recog 2.3.11 → 2.3.16
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/SECURITY.md +35 -0
- data/.snyk +10 -0
- data/LICENSE +1 -1
- data/cpe-remap.yaml +18 -1
- data/identifiers/hw_family.txt +1 -1
- data/identifiers/hw_product.txt +1 -1
- data/identifiers/service_product.txt +1 -1
- data/lib/recog/version.rb +1 -1
- data/update_cpes.py +1 -1
- data/xml/dns_versionbind.xml +33 -19
- data/xml/favicons.xml +2 -0
- data/xml/ftp_banners.xml +71 -10
- data/xml/html_title.xml +30 -0
- data/xml/http_servers.xml +369 -60
- data/xml/imap_banners.xml +43 -0
- data/xml/pop_banners.xml +57 -2
- data/xml/smtp_banners.xml +87 -2
- data/xml/smtp_help.xml +2 -0
- data/xml/snmp_sysdescr.xml +94 -57
- data/xml/ssh_banners.xml +7 -3
- data/xml/telnet_banners.xml +147 -7
- data/xml/x509_issuers.xml +4 -2
- data/xml/x509_subjects.xml +2 -1
- metadata +4 -2
data/xml/smtp_help.xml
CHANGED
@@ -15,6 +15,7 @@
|
|
15
15
|
<param pos="0" name="service.family" value="Mail Server"/>
|
16
16
|
<param pos="0" name="service.product" value="Mail Server"/>
|
17
17
|
<param pos="1" name="service.version"/>
|
18
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
|
18
19
|
</fingerprint>
|
19
20
|
|
20
21
|
<fingerprint pattern="^214[ -].*support@argosoft\.com *$">
|
@@ -23,6 +24,7 @@
|
|
23
24
|
<param pos="0" name="service.vendor" value="ArGoSoft"/>
|
24
25
|
<param pos="0" name="service.family" value="Mail Server"/>
|
25
26
|
<param pos="0" name="service.product" value="Mail Server"/>
|
27
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:-"/>
|
26
28
|
</fingerprint>
|
27
29
|
|
28
30
|
<fingerprint pattern="^500[ -]Syntax error, command "XXXX" unrecognized$">
|
data/xml/snmp_sysdescr.xml
CHANGED
@@ -2403,7 +2403,7 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
2403
2403
|
<param pos="2" name="hw.product"/>
|
2404
2404
|
<param pos="3" name="os.version"/>
|
2405
2405
|
<param pos="4" name="os.version.version"/>
|
2406
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:hp:
|
2406
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
|
2407
2407
|
</fingerprint>
|
2408
2408
|
|
2409
2409
|
<fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
|
@@ -6099,6 +6099,18 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
6099
6099
|
<param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
|
6100
6100
|
</fingerprint>
|
6101
6101
|
|
6102
|
+
<fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
|
6103
|
+
<description>SonicWall - SonicOS Enhanced variant without hardware model</description>
|
6104
|
+
<example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>
|
6105
|
+
<example hw.product="SOHO" os.version="6.2.5.1-26n">SonicWALL SOHO wireless-N (SonicOS Enhanced 6.2.5.1-26n--HF175723-2n)</example>
|
6106
|
+
<param pos="0" name="os.vendor" value="SonicWall"/>
|
6107
|
+
<param pos="0" name="os.device" value="Firewall"/>
|
6108
|
+
<param pos="0" name="os.product" value="SonicOS"/>
|
6109
|
+
<param pos="1" name="hw.product"/>
|
6110
|
+
<param pos="2" name="os.version"/>
|
6111
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
|
6112
|
+
</fingerprint>
|
6113
|
+
|
6102
6114
|
<fingerprint pattern="^SonicWALL (.*?)\s+\(([^\)]+)\)\s*$">
|
6103
6115
|
<description>SonicWall</description>
|
6104
6116
|
<example>SonicWALL StrongARM / 233 Mhz (PRO 200)</example>
|
@@ -6314,96 +6326,121 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
6314
6326
|
|
6315
6327
|
<fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*FW:\s*V([^,]+).*$">
|
6316
6328
|
<description>Siemens HMI - firmware variant</description>
|
6317
|
-
<example>Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
|
6318
|
-
<example>Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
|
6329
|
+
<example hw.product="KTP1000 Basic PN">Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
|
6330
|
+
<example hw.version="01.06.00">Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
|
6319
6331
|
<example>Siemens, SIMATIC HMI, KTP600 Basic color PN, 6AV6 647-0AD11-3AX0, HW:1, FW:V11.00.02.00</example>
|
6320
|
-
<param pos="0" name="os.vendor" value="
|
6321
|
-
<param pos="0" name="os.device" value="
|
6322
|
-
<param pos="0" name="os.family" value="
