recog 2.3.11 → 2.3.16

data/xml/smtp_help.xml

@@ -15,6 +15,7 @@
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^214[ -].*support@argosoft\.com *$">
@@ -23,6 +24,7 @@
     <param pos="0" name="service.vendor" value="ArGoSoft"/>
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:-"/>
   </fingerprint>
 
   <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX&quot; unrecognized$">

data/xml/snmp_sysdescr.xml

@@ -2403,7 +2403,7 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="2" name="hw.product"/>
     <param pos="3" name="os.version"/>
     <param pos="4" name="os.version.version"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:{os.version}"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:{os.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^(\S+) (.*?) Digital UNIX V(\S+)\s+\(Rev\. ([^\)]+)\).*TCP/IP$">
@@ -6099,6 +6099,18 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
   </fingerprint>
 
+  <fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
+    <description>SonicWall - SonicOS Enhanced variant without hardware model</description>
+    <example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>
+    <example hw.product="SOHO" os.version="6.2.5.1-26n">SonicWALL SOHO wireless-N (SonicOS Enhanced 6.2.5.1-26n--HF175723-2n)</example>
+    <param pos="0" name="os.vendor" value="SonicWall"/>
+    <param pos="0" name="os.device" value="Firewall"/>
+    <param pos="0" name="os.product" value="SonicOS"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
+  </fingerprint>
+
   <fingerprint pattern="^SonicWALL (.*?)\s+\(([^\)]+)\)\s*$">
     <description>SonicWall</description>
     <example>SonicWALL StrongARM / 233 Mhz (PRO 200)</example>
@@ -6314,96 +6326,121 @@ Copyright (c) 1995-2005 by Cisco Systems
 
   <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*FW:\s*V([^,]+).*$">
     <description>Siemens HMI - firmware variant</description>
-    <example>Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
-    <example>Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
+    <example hw.product="KTP1000 Basic PN">Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
+    <example hw.version="01.06.00">Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
     <example>Siemens, SIMATIC HMI, KTP600 Basic color PN, 6AV6 647-0AD11-3AX0, HW:1, FW:V11.00.02.00</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic HMI"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="HMI Controller"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows CE"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic HMI"/>
+    <param pos="0" name="hw.device" value="HMI Controller"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*SW:\s*V\s*(\d+ \d+ \d+).*$">
     <description>Siemens HMI</description>
-    <example>Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
-    <example>Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
+    <example hw.product="MP177">Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
+    <example hw.version="1 0 2">Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
     <example>Siemens, SIMATIC HMI, XP277, 6AV6 643-0CB01-1AX0, HW: 0, SW: V 1 1 2</example>
     <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0GC01-0AX0, HW: 0, SW: V 11 0 2</example>
     <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0JC01-0AX0, HW: 0, SW: V 11 0 0</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic HMI"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.device" value="HMI Controller"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows CE"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic HMI"/>
+    <param pos="0" name="hw.device" value="HMI Controller"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC NET, ([^,]+),.*FW:\s*(?:Version )?V?([^,]+).*$">
     <description>Siemens NET - verbose variant</description>
-    <example os.product="CP 343-1 Advanced" os.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
-    <example os.product="CP 343-1 Lean" os.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
-    <example os.product="CP 343-1" os.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
-    <example os.product="SCALANCE X204-2" os.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
-    <example os.product="Scalance S612" os.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic NET"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CP 343-1 Advanced" hw.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
+    <example hw.product="CP 343-1 Lean" hw.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
+    <example hw.product="CP 343-1" hw.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
+    <example hw.product="SCALANCE X204-2" hw.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
+    <example hw.product="Scalance S612" hw.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 7"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic NET"/>
+    <param pos="0" name="hw.device" value="Monitoring"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC NET (\S+) FW V (\S+)$">
     <description>Siemens NET</description>
-    <example>Siemens, SIMATIC NET CP1613 FW V 06.33</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic NET"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CP1613" hw.version="06.33">Siemens, SIMATIC NET CP1613 FW V 06.33</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 7"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic NET"/>
+    <param pos="0" name="hw.device" value="Monitoring"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?FW: (?:Version )?V?\.?([^,]+).*$">
     <description>Siemens S7</description>
-    <example os.product="CPU-1200" os.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
-    <example os.product="CPU315-2 PN/DP" os.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
-    <example os.product="IM151-8" os.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <example hw.product="CPU-1200" hw.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
+    <example hw.product="CPU315-2 PN/DP" hw.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
+    <example hw.product="IM151-8" hw.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?, V\.([^,]+).*$">
     <description>Siemens S7 - variant 1</description>
-    <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
-    <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
+    <example hw.product="CPU-1200">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
+    <example hw.version="1.0.1">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
     <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 214-1BE30-0XB0 SZVA2YYY007305 , 1, V.1.0.2, SZVA2YYY007305</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SIMATIC, (\S+)$">
     <description>Siemens S7 - model only variant</description>
-    <example>Siemens, SIMATIC, S7-300</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
-    <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic S7"/>
-    <param pos="1" name="os.product"/>
+    <example hw.product="S7-300">Siemens, SIMATIC, S7-300</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic S7"/>
+    <param pos="1" name="hw.product"/>
   </fingerprint>
 
