377
6408
  <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?, V\.([^,]+).*$">
6378
6409
  <description>Siemens S7 - variant 1</description>
6379
- <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
6380
- <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
6410
+ <example hw.product="CPU-1200">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
6411
+ <example hw.version="1.0.1">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
6381
6412
  <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 214-1BE30-0XB0 SZVA2YYY007305 , 1, V.1.0.2, SZVA2YYY007305</example>
6382
- <param pos="0" name="os.vendor" value="Siemens"/>
6383
- <param pos="0" name="os.device" value="Monitoring"/>
6384
- <param pos="0" name="os.family" value="Simatic S7"/>
6385
- <param pos="1" name="os.product"/>
6386
- <param pos="2" name="os.version"/>
6413
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6414
+ <param pos="0" name="os.family" value="Windows"/>
6415
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6416
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6417
+ <param pos="1" name="hw.product"/>
6418
+ <param pos="2" name="hw.version"/>
6387
6419
  </fingerprint>
6388
6420
 
6389
6421
  <fingerprint pattern="^Siemens, SIMATIC, (\S+)$">
6390
6422
  <description>Siemens S7 - model only variant</description>
6391
- <example>Siemens, SIMATIC, S7-300</example>
6392
- <param pos="0" name="os.vendor" value="Siemens"/>
6393
- <param pos="0" name="os.device" value="Monitoring"/>
6394
- <param pos="0" name="os.family" value="Simatic S7"/>
6395
- <param pos="1" name="os.product"/>
6423
+ <example hw.product="S7-300">Siemens, SIMATIC, S7-300</example>
6424
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6425
+ <param pos="0" name="os.family" value="Windows"/>
6426
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6427
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6428
+ <param pos="1" name="hw.product"/>
6396
6429
  </fingerprint>
6397
6430
 
6398
6431
  <fingerprint pattern="^Siemens, SINUMERIK, solution line ([^,]+),.*?FW:V([^,]+).*$">
6399
6432
  <description>Siemens Sinumerik Solution Line</description>
6400
- <example>Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
6401
- <example>Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
6402
- <param pos="0" name="os.vendor" value="Siemens"/>
6433
+ <example hw.product="PCU50">Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
6434
+ <example hw.version="00.00.00">Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
6435
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6403
6436
  <param pos="0" name="os.device" value="Monitoring"/>
6404
- <param pos="0" name="os.family" value="Simatic Sinumerik"/>
6405
- <param pos="1" name="os.product"/>
6406
- <param pos="2" name="os.version"/>
6437
+ <param pos="0" name="os.family" value="Windows"/>
6438
+ <param pos="0" name="os.product" value="Windows 10"/>
6439
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
6440
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6441
+ <param pos="0" name="hw.family" value="Simatic Sinumerik"/>
6442
+ <param pos="1" name="hw.product"/>
6443
+ <param pos="2" name="hw.version"/>
6407
6444
  </fingerprint>
6408
6445
 
6409
6446
  <fingerprint pattern="^Name:(ReliantUNIX)-. release:(\S+) version:(\S+) machine:(\S+)$">
@@ -1962,8 +1962,10 @@
1962
1962
  <fingerprint pattern="^dropbear$">
1963
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1964
1964
  <example>dropbear</example>
1965
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1965
1966
  <param pos="0" name="service.family" value="Dropbear"/>
1966
- <param pos="0" name="service.product" value="Dropbear"/>
1967
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1968
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
1967
1969
  </fingerprint>
1968
1970
 
1969
1971
  <fingerprint pattern="^dropbear_(.*)$">
@@ -1971,8 +1973,10 @@
1971
1973
  <example service.version="2015.67">dropbear_2015.67</example>
1972
1974
  <example service.version="0.49">dropbear_0.49</example>
1973
1975
  <param pos="1" name="service.version"/>
1976
+ <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
1974
1977
  <param pos="0" name="service.family" value="Dropbear"/>
1975
- <param pos="0" name="service.product" value="Dropbear"/>
1978
+ <param pos="0" name="service.product" value="Dropbear SSH"/>
1979
+ <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
1976
1980
  </fingerprint>
1977
1981
 
1978
1982
  <fingerprint pattern="^lancom$">
@@ -2059,7 +2063,7 @@
2059
2063
  <param pos="0" name="os.vendor" value="HP"/>
2060
2064
  <param pos="0" name="os.family" value="Unix"/>
2061
2065
  <param pos="0" name="os.product" value="Tru64 Unix"/>
2062
- <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
2066
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:-"/>
2063
2067
  </fingerprint>
2064
2068
 