|
6323
|
-
<param pos="
|
6324
|
-
<param pos="
|
6332
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6333
|
+
<param pos="0" name="os.device" value="HMI Controller"/>
|
6334
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6335
|
+
<param pos="0" name="os.product" value="Windows CE"/>
|
6336
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
|
6337
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6338
|
+
<param pos="0" name="hw.family" value="Simatic HMI"/>
|
6339
|
+
<param pos="0" name="hw.device" value="HMI Controller"/>
|
6340
|
+
<param pos="1" name="hw.product"/>
|
6341
|
+
<param pos="2" name="hw.version"/>
|
6325
6342
|
</fingerprint>
|
6326
6343
|
|
6327
6344
|
<fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*SW:\s*V\s*(\d+ \d+ \d+).*$">
|
6328
6345
|
<description>Siemens HMI</description>
|
6329
|
-
<example>Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
|
6330
|
-
<example>Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
|
6346
|
+
<example hw.product="MP177">Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
|
6347
|
+
<example hw.version="1 0 2">Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
|
6331
6348
|
<example>Siemens, SIMATIC HMI, XP277, 6AV6 643-0CB01-1AX0, HW: 0, SW: V 1 1 2</example>
|
6332
6349
|
<example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0GC01-0AX0, HW: 0, SW: V 11 0 2</example>
|
6333
6350
|
<example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0JC01-0AX0, HW: 0, SW: V 11 0 0</example>
|
6334
|
-
<param pos="0" name="os.vendor" value="
|
6335
|
-
<param pos="0" name="os.device" value="
|
6336
|
-
<param pos="0" name="os.family" value="
|
6337
|
-
<param pos="
|
6338
|
-
<param pos="
|
6351
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6352
|
+
<param pos="0" name="os.device" value="HMI Controller"/>
|
6353
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6354
|
+
<param pos="0" name="os.product" value="Windows CE"/>
|
6355
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
|
6356
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6357
|
+
<param pos="0" name="hw.family" value="Simatic HMI"/>
|
6358
|
+
<param pos="0" name="hw.device" value="HMI Controller"/>
|
6359
|
+
<param pos="1" name="hw.product"/>
|
6360
|
+
<param pos="2" name="hw.version"/>
|
6339
6361
|
</fingerprint>
|
6340
6362
|
|
6341
6363
|
<fingerprint pattern="^Siemens, SIMATIC NET, ([^,]+),.*FW:\s*(?:Version )?V?([^,]+).*$">
|
6342
6364
|
<description>Siemens NET - verbose variant</description>
|
6343
|
-
<example
|
6344
|
-
<example
|
6345
|
-
<example
|
6346
|
-
<example
|
6347
|
-
<example
|
6348
|
-
<param pos="0" name="os.vendor" value="
|
6349
|
-
<param pos="0" name="os.
|
6350
|
-
<param pos="0" name="os.
|
6351
|
-
<param pos="
|
6352
|
-
<param pos="
|
6365
|
+
<example hw.product="CP 343-1 Advanced" hw.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
|
6366
|
+
<example hw.product="CP 343-1 Lean" hw.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
|
6367
|
+
<example hw.product="CP 343-1" hw.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
|
6368
|
+
<example hw.product="SCALANCE X204-2" hw.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
|
6369
|
+
<example hw.product="Scalance S612" hw.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
|
6370
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6371
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6372
|
+
<param pos="0" name="os.product" value="Windows 7"/>
|
6373
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
6374
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6375
|
+
<param pos="0" name="hw.family" value="Simatic NET"/>
|
6376
|
+
<param pos="0" name="hw.device" value="Monitoring"/>
|
6377
|
+
<param pos="1" name="hw.product"/>
|
6378
|
+
<param pos="2" name="hw.version"/>
|
6353
6379
|
</fingerprint>
|
6354
6380
|
|
6355
6381
|
<fingerprint pattern="^Siemens, SIMATIC NET (\S+) FW V (\S+)$">
|
6356
6382
|
<description>Siemens NET</description>
|
6357
|
-
<example>Siemens, SIMATIC NET CP1613 FW V 06.33</example>
|
6358
|
-
<param pos="0" name="os.vendor" value="
|
6359
|
-
<param pos="0" name="os.