   <fingerprint pattern="^Siemens, SINUMERIK, solution line ([^,]+),.*?FW:V([^,]+).*$">
     <description>Siemens Sinumerik Solution Line</description>
-    <example>Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
-    <example>Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
-    <param pos="0" name="os.vendor" value="Siemens"/>
+    <example hw.product="PCU50">Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
+    <example hw.version="00.00.00">Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
+    <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.device" value="Monitoring"/>
-    <param pos="0" name="os.family" value="Simatic Sinumerik"/>
-    <param pos="1" name="os.product"/>
-    <param pos="2" name="os.version"/>
+    <param pos="0" name="os.family" value="Windows"/>
+    <param pos="0" name="os.product" value="Windows 10"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
+    <param pos="0" name="hw.vendor" value="Siemens"/>
+    <param pos="0" name="hw.family" value="Simatic Sinumerik"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
   </fingerprint>
 
   <fingerprint pattern="^Name:(ReliantUNIX)-. release:(\S+) version:(\S+) machine:(\S+)$">

data/xml/ssh_banners.xml

@@ -1962,8 +1962,10 @@
   <fingerprint pattern="^dropbear$">
     <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
     <example>dropbear</example>
+    <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
     <param pos="0" name="service.family" value="Dropbear"/>
-    <param pos="0" name="service.product" value="Dropbear"/>
+    <param pos="0" name="service.product" value="Dropbear SSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:-"/>
   </fingerprint>
 
   <fingerprint pattern="^dropbear_(.*)$">
@@ -1971,8 +1973,10 @@
     <example service.version="2015.67">dropbear_2015.67</example>
     <example service.version="0.49">dropbear_0.49</example>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.vendor" value="Dropbear SSH Project"/>
     <param pos="0" name="service.family" value="Dropbear"/>
-    <param pos="0" name="service.product" value="Dropbear"/>
+    <param pos="0" name="service.product" value="Dropbear SSH"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:dropbear_ssh_project:dropbear_ssh:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^lancom$">
@@ -2059,7 +2063,7 @@
     <param pos="0" name="os.vendor" value="HP"/>
     <param pos="0" name="os.family" value="Unix"/>
     <param pos="0" name="os.product" value="Tru64 Unix"/>
-    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:-"/>
   </fingerprint>
 
   <fingerprint pattern="^ROSSSH$">

data/xml/telnet_banners.xml

@@ -66,7 +66,7 @@
     <param pos="0" name="hw.vendor" value="Cisco"/>
   </fingerprint>
 
-  <fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \(\w+\))?(?:\r|\n)+Login:\s*$">
+  <fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \([\w-]+\))?(?:\r|\n)+Login:\s*$">
     <description>MikroTik RouterOS</description>
     <!-- MikroTik v5.2\r\nLogin: -->
 
@@ -80,6 +80,9 @@
     <!-- MikroTik v6.36rc12 (testing)\r\nLogin: -->
 
     <example _encoding="base64" os.version="6.36rc12">TWlrcm9UaWsgdjYuMzZyYzEyICh0ZXN0aW5nKQ0KTG9naW46Cg==</example>
+    <!-- MikroTik v6.42.9 (long-term)\r\nLogin: -->
+
+    <example _encoding="base64" os.version="6.42.9">TWlrcm9UaWsgdjYuNDIuOSAobG9uZy10ZXJtKQ0KTG9naW46Cg==</example>
     <param pos="0" name="os.vendor" value="MikroTik"/>
     <param pos="0" name="os.device" value="Router"/>
     <param pos="0" name="os.product" value="RouterOS"/>
@@ -165,6 +168,28 @@
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>
 