2065
2069
  <fingerprint pattern="^ROSSSH$">
@@ -66,7 +66,7 @@
66
66
  <param pos="0" name="hw.vendor" value="Cisco"/>
67
67
  </fingerprint>
68
68
 
69
- <fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \(\w+\))?(?:\r|\n)+Login:\s*$">
69
+ <fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \([\w-]+\))?(?:\r|\n)+Login:\s*$">
70
70
  <description>MikroTik RouterOS</description>
71
71
  <!-- MikroTik v5.2\r\nLogin: -->
72
72
 
@@ -80,6 +80,9 @@
80
80
  <!-- MikroTik v6.36rc12 (testing)\r\nLogin: -->
81
81
 
82
82
  <example _encoding="base64" os.version="6.36rc12">TWlrcm9UaWsgdjYuMzZyYzEyICh0ZXN0aW5nKQ0KTG9naW46Cg==</example>
83
+ <!-- MikroTik v6.42.9 (long-term)\r\nLogin: -->
84
+
85
+ <example _encoding="base64" os.version="6.42.9">TWlrcm9UaWsgdjYuNDIuOSAobG9uZy10ZXJtKQ0KTG9naW46Cg==</example>
83
86
  <param pos="0" name="os.vendor" value="MikroTik"/>
84
87
  <param pos="0" name="os.device" value="Router"/>
85
88
  <param pos="0" name="os.product" value="RouterOS"/>
@@ -165,6 +168,28 @@
165
168
  <param pos="0" name="hw.device" value="Router"/>
166
169
  </fingerprint>
167
170
 
171
+ <fingerprint pattern="^(?:\r|\n)*DD-WRT v(3.\d)-(r([\w]+)) ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+(?:\r|\n)+Board: (\S+) ([^\n\r]+)(?:\r|\n)+.* login:\s*$">
172
+ <description>DD-WRT - 3.0 family - with hardward product</description>
173
+ <!-- DD-WRT v3.0-r40559 std (c) 2019 NewMedia-NET GmbH\r\nRelease: 08/06/19\r\nBoard: Linksys WRT3200ACM\r\n\r\nDD-WRT login: -->
174
+
175
+ <example _encoding="base64" os.version="3.0" os.version.version="r40559" os.edition="std" os.build="40559" hw.vendor="Linksys" hw.product="WRT3200ACM">
176
+ REQtV1JUIHYzLjAtcjQwNTU5IHN0ZCAoYykgMjAxOSBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZ
177
+ WFzZTogMDgvMDYvMTkNCkJvYXJkOiBMaW5rc3lzIFdSVDMyMDBBQ00NCg0KREQtV1JUIGxvZ2
178
+ luOgo=
179
+ </example>
180
+ <param pos="0" name="os.vendor" value="DD-WRT"/>
181
+ <param pos="0" name="os.product" value="DD-WRT"/>
182
+ <param pos="0" name="os.device" value="Router"/>
183
+ <param pos="1" name="os.version"/>
184
+ <param pos="2" name="os.version.version"/>
185
+ <param pos="3" name="os.build"/>
186
+ <param pos="4" name="os.edition"/>
187
+ <param pos="0" name="os.cpe23" value="cpe:/o:dd-wrt:dd-wrt:{os.version}"/>
188
+ <param pos="5" name="hw.vendor"/>
189
+ <param pos="6" name="hw.product"/>
190
+ <param pos="0" name="hw.device" value="Router"/>
191
+ </fingerprint>
192
+
168
193
  <fingerprint pattern="^(TD-\w+) [\d.]+ DSL Modem Router(?:\r|\n)+Authorization failed after trying \d+ times!!!\.(?:\r|\n)+Please login after \d+ seconds!\s*$">
169
194
  <description>TP-LINK TD Family DSL Modem/Router</description>
170
195
  <!-- TD-W8960N 5.0 DSL Modem Router\r\nAuthorization failed after trying 5 times!!!.\r\nPlease login after 416 seconds! -->
@@ -906,6 +931,7 @@
906
931
  <param pos="1" name="hw.product"/>
907
932
  <param pos="2" name="host.mac"/>
908
933
  <param pos="3" name="host.id"/>
934
+ <param pos="0" name="os.vendor" value="Moxa"/>
909
935
  <param pos="4" name="os.version"/>
910
936
  <param pos="5" name="os.version.version"/>
911
937
  </fingerprint>
@@ -928,10 +954,24 @@
928
954
  <param pos="1" name="hw.product"/>
929
955
  <param pos="2" name="host.mac"/>
930
956
  <param pos="3" name="host.id"/>
957
+ <param pos="0" name="os.vendor" value="Moxa"/>
931
958
  <param pos="4" name="os.version"/>
932
959
  <param pos="5" name="os.version.version"/>
933
960
  </fingerprint>
934
961
 