|
6360
|
-
<param pos="0" name="os.
|
6361
|
-
<param pos="
|
6362
|
-
<param pos="
|
6383
|
+
<example hw.product="CP1613" hw.version="06.33">Siemens, SIMATIC NET CP1613 FW V 06.33</example>
|
6384
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6385
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6386
|
+
<param pos="0" name="os.product" value="Windows 7"/>
|
6387
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
|
6388
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6389
|
+
<param pos="0" name="hw.family" value="Simatic NET"/>
|
6390
|
+
<param pos="0" name="hw.device" value="Monitoring"/>
|
6391
|
+
<param pos="1" name="hw.product"/>
|
6392
|
+
<param pos="2" name="hw.version"/>
|
6363
6393
|
</fingerprint>
|
6364
6394
|
|
6365
6395
|
<fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?FW: (?:Version )?V?\.?([^,]+).*$">
|
6366
6396
|
<description>Siemens S7</description>
|
6367
|
-
<example
|
6368
|
-
<example
|
6369
|
-
<example
|
6370
|
-
<param pos="0" name="os.vendor" value="
|
6371
|
-
<param pos="0" name="os.
|
6372
|
-
<param pos="0" name="
|
6373
|
-
<param pos="
|
6374
|
-
<param pos="
|
6397
|
+
<example hw.product="CPU-1200" hw.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
|
6398
|
+
<example hw.product="CPU315-2 PN/DP" hw.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
|
6399
|
+
<example hw.product="IM151-8" hw.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
|
6400
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6401
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6402
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6403
|
+
<param pos="0" name="hw.family" value="Simatic S7"/>
|
6404
|
+
<param pos="1" name="hw.product"/>
|
6405
|
+
<param pos="2" name="hw.version"/>
|
6375
6406
|
</fingerprint>
|
6376
6407
|
|
6377
6408
|
<fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?, V\.([^,]+).*$">
|
6378
6409
|
<description>Siemens S7 - variant 1</description>
|
6379
|
-
<example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
|
6380
|
-
<example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
|
6410
|
+
<example hw.product="CPU-1200">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
|
6411
|
+
<example hw.version="1.0.1">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
|
6381
6412
|
<example>Siemens, SIMATIC S7, CPU-1200, 6ES7 214-1BE30-0XB0 SZVA2YYY007305 , 1, V.1.0.2, SZVA2YYY007305</example>
|
6382
|
-
<param pos="0" name="os.vendor" value="
|
6383
|
-
<param pos="0" name="os.
|
6384
|
-
<param pos="0" name="
|
6385
|
-
<param pos="
|
6386
|
-
<param pos="
|
6413
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6414
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6415
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6416
|
+
<param pos="0" name="hw.family" value="Simatic S7"/>
|
6417
|
+
<param pos="1" name="hw.product"/>
|
6418
|
+
<param pos="2" name="hw.version"/>
|
6387
6419
|
</fingerprint>
|
6388
6420
|
|
6389
6421
|
<fingerprint pattern="^Siemens, SIMATIC, (\S+)$">
|
6390
6422
|
<description>Siemens S7 - model only variant</description>
|
6391
|
-
<example>Siemens, SIMATIC, S7-300</example>
|
6392
|
-
<param pos="0" name="os.vendor" value="
|
6393
|
-
<param pos="0" name="os.
