recog 2.3.12 → 2.3.17

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 477c1b984da6788f9acbe0f8868fe07b500c0a6c9b94691a23535befba43b912
-  data.tar.gz: a23f96a8ae8212ba1521455ccbfbe60f355706eb04fbe309768cd538a5ff90a6
+  metadata.gz: f593d696005c5d90c90e99a3ff779f11e73eeb28d94c6fed500bef2124502803
+  data.tar.gz: 555a3b4fc6ba321c11d0479cc6054e4f316fa810d567bdddf2dfa2de08788043
 SHA512:
-  metadata.gz: b758ee85f8fb433fb2d0ef8ad07e627bb941ad86d5d3f07ebb768ecda8c8a00521e37c0dff81e5e2c3b7065584b7d4bef283fb6ceea0da45c952e57301879d2c
-  data.tar.gz: d07e8d168442426db1cee39ecaf6d2f7c337b20bf41799115354099185daa2e4696c58df2fddba9d025f05386fd426ce4c15bbc06eea04e47dff01642a86cd95
+  metadata.gz: eeddda28aaf2233544f1f4072d1f1d62431d5a8ade16edfb39f57aa05d8199794305c043af3618bced6b752f247709fc5b0f6ee430309779e5ed56bd0f963cc7
+  data.tar.gz: 32c03df36eef13503fdeb2ebdb5a54a5fc26e682ced5b43e047d5e885135019e19b6617845dd0087d7c06c246dc49c6866ed00585e8b6978a1db9c58dc1ce4ad

data/.github/SECURITY.md

@@ -0,0 +1,35 @@
+# Reporting security issues
+
+Thanks for your interest in making Recog more secure! If you feel
+that you have found a security issue involving Metasploit, Meterpreter,
+Recog, or any other Rapid7 open source project, you are welcome to let
+us know in the way that's most comfortable for you.
+
+## Via ZenDesk
+
+You can click on the big blue button at [Rapid7's Vulnerability
+Disclosure][r7-vulns] page, which will get you to our general
+vulnerability reporting system. While this does require a (free) ZenDesk
+account to use, you'll get regular updates on your issue as our software
+support teams work through it. As it happens [that page][r7-vulns] also
+will tell you what to expect when it comes to reporting vulns, how fast
+we'll fix and respond, and all the rest, so it's a pretty good read
+regardless.
+
+## Via email
+
+If you're more of a traditionalist, you can email your finding to
+security@rapid7.com. If you like, you can use our [PGP key][pgp] to
+encrypt your messages, but we certainly don't mind cleartext reports
+over email.
+
+## NOT via GitHub Issues
+
+Please don't! Disclosing security vulnerabilities to public bug trackers
+is kind of mean, even when it's well-intentioned, since you end up
+dropping 0-day on pretty much everyone right out of the gate. We'd prefer
+you didn't!
+
+[r7-vulns]:https://www.rapid7.com/security/disclosure/
+[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
+

data/.snyk

@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+python: 3.6.0
+version: v1.14.1
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-PYTHON-PYYAML-590151:
+    - pyyaml:
+        reason: Project doesn't use vulnerable code path.
+        expires: 2021-06-01T00:00:00.000Z
+patch: {}

data/LICENSE

@@ -2,6 +2,6 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Source: https://github.com/rapid7/recog
 
 Files: *
-Copyright: 2014-2015, Rapid7, Inc.
+Copyright: 2014, Rapid7, Inc.
 License: BSD-2-clause
 

data/bin/recog_standardize

@@ -68,7 +68,7 @@ ARGV.each do |arg|
       f.params.each do |k,v|
         paramIndex, val = v
         next if paramIndex != 0
-        next if val.index("{") != -1
+        next if val.index("{") != nil
         next if val.strip == ""
         case k
         when "os.vendor", "service.vendor", "service.component.vendor", "hw.vendor"
@@ -111,7 +111,7 @@ ARGV.each do |arg|
             puts "HW DEVICE MISSING: #{val}"
             hw_device[val] = true
           end          
-        when "service.product"
+        when "service.product", "service.component.product"
           if ! svc_prod[val]
             puts "SERVICE PRODUCT MISSING: #{val}"
             svc_prod[val] = true