+  <fingerprint pattern="^(?:\r|\n)*DD-WRT v(3.\d)-(r([\w]+)) ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+(?:\r|\n)+Board: (\S+) ([^\n\r]+)(?:\r|\n)+.* login:\s*$">
+    <description>DD-WRT - 3.0 family - with hardward product</description>
+    <!-- DD-WRT v3.0-r40559 std (c) 2019 NewMedia-NET GmbH\r\nRelease: 08/06/19\r\nBoard: Linksys WRT3200ACM\r\n\r\nDD-WRT login: -->
+
+    <example _encoding="base64" os.version="3.0" os.version.version="r40559" os.edition="std" os.build="40559" hw.vendor="Linksys" hw.product="WRT3200ACM">
+      REQtV1JUIHYzLjAtcjQwNTU5IHN0ZCAoYykgMjAxOSBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZ
+      WFzZTogMDgvMDYvMTkNCkJvYXJkOiBMaW5rc3lzIFdSVDMyMDBBQ00NCg0KREQtV1JUIGxvZ2
+      luOgo=
+    </example>
+    <param pos="0" name="os.vendor" value="DD-WRT"/>
+    <param pos="0" name="os.product" value="DD-WRT"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="1" name="os.version"/>
+    <param pos="2" name="os.version.version"/>
+    <param pos="3" name="os.build"/>
+    <param pos="4" name="os.edition"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:dd-wrt:dd-wrt:{os.version}"/>
+    <param pos="5" name="hw.vendor"/>
+    <param pos="6" name="hw.product"/>
+    <param pos="0" name="hw.device" value="Router"/>
+  </fingerprint>
+
   <fingerprint pattern="^(TD-\w+) [\d.]+ DSL Modem Router(?:\r|\n)+Authorization failed after trying \d+ times!!!\.(?:\r|\n)+Please login after \d+ seconds!\s*$">
     <description>TP-LINK TD Family DSL Modem/Router</description>
     <!-- TD-W8960N 5.0 DSL Modem Router\r\nAuthorization failed after trying 5 times!!!.\r\nPlease login after 416 seconds! -->
@@ -906,6 +931,7 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="host.mac"/>
     <param pos="3" name="host.id"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
     <param pos="4" name="os.version"/>
     <param pos="5" name="os.version.version"/>
   </fingerprint>
@@ -928,10 +954,24 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="host.mac"/>
     <param pos="3" name="host.id"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
     <param pos="4" name="os.version"/>
     <param pos="5" name="os.version.version"/>
   </fingerprint>
 
+  <fingerprint pattern="^(?:\r|\n|\x00|-)*Model name\s+: NPort (5[\w-]+)(?:\r|\n|\x00)+Please keyin your username:">
+    <description>Moxa NPort Device Server - 5xxx Series - Model only</description>
+    <!-- Model name       : NPort 5110A\r\n\r\nPlease keyin your username: -->
+
+    <example _encoding="base64" hw.product="5110A">TW9kZWwgbmFtZSAgICAgICA6IE5Q
+      b3J0IDUxMTBBDQoNClBsZWFzZSBrZXlpbiB5b3VyIHVzZXJuYW1lOgo=
+    </example>
+    <param pos="0" name="hw.vendor" value="Moxa"/>
+    <param pos="0" name="hw.family" value="NPort"/>
+    <param pos="0" name="hw.device" value="Device Server"/>
+    <param pos="1" name="hw.product"/>
+  </fingerprint>
+
   <fingerprint pattern="^Model name\s+: MGate (MB3[\w-]+)(?:\r|\n|\x00|)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
     <description>Moxa MGate Modbus Gateway</description>
     <!-- Model name       : MGate MB3180\r\u0000\nMAC address      : 00:90:E8:AA:AA:AA\r\u0000\nSerial No.       : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime    : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
@@ -948,11 +988,12 @@
     <param pos="1" name="hw.product"/>
     <param pos="2" name="host.mac"/>
     <param pos="3" name="host.id"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
     <param pos="4" name="os.version"/>
     <param pos="5" name="os.version.version"/>
   </fingerprint>
 
-  <fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
+  <fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+)(?: Build (\d+)(?:\r|\n|\x00)+)?">
     <description>Moxa NE Series Embedded device server</description>
     <!-- Model name       : NE-4110S\r\u0000\nMAC address      : 00:90:E8:AA:AA:AA\r\u0000\nSerial No        : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
 