|
6394
|
-
<param pos="0" name="
|
6395
|
-
<param pos="
|
6423
|
+
<example hw.product="S7-300">Siemens, SIMATIC, S7-300</example>
|
6424
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6425
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6426
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6427
|
+
<param pos="0" name="hw.family" value="Simatic S7"/>
|
6428
|
+
<param pos="1" name="hw.product"/>
|
6396
6429
|
</fingerprint>
|
6397
6430
|
|
6398
6431
|
<fingerprint pattern="^Siemens, SINUMERIK, solution line ([^,]+),.*?FW:V([^,]+).*$">
|
6399
6432
|
<description>Siemens Sinumerik Solution Line</description>
|
6400
|
-
<example>Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
|
6401
|
-
<example>Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
|
6402
|
-
<param pos="0" name="os.vendor" value="
|
6433
|
+
<example hw.product="PCU50">Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
|
6434
|
+
<example hw.version="00.00.00">Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
|
6435
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
6403
6436
|
<param pos="0" name="os.device" value="Monitoring"/>
|
6404
|
-
<param pos="0" name="os.family" value="
|
6405
|
-
<param pos="
|
6406
|
-
<param pos="
|
6437
|
+
<param pos="0" name="os.family" value="Windows"/>
|
6438
|
+
<param pos="0" name="os.product" value="Windows 10"/>
|
6439
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
|
6440
|
+
<param pos="0" name="hw.vendor" value="Siemens"/>
|
6441
|
+
<param pos="0" name="hw.family" value="Simatic Sinumerik"/>
|
6442
|
+
<param pos="1" name="hw.product"/>
|
6443
|
+
<param pos="2" name="hw.version"/>
|
6407
6444
|
</fingerprint>
|
6408
6445
|
|
6409
6446
|
<fingerprint pattern="^Name:(ReliantUNIX)-. release:(\S+) version:(\S+) machine:(\S+)$">
|
data/xml/ssh_banners.xml
CHANGED
@@ -1962,8 +1962,10 @@
|
|
1962
1962
|
<fingerprint pattern="^dropbear$">
|
1963
1963
|
<description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
|
1964
1964
|
<example>dropbear</example>
|
1965
|
+
<param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
|
1965
1966
|
<param pos="0" name="service.family" value="Dropbear"/>
|
1966
|
-
<param pos="0" name="service.product" value="Dropbear"/>
|
1967
|
+
<param pos="0" name="service.product" value="Dropbear SSH"/>
|
1968
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
|
1967
1969
|
</fingerprint>
|
1968
1970
|
|
1969
1971
|
<fingerprint pattern="^dropbear_(.*)$">
|
@@ -1971,8 +1973,10 @@
|
|
1971
1973
|
<example service.version="2015.67">dropbear_2015.67</example>
|
1972
1974
|
<example service.version="0.49">dropbear_0.49</example>
|
1973
1975
|
<param pos="1" name="service.version"/>
|
1976
|
+
<param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
|
1974
1977
|
<param pos="0" name="service.family" value="Dropbear"/>
|
1975
|
-
<param pos="0" name="service.product" value="Dropbear"/>
|
1978
|
+
<param pos="0" name="service.product" value="Dropbear SSH"/>
|
1979
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
|
1976
1980
|
</fingerprint>
|
1977
1981
|
|
1978
1982
|
<fingerprint pattern="^lancom$">
|
@@ -2059,7 +2063,7 @@
|
|
2059
2063
|
<param pos="0" name="os.vendor" value="HP"/>
|
2060
2064
|
<param pos="0" name="os.family" value="Unix"/>
|
2061
2065
|
<param pos="0" name="os.product" value="Tru64 Unix"/>
|
2062
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:hp:
|
2066
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:-"/>
|
2063
2067
|
</fingerprint>
|
2064
2068
|
|
2065
2069
|
<fingerprint pattern="^ROSSSH$">
|
data/xml/telnet_banners.xml
CHANGED