data/cpe-remap.yaml

@@ -1,17 +1,19 @@
 mappings:
   alpine:
     vendor: alpinelinux
+    products:
+      linux: alpine_linux
   apache:
-    vendor: apache
     products:
       httpd: http_server
   apple:
     products:
       ios: iphone_os
+  aprelium_technologies:
+    vendor: aprelium
   alt-n:
     vendor: altn
   bea:
-    vendor: bea
     products:
       weblogic: weblogic_server
   blue_coat:
@@ -21,63 +23,83 @@ mappings:
     products:
       cyrus_imap: cyrus_imap_server
   centos:
-    vendor: centos
     products:
       linux: centos
+  centos_webpanel:
+    vendor: centos-webpanel
   check_point:
     vendor: checkpoint
   cisco:
     vendor: cisco
     products:
       adaptive_security_appliance: adaptive_security_appliance_software
+      apic: application_policy_infrastructure_controller
       pix: pix_firewall_software
       telepresence: telepresence_video_communication_server_software
+  crushftp:
+    products:
+      crushftp_web_interface: crushftp
+  data_domain:
+    vendor: dell
+    products:
+      dd_os: emc_data_domain_os
   debian:
-    vendor: debian
     products:
       linux: debian_linux
+  drupal:
+    products:
+      cms: drupal
   embedthis:
     products:
        goahead_webserver: goahead
+  emc:
+    products:
+      celerra: celerra_network_attached_storage
   f5:
-    vendor: f5
     products:
       big-ip: big-ip_local_traffic_manager
       big-ip_ltm: big-ip_local_traffic_manager
+  fedora_project:
+    vendor: fedoraproject
   hp:
-    vendor: hp
     products:
       ilo: integrated_lights_out
       tru64_unix: tru64
   ibm:
-    vendor: ibm
     products:
       lotus_domino: lotus_domino_server
       ibm_domino: lotus_domino
       os/400: os_400
+  intel:
+    products:
+      intel(r)_active_management_technology: active_management_technology
+      intel(r)_standard_manageability: standard_manageability
   jamf:
     products:
       jamf_pro: jamf
   juniper:
-    vendor: juniper
     products:
       junos_os: junos
   kibana:
     vendor: elasticsearch
+  kodi:
+    products:
+      media_server: kodi
   cz.nic:
     vendor: knot-dns
   litespeed_technologies:
     vendor: litespeedtech
   linux:
-    vendor: linux
     products:
       linux: linux_kernel
+  lynx_technology:
+    vendor: lynxtechnology
+    products:
+      twonky_media_server: twonky_server
   mailenable:
-    vendor: mailenable
     products:
       mail_server: mailenable
   microsoft:
-    vendor: microsoft
     products:
       active_directory_controller: active_directory
       exchange_server_5.5: exchange_server
@@ -105,14 +127,18 @@ mappings:
     vendor: modwsgi
   mort_bay:
     vendor: mortbay
+  munin:
+    vendor: munin-monitoring
   nlnet_labs:
     vendor: nlnetlabs
     products:
       dnsd: name_server_daemon
   net-snmp:
-    vendor: net-snmp
     products:
       snmp_agent: net-snmp
+  owncloud:
+    products:
+      owncloud_server: owncloud
   palo_alto_networks:
     vendor: paloaltonetworks
     products:
@@ -124,6 +150,11 @@ mappings:
     vendor: parallels
   proftpd_project:
     vendor: proftpd
+  progress:
+    products:
+      openedge_explorer: openedge
+  pulse_secure:
+    vendor: pulsesecure
   realvnc_ltd.:
     vendor: realvnc
   red_hat:
@@ -141,6 +172,8 @@ mappings:
     vendor: sun
     products:
       solaris: sunos
+  swagger:
+    vendor: smartbear
   tandberg:
     vendor: cisco
   tightvnc:
@@ -155,15 +188,14 @@ mappings:
   vandyke_software:
     vendor: vandyke
   vmware:
-    vendor: vmware
     products:
       photon_linux: photon_os
       zimbra: zimbra_desktop
+      vcenter: vcenter_server
       vmware_esx_server: esx
       vmware_esxi_server: esxi
   wind_river:
     vendor: windriver
   x.org:
-    vendor: x.org
     products:
       x.org_x11: x11

data/identifiers/hw_device.txt

@@ -4,7 +4,7 @@ Access Control
 Alarm Panel
 Appliance
 Audio Encoder
-Broadband router
+Broadband Router
 Building Automation
 Cable Modem
 Check Scanner
@@ -40,10 +40,10 @@ Network Appliance
 Network Audio
 Network Management Device
 PLC
+Power Device
 Power Relay
-Power device
 Powerline
-Print server
+Print Server
 Printer
 Router
 SD-WAN Appliance
@@ -71,7 +71,6 @@ VoIP Switch
 Voice Appliance
 WAP
 WLAN Repeater
-Web cam
 Whiteboard
 Wireless Controller
 Wireless Presenter