962
+ <fingerprint pattern="^(?:\r|\n|\x00|-)*Model name\s+: NPort (5[\w-]+)(?:\r|\n|\x00)+Please keyin your username:">
963
+ <description>Moxa NPort Device Server - 5xxx Series - Model only</description>
964
+ <!-- Model name : NPort 5110A\r\n\r\nPlease keyin your username: -->
965
+
966
+ <example _encoding="base64" hw.product="5110A">TW9kZWwgbmFtZSAgICAgICA6IE5Q
967
+ b3J0IDUxMTBBDQoNClBsZWFzZSBrZXlpbiB5b3VyIHVzZXJuYW1lOgo=
968
+ </example>
969
+ <param pos="0" name="hw.vendor" value="Moxa"/>
970
+ <param pos="0" name="hw.family" value="NPort"/>
971
+ <param pos="0" name="hw.device" value="Device Server"/>
972
+ <param pos="1" name="hw.product"/>
973
+ </fingerprint>
974
+
935
975
  <fingerprint pattern="^Model name\s+: MGate (MB3[\w-]+)(?:\r|\n|\x00|)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
936
976
  <description>Moxa MGate Modbus Gateway</description>
937
977
  <!-- Model name : MGate MB3180\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
@@ -948,11 +988,12 @@
948
988
  <param pos="1" name="hw.product"/>
949
989
  <param pos="2" name="host.mac"/>
950
990
  <param pos="3" name="host.id"/>
991
+ <param pos="0" name="os.vendor" value="Moxa"/>
951
992
  <param pos="4" name="os.version"/>
952
993
  <param pos="5" name="os.version.version"/>
953
994
  </fingerprint>
954
995
 
955
- <fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
996
+ <fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+)(?: Build (\d+)(?:\r|\n|\x00)+)?">
956
997
  <description>Moxa NE Series Embedded device server</description>
957
998
  <!-- Model name : NE-4110S\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
958
999
 
@@ -961,16 +1002,75 @@
961
1002
  kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
962
1003
  9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
963
1004
  </example>
1005
+ <!-- Model name : NE-4110S\r\nMAC address : 00:90:E8:AA:AA:AA\r\nSerial No : 000\r\nFirmware version : 1.5.2\r\n\r\nPlease keyin your password: -->
1006
+
1007
+ <example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" host.id="000" os.version="1.5.2">
1008
+ TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQpNQUMgYWRkcmVzcyAgICAgIDogMDA6OTA6RTg6QUE6QUE6QUENClNlcmlhbCBObyAgICAgICAgOiAwMDANCkZpcm13YXJlIHZlcnNpb24gOiAxLjUuMg0KDQpQbGVhc2Uga2V5aW4geW91ciBwYXNzd29yZDoK
1009
+ </example>
964
1010
  <param pos="0" name="hw.vendor" value="Moxa"/>
965
1011
  <param pos="0" name="hw.family" value="NE"/>
966
1012
  <param pos="0" name="hw.device" value="Device Server"/>
967
1013
  <param pos="1" name="hw.product"/>
968
1014
  <param pos="2" name="host.mac"/>
969
1015
  <param pos="3" name="host.id"/>
1016
+ <param pos="0" name="os.vendor" value="Moxa"/>
970
1017
  <param pos="4" name="os.version"/>
971
1018
  <param pos="5" name="os.version.version"/>
972
1019
  </fingerprint>
973
1020
 