@@ -66,7 +66,7 @@
|
|
66
66
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
67
67
|
</fingerprint>
|
68
68
|
|
69
|
-
<fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \(\w+\))?(?:\r|\n)+Login:\s*$">
|
69
|
+
<fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \([\w-]+\))?(?:\r|\n)+Login:\s*$">
|
70
70
|
<description>MikroTik RouterOS</description>
|
71
71
|
<!-- MikroTik v5.2\r\nLogin: -->
|
72
72
|
|
@@ -80,6 +80,9 @@
|
|
80
80
|
<!-- MikroTik v6.36rc12 (testing)\r\nLogin: -->
|
81
81
|
|
82
82
|
<example _encoding="base64" os.version="6.36rc12">TWlrcm9UaWsgdjYuMzZyYzEyICh0ZXN0aW5nKQ0KTG9naW46Cg==</example>
|
83
|
+
<!-- MikroTik v6.42.9 (long-term)\r\nLogin: -->
|
84
|
+
|
85
|
+
<example _encoding="base64" os.version="6.42.9">TWlrcm9UaWsgdjYuNDIuOSAobG9uZy10ZXJtKQ0KTG9naW46Cg==</example>
|
83
86
|
<param pos="0" name="os.vendor" value="MikroTik"/>
|
84
87
|
<param pos="0" name="os.device" value="Router"/>
|
85
88
|
<param pos="0" name="os.product" value="RouterOS"/>
|
@@ -165,6 +168,28 @@
|
|
165
168
|
<param pos="0" name="hw.device" value="Router"/>
|
166
169
|
</fingerprint>
|
167
170
|
|
171
|
+
<fingerprint pattern="^(?:\r|\n)*DD-WRT v(3.\d)-(r([\w]+)) ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+(?:\r|\n)+Board: (\S+) ([^\n\r]+)(?:\r|\n)+.* login:\s*$">
|
172
|
+
<description>DD-WRT - 3.0 family - with hardward product</description>
|
173
|
+
<!-- DD-WRT v3.0-r40559 std (c) 2019 NewMedia-NET GmbH\r\nRelease: 08/06/19\r\nBoard: Linksys WRT3200ACM\r\n\r\nDD-WRT login: -->
|
174
|
+
|
175
|
+
<example _encoding="base64" os.version="3.0" os.version.version="r40559" os.edition="std" os.build="40559" hw.vendor="Linksys" hw.product="WRT3200ACM">
|
176
|
+
REQtV1JUIHYzLjAtcjQwNTU5IHN0ZCAoYykgMjAxOSBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZ
|
177
|
+
WFzZTogMDgvMDYvMTkNCkJvYXJkOiBMaW5rc3lzIFdSVDMyMDBBQ00NCg0KREQtV1JUIGxvZ2
|
178
|
+
luOgo=
|
179
|
+
</example>
|
180
|
+
<param pos="0" name="os.vendor" value="DD-WRT"/>
|
181
|
+
<param pos="0" name="os.product" value="DD-WRT"/>
|
182
|
+
<param pos="0" name="os.device" value="Router"/>
|
183
|
+
<param pos="1" name="os.version"/>
|
184
|
+
<param pos="2" name="os.version.version"/>
|
185
|
+
<param pos="3" name="os.build"/>
|
186
|
+
<param pos="4" name="os.edition"/>
|
187
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:dd-wrt:dd-wrt:{os.version}"/>
|
188
|
+
<param pos="5" name="hw.vendor"/>
|
189
|
+
<param pos="6" name="hw.product"/>
|
190
|
+
<param pos="0" name="hw.device" value="Router"/>
|
191
|
+
</fingerprint>
|
192
|
+
|
168
193
|
<fingerprint pattern="^(TD-\w+) [\d.]+ DSL Modem Router(?:\r|\n)+Authorization failed after trying \d+ times!!!\.(?:\r|\n)+Please login after \d+ seconds!\s*$">
|
169
194
|
<description>TP-LINK TD Family DSL Modem/Router</description>
|
170
195
|
<!-- TD-W8960N 5.0 DSL Modem Router\r\nAuthorization failed after trying 5 times!!!.\r\nPlease login after 416 seconds! -->
|
@@ -906,6 +931,7 @@
|
|
906
931
|
<param pos="1" name="hw.product"/>
|
907
932
|
<param pos="2" name="host.mac"/>
|
908
933
|
<param pos="3" name="host.id"/>
|
934
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
909
935
|
<param pos="4" name="os.version"/>
|
910
936
|
<param pos="5" name="os.version.version"/>
|
911
937
|
</fingerprint>
|
@@ -928,10 +954,24 @@
|
|
928
954
|
<param pos="1" name="hw.product"/>
|
929
955
|
<param pos="2" name="host.mac"/>
|
930
956
|
<param pos="3" name="host.id"/>
|
957
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
931
958
|
<param pos="4" name="os.version"/>
|
932
959
|
<param pos="5" name="os.version.version"/>