@@ -961,16 +1002,75 @@
       kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
       9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
     </example>
+    <!-- Model name       : NE-4110S\r\nMAC address      : 00:90:E8:AA:AA:AA\r\nSerial No        : 000\r\nFirmware version : 1.5.2\r\n\r\nPlease keyin your password: -->
+
+    <example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" host.id="000" os.version="1.5.2">
+      TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQpNQUMgYWRkcmVzcyAgICAgIDogMDA6OTA6RTg6QUE6QUE6QUENClNlcmlhbCBObyAgICAgICAgOiAwMDANCkZpcm13YXJlIHZlcnNpb24gOiAxLjUuMg0KDQpQbGVhc2Uga2V5aW4geW91ciBwYXNzd29yZDoK
+      </example>
     <param pos="0" name="hw.vendor" value="Moxa"/>
     <param pos="0" name="hw.family" value="NE"/>
     <param pos="0" name="hw.device" value="Device Server"/>
     <param pos="1" name="hw.product"/>
     <param pos="2" name="host.mac"/>
     <param pos="3" name="host.id"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
     <param pos="4" name="os.version"/>
     <param pos="5" name="os.version.version"/>
   </fingerprint>
 
+  <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&amp;]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
+    <description>Moxa MiiNePort Series Embedded device server</description>
+    <!-- Model name          : MiiNePort E2\r\nSerial No.          : 9999\r\nDevice name         : MiiNePort_E2_4064\r\nFirmware version    : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
+
+    <example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF" host.id="9999" os.version="1.3.36" os.version.version="15031615">
+      TW9kZWwgbmFtZSAgICAgICAgICA6IE1paU5lUG9ydCBFMg0KU2VyaWFsIE5vLiAgICAgICAgI
+      CA6IDk5OTkNCkRldmljZSBuYW1lICAgICAgICAgOiBNaWlOZVBvcnRfRTJfNDA2NA0KRmlybX
+      dhcmUgdmVyc2lvbiAgICA6IDEuMy4zNiBCdWlsZCAxNTAzMTYxNQ0KRXRoZXJuZXQgTUFDIGF
+      kZHJlc3M6IDAwOjkwOkU4OjVBOjkyOkZGDQoNClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3Jk
+      Ogo=
+    </example>
+    <param pos="0" name="hw.vendor" value="Moxa"/>
+    <param pos="0" name="hw.family" value="MiiNePort"/>
+    <param pos="0" name="hw.device" value="Device Server"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="host.id"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
+    <param pos="3" name="os.version"/>
+    <param pos="4" name="os.version.version"/>
+    <param pos="5" name="host.mac"/>
+  </fingerprint>
+
+  <!-- The following is very specific in order to express CPE values -->
+
+  <fingerprint pattern="^EDR-G903 login:">
+    <description>Moxa EDR Secure Routers - EDR-G903</description>
+    <example>EDR-G903 login:</example>
+    <param pos="0" name="hw.vendor" value="Moxa"/>
+    <param pos="0" name="hw.family" value="EDR"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.product" value="EDR-G903"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g903:-"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
+    <param pos="0" name="os.family" value="EDR"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.product" value="EDR G903 Firmware"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:moxa:edr_g903_firmware:-"/>
+  </fingerprint>
+
+  <fingerprint pattern="^EDR-G902 login:">
+    <description>Moxa EDR Secure Routers - EDR-G902</description>
+    <example>EDR-G902 login:</example>
+    <param pos="0" name="hw.vendor" value="Moxa"/>
+    <param pos="0" name="hw.family" value="EDR"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.product" value="EDR-G902"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
+    <param pos="0" name="os.vendor" value="Moxa"/>
+    <param pos="0" name="os.family" value="EDR"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.product" value="EDR G902 Firmware"/>
+  </fingerprint>
+
   <fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s*.*$">
     <description>RedHat general purpose linux</description>
     <!-- Red Hat Linux release 9 (Shrike)\nKernel 2.4.20-8 on an i686\nlogin: -->
@@ -1370,7 +1470,7 @@
     <description>System HP-UX</description>
     <!-- HP-UX ctout B.11.11 U 9000/800 (tc)\nlogin: -->
 
-    <example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)">
+    <example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)" hw.version="U">
       SFAtVVggY3RvdXQgQi4xMS4xMSBVIDkwMDAvODAwICh0YykKCmxvZ2luOiA=
     </example>
     <param pos="0" name="os.vendor" value="HP"/>
@@ -1800,14 +1900,20 @@
     <param pos="1" name="hw.version"/>
   </fingerprint>
 