1021
+ <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&amp;]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
1022
+ <description>Moxa MiiNePort Series Embedded device server</description>
1023
+ <!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
1024
+
1025
+ <example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF" host.id="9999" os.version="1.3.36" os.version.version="15031615">
1026
+ TW9kZWwgbmFtZSAgICAgICAgICA6IE1paU5lUG9ydCBFMg0KU2VyaWFsIE5vLiAgICAgICAgI
1027
+ CA6IDk5OTkNCkRldmljZSBuYW1lICAgICAgICAgOiBNaWlOZVBvcnRfRTJfNDA2NA0KRmlybX
1028
+ dhcmUgdmVyc2lvbiAgICA6IDEuMy4zNiBCdWlsZCAxNTAzMTYxNQ0KRXRoZXJuZXQgTUFDIGF
1029
+ kZHJlc3M6IDAwOjkwOkU4OjVBOjkyOkZGDQoNClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3Jk
1030
+ Ogo=
1031
+ </example>
1032
+ <param pos="0" name="hw.vendor" value="Moxa"/>
1033
+ <param pos="0" name="hw.family" value="MiiNePort"/>
1034
+ <param pos="0" name="hw.device" value="Device Server"/>
1035
+ <param pos="1" name="hw.product"/>
1036
+ <param pos="2" name="host.id"/>
1037
+ <param pos="0" name="os.vendor" value="Moxa"/>
1038
+ <param pos="3" name="os.version"/>
1039
+ <param pos="4" name="os.version.version"/>
1040
+ <param pos="5" name="host.mac"/>
1041
+ </fingerprint>
1042
+
1043
+ <!-- The following is very specific in order to express CPE values -->
1044
+
1045
+ <fingerprint pattern="^EDR-G903 login:">
1046
+ <description>Moxa EDR Secure Routers - EDR-G903</description>
1047
+ <example>EDR-G903 login:</example>
1048
+ <param pos="0" name="hw.vendor" value="Moxa"/>
1049
+ <param pos="0" name="hw.family" value="EDR"/>
1050
+ <param pos="0" name="hw.device" value="Router"/>
1051
+ <param pos="0" name="hw.product" value="EDR-G903"/>
1052
+ <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g903:-"/>
1053
+ <param pos="0" name="os.vendor" value="Moxa"/>
1054
+ <param pos="0" name="os.family" value="EDR"/>
1055
+ <param pos="0" name="os.device" value="Router"/>
1056
+ <param pos="0" name="os.product" value="EDR G903 Firmware"/>
1057
+ <param pos="0" name="os.cpe23" value="cpe:/o:moxa:edr_g903_firmware:-"/>
1058
+ </fingerprint>
1059
+
1060
+ <fingerprint pattern="^EDR-G902 login:">
1061
+ <description>Moxa EDR Secure Routers - EDR-G902</description>
1062
+ <example>EDR-G902 login:</example>
1063
+ <param pos="0" name="hw.vendor" value="Moxa"/>
1064
+ <param pos="0" name="hw.family" value="EDR"/>
1065
+ <param pos="0" name="hw.device" value="Router"/>
1066
+ <param pos="0" name="hw.product" value="EDR-G902"/>
1067
+ <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
1068
+ <param pos="0" name="os.vendor" value="Moxa"/>
1069
+ <param pos="0" name="os.family" value="EDR"/>
1070
+ <param pos="0" name="os.device" value="Router"/>
1071
+ <param pos="0" name="os.product" value="EDR G902 Firmware"/>
1072
+ </fingerprint>
1073
+
974
1074
  <fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s*.*$">
975
1075
  <description>RedHat general purpose linux</description>
976
1076
  <!-- Red Hat Linux release 9 (Shrike)\nKernel 2.4.20-8 on an i686\nlogin: -->
@@ -1370,7 +1470,7 @@
1370
1470
  <description>System HP-UX</description>
1371
1471
  <!-- HP-UX ctout B.11.11 U 9000/800 (tc)\nlogin: -->
1372
1472
 
1373
- <example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)">
1473
+ <example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)" hw.version="U">
1374
1474
  SFAtVVggY3RvdXQgQi4xMS4xMSBVIDkwMDAvODAwICh0YykKCmxvZ2luOiA=
1375
1475
  </example>
1376
1476
  <param pos="0" name="os.vendor" value="HP"/>
@@ -1800,14 +1900,20 @@
1800
1900
  <param pos="1" name="hw.version"/>
1801
1901
  </fingerprint>
1802
1902
 
1803
- <fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) Docsis-Gateway">
1903
+ <fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) (?:Docsis-Gateway|Business)">
1904
+ <description>DOCSIS Cable Modem Running RDK</description>
1804
1905
  <!-- RDK (A Yocto Project based Distro) 2.0 Docsis-Gateway
1805
1906
  Docsis-Gateway login: -->
1806
1907
 