|
933
960
|
</fingerprint>
|
934
961
|
|
962
|
+
<fingerprint pattern="^(?:\r|\n|\x00|-)*Model name\s+: NPort (5[\w-]+)(?:\r|\n|\x00)+Please keyin your username:">
|
963
|
+
<description>Moxa NPort Device Server - 5xxx Series - Model only</description>
|
964
|
+
<!-- Model name : NPort 5110A\r\n\r\nPlease keyin your username: -->
|
965
|
+
|
966
|
+
<example _encoding="base64" hw.product="5110A">TW9kZWwgbmFtZSAgICAgICA6IE5Q
|
967
|
+
b3J0IDUxMTBBDQoNClBsZWFzZSBrZXlpbiB5b3VyIHVzZXJuYW1lOgo=
|
968
|
+
</example>
|
969
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
970
|
+
<param pos="0" name="hw.family" value="NPort"/>
|
971
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
972
|
+
<param pos="1" name="hw.product"/>
|
973
|
+
</fingerprint>
|
974
|
+
|
935
975
|
<fingerprint pattern="^Model name\s+: MGate (MB3[\w-]+)(?:\r|\n|\x00|)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
|
936
976
|
<description>Moxa MGate Modbus Gateway</description>
|
937
977
|
<!-- Model name : MGate MB3180\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
@@ -948,11 +988,12 @@
|
|
948
988
|
<param pos="1" name="hw.product"/>
|
949
989
|
<param pos="2" name="host.mac"/>
|
950
990
|
<param pos="3" name="host.id"/>
|
991
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
951
992
|
<param pos="4" name="os.version"/>
|
952
993
|
<param pos="5" name="os.version.version"/>
|
953
994
|
</fingerprint>
|
954
995
|
|
955
|
-
<fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
|
996
|
+
<fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+)(?: Build (\d+)(?:\r|\n|\x00)+)?">
|
956
997
|
<description>Moxa NE Series Embedded device server</description>
|
957
998
|
<!-- Model name : NE-4110S\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
958
999
|
|
@@ -961,16 +1002,75 @@
|
|
961
1002
|
kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
|
962
1003
|
9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
|
963
1004
|
</example>
|
1005
|
+
<!-- Model name : NE-4110S\r\nMAC address : 00:90:E8:AA:AA:AA\r\nSerial No : 000\r\nFirmware version : 1.5.2\r\n\r\nPlease keyin your password: -->
|
1006
|
+
|
1007
|
+
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" host.id="000" os.version="1.5.2">
|
1008
|
+
TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQpNQUMgYWRkcmVzcyAgICAgIDogMDA6OTA6RTg6QUE6QUE6QUENClNlcmlhbCBObyAgICAgICAgOiAwMDANCkZpcm13YXJlIHZlcnNpb24gOiAxLjUuMg0KDQpQbGVhc2Uga2V5aW4geW91ciBwYXNzd29yZDoK
|
1009
|
+
</example>
|
964
1010
|
<param pos="0" name="hw.vendor" value="Moxa"/>
|
965
1011
|
<param pos="0" name="hw.family" value="NE"/>
|
966
1012
|
<param pos="0" name="hw.device" value="Device Server"/>
|
967
1013
|
<param pos="1" name="hw.product"/>
|
968
1014
|
<param pos="2" name="host.mac"/>
|
969
1015
|
<param pos="3" name="host.id"/>
|
1016
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
970
1017
|
<param pos="4" name="os.version"/>
|
971
1018
|
<param pos="5" name="os.version.version"/>
|
972
1019
|
</fingerprint>
|
973
1020
|
|
1021
|
+
<fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
|
1022
|
+
<description>Moxa MiiNePort Series Embedded device server</description>
|
1023
|
+
<!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
|
1024
|
+
|
1025
|
+
<example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF" host.id="9999" os.version="1.3.36" os.version.version="15031615">
|
1026
|
+
TW9kZWwgbmFtZSAgICAgICAgICA6IE1paU5lUG9ydCBFMg0KU2VyaWFsIE5vLiAgICAgICAgI
|
1027
|
+
CA6IDk5OTkNCkRldmljZSBuYW1lICAgICAgICAgOiBNaWlOZVBvcnRfRTJfNDA2NA0KRmlybX
|
1028
|
+