-  <fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) Docsis-Gateway">
+  <fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) (?:Docsis-Gateway|Business)">
+    <description>DOCSIS Cable Modem Running RDK</description>
     <!-- RDK (A Yocto Project based Distro) 2.0 Docsis-Gateway
          Docsis-Gateway login: -->
 
-    <description>DOCSIS Cable Modem Running RDK</description>
     <example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
-      UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNCg0NCg1Eb
-      2NzaXMtR2F0ZXdheSBsb2dpbjo=
+      UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNC
+      g0NCg1Eb2NzaXMtR2F0ZXdheSBsb2dpbjo=
+    </example>
+    <!-- RDK (A Yocto Project based Distro) 2.0 Business\r\n\r\r\n\rBusiness login: -->
+
+    <example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
+      UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgQnVzaW5lc3MNCg0NCg1Cd
+      XNpbmVzcyBsb2dpbjoK
     </example>
     <param pos="0" name="hw.device" value="DOCSIS Cable Modem"/>
     <param pos="0" name="os.vendor" value="Yocto"/>
@@ -1845,6 +1951,40 @@
     <param pos="1" name="os.version"/>
   </fingerprint>
 
+  <fingerprint pattern="^KeeneticOS version ([\w.-]+), copyright">
+    <description>Keentic KeeneticOS</description>
+    <!-- KeeneticOS version 3.04.C.6.0-0, copyright (c) 2010-2020 Keenetic Ltd.\r\n\r\nLogin: -->
+
+    <example _encoding="base64" os.version="3.04.C.6.0-0">
+      S2VlbmV0aWNPUyB2ZXJzaW9uIDMuMDQuQy42LjAtMCwgY29weXJpZ2h0IChjKSAyMDEwLTIwM
+      jAgS2VlbmV0aWMgTHRkLg0KDQpMb2dpbjoK
+    </example>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="Keenetic"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.vendor" value="Keenetic"/>
+    <param pos="0" name="os.product" value="KeeneticOS"/>
+    <param pos="1" name="os.version"/>
+  </fingerprint>
+
+  <fingerprint pattern="^\**(?:\r|\n)+\* Copyright \(c\) \d\d\d\d-\d\d\d\d New H3C Technologies Co., Ltd. All rights reserved.\*(?:\r|\n)+\* Without the owner's prior written consent,\s+\*(?:\r|\n)+\* no decompiling or reverse-engineering shall be allowed.\s+\*(?:\r|\n)+\*+(?:\r|\n)+login:\s*$">
+    <description>Generic H3C Technologies banner</description>
+    <!-- ******************************************************************************\r\n* Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved.*\r\n* Without the owner's prior written consent,                                 *\r\n* no decompiling or reverse-engineering shall be allowed.                    *\r\n******************************************************************************\r\n\r\nlogin: -->
+
+    <example _encoding="base64">
+      KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqK
+      ioqKioqKioqKioqKioqKioqKioqKioqDQoqIENvcHlyaWdodCAoYykgMjAwNC0yMDE3IE5ldy
+      BIM0MgVGVjaG5vbG9naWVzIENvLiwgTHRkLiBBbGwgcmlnaHRzIHJlc2VydmVkLioNCiogV2l
+      0aG91dCB0aGUgb3duZXIncyBwcmlvciB3cml0dGVuIGNvbnNlbnQsICAgICAgICAgICAgICAg
+      ICAgICAgICAgICAgICAgICAgKg0KKiBubyBkZWNvbXBpbGluZyBvciByZXZlcnNlLWVuZ2luZ
+      WVyaW5nIHNoYWxsIGJlIGFsbG93ZWQuICAgICAgICAgICAgICAgICAgICAqDQoqKioqKioqKi
+      oqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKio
+      qKioqKioqKioqKioqKioNCg0KbG9naW46Cg==
+    </example>
+    <param pos="0" name="hw.vendor" value="H3C"/>
+    <param pos="0" name="os.vendor" value="H3C"/>
+  </fingerprint>
+
   <fingerprint pattern="Telnet Administration (?:\r|\n)+   SAP J2EE Engine v([\d.]+)(?:\r|\n)+">
     <description>SAP NetWeaver Application Server Java telnet service</description>
     <!-- ***********************************************