1807
- <description>DOCSIS Cable Modem Running RDK</description>
1808
1908
  <example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
1809
- UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNCg0NCg1Eb
1810
- 2NzaXMtR2F0ZXdheSBsb2dpbjo=
1909
+ UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNC
1910
+ g0NCg1Eb2NzaXMtR2F0ZXdheSBsb2dpbjo=
1911
+ </example>
1912
+ <!-- RDK (A Yocto Project based Distro) 2.0 Business\r\n\r\r\n\rBusiness login: -->
1913
+
1914
+ <example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
1915
+ UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgQnVzaW5lc3MNCg0NCg1Cd
1916
+ XNpbmVzcyBsb2dpbjoK
1811
1917
  </example>
1812
1918
  <param pos="0" name="hw.device" value="DOCSIS Cable Modem"/>
1813
1919
  <param pos="0" name="os.vendor" value="Yocto"/>
@@ -1845,6 +1951,40 @@
1845
1951
  <param pos="1" name="os.version"/>
1846
1952
  </fingerprint>
1847
1953
 
1954
+ <fingerprint pattern="^KeeneticOS version ([\w.-]+), copyright">
1955
+ <description>Keentic KeeneticOS</description>
1956
+ <!-- KeeneticOS version 3.04.C.6.0-0, copyright (c) 2010-2020 Keenetic Ltd.\r\n\r\nLogin: -->
1957
+
1958
+ <example _encoding="base64" os.version="3.04.C.6.0-0">
1959
+ S2VlbmV0aWNPUyB2ZXJzaW9uIDMuMDQuQy42LjAtMCwgY29weXJpZ2h0IChjKSAyMDEwLTIwM
1960
+ jAgS2VlbmV0aWMgTHRkLg0KDQpMb2dpbjoK
1961
+ </example>
1962
+ <param pos="0" name="hw.device" value="Router"/>
1963
+ <param pos="0" name="hw.vendor" value="Keenetic"/>
1964
+ <param pos="0" name="os.device" value="Router"/>
1965
+ <param pos="0" name="os.vendor" value="Keenetic"/>
1966
+ <param pos="0" name="os.product" value="KeeneticOS"/>
1967
+ <param pos="1" name="os.version"/>
1968
+ </fingerprint>
1969
+
1970
+ <fingerprint pattern="^\**(?:\r|\n)+\* Copyright \(c\) \d\d\d\d-\d\d\d\d New H3C Technologies Co., Ltd. All rights reserved.\*(?:\r|\n)+\* Without the owner's prior written consent,\s+\*(?:\r|\n)+\* no decompiling or reverse-engineering shall be allowed.\s+\*(?:\r|\n)+\*+(?:\r|\n)+login:\s*$">
1971
+ <description>Generic H3C Technologies banner</description>
1972
+ <!-- ******************************************************************************\r\n* Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved.*\r\n* Without the owner's prior written consent, *\r\n* no decompiling or reverse-engineering shall be allowed. *\r\n******************************************************************************\r\n\r\nlogin: -->
1973
+
1974
+ <example _encoding="base64">
1975
+ KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqK
1976
+ ioqKioqKioqKioqKioqKioqKioqKioqDQoqIENvcHlyaWdodCAoYykgMjAwNC0yMDE3IE5ldy
1977
+ BIM0MgVGVjaG5vbG9naWVzIENvLiwgTHRkLiBBbGwgcmlnaHRzIHJlc2VydmVkLioNCiogV2l
1978
+ 0aG91dCB0aGUgb3duZXIncyBwcmlvciB3cml0dGVuIGNvbnNlbnQsICAgICAgICAgICAgICAg
1979
+ ICAgICAgICAgICAgICAgICAgKg0KKiBubyBkZWNvbXBpbGluZyBvciByZXZlcnNlLWVuZ2luZ
1980
+ WVyaW5nIHNoYWxsIGJlIGFsbG93ZWQuICAgICAgICAgICAgICAgICAgICAqDQoqKioqKioqKi
1981
+ oqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKio
1982
+ qKioqKioqKioqKioqKioNCg0KbG9naW46Cg==
1983
+ </example>
1984
+ <param pos="0" name="hw.vendor" value="H3C"/>
1985
+ <param pos="0" name="os.vendor" value="H3C"/>
1986
+ </fingerprint>
1987
+
1848
1988
  <fingerprint pattern="Telnet Administration (?:\r|\n)+ SAP J2EE Engine v([\d.]+)(?:\r|\n)+">
1849
1989
  <description>SAP NetWeaver Application Server Java telnet service</description>
1850
1990
  <!-- ***********************************************