dhcmUgdmVyc2lvbiAgICA6IDEuMy4zNiBCdWlsZCAxNTAzMTYxNQ0KRXRoZXJuZXQgTUFDIGF
|
1029
|
+
kZHJlc3M6IDAwOjkwOkU4OjVBOjkyOkZGDQoNClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3Jk
|
1030
|
+
Ogo=
|
1031
|
+
</example>
|
1032
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1033
|
+
<param pos="0" name="hw.family" value="MiiNePort"/>
|
1034
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
1035
|
+
<param pos="1" name="hw.product"/>
|
1036
|
+
<param pos="2" name="host.id"/>
|
1037
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1038
|
+
<param pos="3" name="os.version"/>
|
1039
|
+
<param pos="4" name="os.version.version"/>
|
1040
|
+
<param pos="5" name="host.mac"/>
|
1041
|
+
</fingerprint>
|
1042
|
+
|
1043
|
+
<!-- The following is very specific in order to express CPE values -->
|
1044
|
+
|
1045
|
+
<fingerprint pattern="^EDR-G903 login:">
|
1046
|
+
<description>Moxa EDR Secure Routers - EDR-G903</description>
|
1047
|
+
<example>EDR-G903 login:</example>
|
1048
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1049
|
+
<param pos="0" name="hw.family" value="EDR"/>
|
1050
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1051
|
+
<param pos="0" name="hw.product" value="EDR-G903"/>
|
1052
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g903:-"/>
|
1053
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1054
|
+
<param pos="0" name="os.family" value="EDR"/>
|
1055
|
+
<param pos="0" name="os.device" value="Router"/>
|
1056
|
+
<param pos="0" name="os.product" value="EDR G903 Firmware"/>
|
1057
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:moxa:edr_g903_firmware:-"/>
|
1058
|
+
</fingerprint>
|
1059
|
+
|
1060
|
+
<fingerprint pattern="^EDR-G902 login:">
|
1061
|
+
<description>Moxa EDR Secure Routers - EDR-G902</description>
|
1062
|
+
<example>EDR-G902 login:</example>
|
1063
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1064
|
+
<param pos="0" name="hw.family" value="EDR"/>
|
1065
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1066
|
+
<param pos="0" name="hw.product" value="EDR-G902"/>
|
1067
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
|
1068
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1069
|
+
<param pos="0" name="os.family" value="EDR"/>
|
1070
|
+
<param pos="0" name="os.device" value="Router"/>
|
1071
|
+
<param pos="0" name="os.product" value="EDR G902 Firmware"/>
|
1072
|
+
</fingerprint>
|
1073
|
+
|
974
1074
|
<fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s*.*$">
|
975
1075
|
<description>RedHat general purpose linux</description>
|
976
1076
|
<!-- Red Hat Linux release 9 (Shrike)\nKernel 2.4.20-8 on an i686\nlogin: -->
|
@@ -1370,7 +1470,7 @@
|
|
1370
1470
|
<description>System HP-UX</description>
|
1371
1471
|
<!-- HP-UX ctout B.11.11 U 9000/800 (tc)\nlogin: -->
|
1372
1472
|
|
1373
|
-
<example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)">
|
1473
|
+
<example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)" hw.version="U">
|
1374
1474
|
SFAtVVggY3RvdXQgQi4xMS4xMSBVIDkwMDAvODAwICh0YykKCmxvZ2luOiA=
|
1375
1475
|
</example>
|
1376
1476
|
<param pos="0" name="os.vendor" value="HP"/>
|
@@ -1800,14 +1900,20 @@
|
|
1800
1900
|
<param pos="1" name="hw.version"/>
|
1801
1901
|
</fingerprint>
|
1802
1902
|
|
1803
|
-
<fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) Docsis-Gateway">
|
1903
|
+
<fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) (?:Docsis-Gateway|Business)">
|
1904
|
+
<description>DOCSIS Cable Modem Running RDK</description>
|
1804
1905
|
<!-- RDK (A Yocto Project based Distro) 2.0 Docsis-Gateway
|
1805
1906
|
Docsis-Gateway login: -->
|