data/identifiers/hw_family.txt

@@ -7,6 +7,7 @@ Communication Manager
 DVR
 DiskStation
 Document Centre
+EDR
 Extended Systems ExtendNet
 FRITZ!Box
 FRITZ!Powerline
@@ -36,6 +37,7 @@ Mac mini
 MacBook
 MacBook Pro
 MegaRAC
+MiiNePort
 Multifunction
 My Book
 NE
@@ -59,6 +61,10 @@ SIP Device
 SIP Gateway
 Service Access Switch
 Service Router
+Simatic HMI
+Simatic NET
+Simatic S7
+Simatic Sinumerik
 SoundPoint
 SoundTouch
 SpeedTouch

data/identifiers/hw_product.txt

@@ -7,11 +7,13 @@ ADB-4820CD
 APIC
 AV Receiver
 AVC787
+Access Control
 Access Gateway
 Access Point
 Adaptive Security Appliance
 AirPort Express
 AirPort Extreme
+Alarm Panel
 AppDynamics
 Apple TV (2nd generation)
 Apple TV (3rd generation)
@@ -38,6 +40,7 @@ CloudKey
 CommandPost
 ConnectUPS Web Card
 Crosswork SON Appliance
+DCS-932
 DD OS
 DNA Center
 DSL Router
@@ -47,6 +50,9 @@ Discovery
 Document Centre
 DuraFon
 ECOM100
+EDR-G902
+EDR-G903
+EM7
 EP-series
 EXA Signal Analyzer
 Eagle Eye Director II
@@ -67,12 +73,12 @@ FortiManager
 GigaVUE
 HDHomeRun
 HDIPCam
-HDX {hw.model}
 HiPer Access Router Card
 Home Controller
 Home Gateway
 HomePod
 Hue
+HyperFlex Connect
 IA Appliance
 IAM
 IBHLink S7++
@@ -161,12 +167,14 @@ Makito X Decoder
 MediaLink Controller
 MediaSense
 Meeting Management
+Meeting Server
 MegaRAC
 Mercury
 Mergepoint
 Miniserver
 My Book Live
 N5172B Signal Generator
+NAS4Free
 NFVIS
 NPort
 NetScreen
@@ -174,7 +182,9 @@ NetVR
 Netbox
 Network Gateway
 Network Node
+Nexus 1000V
 Nexus Player
+OfficeConnect Switch
 OnHub
 OpenManage
 OpenManage Switch
@@ -195,12 +205,10 @@ RTU
 Rack PDU Card
 Raspberry Pi
 ReadyNAS
-RealPresence Group {hw.model}
-RealPresence Trio {hw.model}
 RecoverPoint
 ReeCam
 Roku
-Room Alert {hw.product.model}
+Room Alert
 S7 DALI Gateway
 SHIELD
 SIP Gateway
@@ -224,6 +232,7 @@ Spot
 Stealthwatch
 Storage Appliance
 Sub
+Sunny WebBox
 SuperStack 3
 SuperStack 3 Firewall
 SuperStack II
@@ -231,16 +240,16 @@ Symmetry EN-2DBC
 System Management
 TelePresence
 TelePresence MCU
-TemPageR {hw.product.model}
 Tenable Appliance
 Tenable Core
-Thermal Label Printer {hw.model}
+Tetration
 Time Capsule
 TouchLink Control Panel
 UCS Manager
 UniFi Cloud Key
 UniFi NVR
 UniFi Security Gateway
+Univerge
 Universal Media Gateway
 VBrick Rev
 Verizon FiOS Router
@@ -256,6 +265,7 @@ Wireless Dock
 Wireless LAN Controller
 Wireless Router
 XCC
+Xfinity Broadband Router
 Xserve (Early 2008)
 Xserve (Early 2009)
 Xserve (Late 2006)
@@ -268,6 +278,7 @@ e-STUDIO
 iCOM Control Panel
 iDRAC
 iLO
+iLO 3
 iMac (21.5-inch, 2017)
 iMac (21.5-inch, Late 2012)
 iMac (21.5-inch, Late 2013)

data/identifiers/os_architecture.txt

@@ -1,20 +1,10 @@
-680xx
-880xx
 ARM
 ARM64
 Alpha
 MIPS
 MIPS64
-MPC
-PA
 PowerPC
-Risc
 Sparc
 System/6000
-iSeries
-ia64
-pSeries
-s390
-s390x
 x86
 x86_64