1806
1907
|
|
1807
|
-
<description>DOCSIS Cable Modem Running RDK</description>
|
1808
1908
|
<example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
|
1809
|
-
|
1810
|
-
|
1909
|
+
UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNC
|
1910
|
+
g0NCg1Eb2NzaXMtR2F0ZXdheSBsb2dpbjo=
|
1911
|
+
</example>
|
1912
|
+
<!-- RDK (A Yocto Project based Distro) 2.0 Business\r\n\r\r\n\rBusiness login: -->
|
1913
|
+
|
1914
|
+
<example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
|
1915
|
+
UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgQnVzaW5lc3MNCg0NCg1Cd
|
1916
|
+
XNpbmVzcyBsb2dpbjoK
|
1811
1917
|
</example>
|
1812
1918
|
<param pos="0" name="hw.device" value="DOCSIS Cable Modem"/>
|
1813
1919
|
<param pos="0" name="os.vendor" value="Yocto"/>
|
@@ -1845,6 +1951,40 @@
|
|
1845
1951
|
<param pos="1" name="os.version"/>
|
1846
1952
|
</fingerprint>
|
1847
1953
|
|
1954
|
+
<fingerprint pattern="^KeeneticOS version ([\w.-]+), copyright">
|
1955
|
+
<description>Keentic KeeneticOS</description>
|
1956
|
+
<!-- KeeneticOS version 3.04.C.6.0-0, copyright (c) 2010-2020 Keenetic Ltd.\r\n\r\nLogin: -->
|
1957
|
+
|
1958
|
+
<example _encoding="base64" os.version="3.04.C.6.0-0">
|
1959
|
+
S2VlbmV0aWNPUyB2ZXJzaW9uIDMuMDQuQy42LjAtMCwgY29weXJpZ2h0IChjKSAyMDEwLTIwM
|
1960
|
+
jAgS2VlbmV0aWMgTHRkLg0KDQpMb2dpbjoK
|
1961
|
+
</example>
|
1962
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1963
|
+
<param pos="0" name="hw.vendor" value="Keenetic"/>
|
1964
|
+
<param pos="0" name="os.device" value="Router"/>
|
1965
|
+
<param pos="0" name="os.vendor" value="Keenetic"/>
|
1966
|
+
<param pos="0" name="os.product" value="KeeneticOS"/>
|
1967
|
+
<param pos="1" name="os.version"/>
|
1968
|
+
</fingerprint>
|
1969
|
+
|
1970
|
+
<fingerprint pattern="^\**(?:\r|\n)+\* Copyright \(c\) \d\d\d\d-\d\d\d\d New H3C Technologies Co., Ltd. All rights reserved.\*(?:\r|\n)+\* Without the owner's prior written consent,\s+\*(?:\r|\n)+\* no decompiling or reverse-engineering shall be allowed.\s+\*(?:\r|\n)+\*+(?:\r|\n)+login:\s*$">
|
1971
|
+
<description>Generic H3C Technologies banner</description>
|
1972
|
+
<!-- ******************************************************************************\r\n* Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved.*\r\n* Without the owner's prior written consent, *\r\n* no decompiling or reverse-engineering shall be allowed. *\r\n******************************************************************************\r\n\r\nlogin: -->
|
1973
|
+
|
1974
|
+
<example _encoding="base64">
|
1975
|
+
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqK
|
1976
|
+
ioqKioqKioqKioqKioqKioqKioqKioqDQoqIENvcHlyaWdodCAoYykgMjAwNC0yMDE3IE5ldy
|
1977
|
+
BIM0MgVGVjaG5vbG9naWVzIENvLiwgTHRkLiBBbGwgcmlnaHRzIHJlc2VydmVkLioNCiogV2l
|
1978
|
+
0aG91dCB0aGUgb3duZXIncyBwcmlvciB3cml0dGVuIGNvbnNlbnQsICAgICAgICAgICAgICAg
|
1979
|
+
ICAgICAgICAgICAgICAgICAgKg0KKiBubyBkZWNvbXBpbGluZyBvciByZXZlcnNlLWVuZ2luZ
|
1980
|
+
WVyaW5nIHNoYWxsIGJlIGFsbG93ZWQuICAgICAgICAgICAgICAgICAgICAqDQoqKioqKioqKi
|
1981
|
+
oqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKio
|
1982
|
+
qKioqKioqKioqKioqKioNCg0KbG9naW46Cg==
|
1983
|
+
</example>
|
1984
|
+
<param pos="0" name="hw.vendor" value="H3C"/>
|
1985
|
+
<param pos="0" name="os.vendor" value="H3C"/>
|
1986
|
+
</fingerprint>
|
1987
|
+
|
1848
1988
|
<fingerprint pattern="Telnet Administration (?:\r|\n)+ SAP J2EE Engine v([\d.]+)(?:\r|\n)+">
|
1849
1989
|
<description>SAP NetWeaver Application Server Java telnet service</description>
|
1850
1990
|
<!-- ***********************************************
|