recog 2.3.12 → 2.3.17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/SECURITY.md +35 -0
- data/.snyk +10 -0
- data/LICENSE +1 -1
- data/bin/recog_standardize +2 -2
- data/cpe-remap.yaml +46 -14
- data/identifiers/hw_device.txt +3 -4
- data/identifiers/hw_family.txt +6 -0
- data/identifiers/hw_product.txt +17 -6
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +11 -31
- data/identifiers/os_family.txt +1 -95
- data/identifiers/os_product.txt +9 -117
- data/identifiers/service_family.txt +4 -36
- data/identifiers/service_product.txt +211 -92
- data/identifiers/vendor.txt +46 -194
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +93 -45
- data/xml/dns_versionbind.xml +39 -16
- data/xml/favicons.xml +42 -17
- data/xml/ftp_banners.xml +39 -24
- data/xml/hp_pjl_id.xml +1 -1
- data/xml/html_title.xml +72 -22
- data/xml/http_cookies.xml +4 -1
- data/xml/http_servers.xml +342 -73
- data/xml/http_wwwauth.xml +20 -20
- data/xml/imap_banners.xml +39 -0
- data/xml/ldap_searchresult.xml +9 -6
- data/xml/ntp_banners.xml +1 -1
- data/xml/operating_system.xml +1 -0
- data/xml/pop_banners.xml +55 -2
- data/xml/sip_user_agents.xml +3 -3
- data/xml/smb_native_os.xml +1 -0
- data/xml/smtp_banners.xml +7 -2
- data/xml/smtp_help.xml +2 -0
- data/xml/smtp_vrfy.xml +2 -1
- data/xml/snmp_sysdescr.xml +125 -87
- data/xml/ssh_banners.xml +1 -1
- data/xml/telnet_banners.xml +155 -15
- data/xml/x509_issuers.xml +8 -5
- data/xml/x509_subjects.xml +25 -17
- metadata +4 -5
- data/identifiers/software_class.txt +0 -26
- data/identifiers/software_family.txt +0 -91
- data/identifiers/software_product.txt +0 -333
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f593d696005c5d90c90e99a3ff779f11e73eeb28d94c6fed500bef2124502803
|
4
|
+
data.tar.gz: 555a3b4fc6ba321c11d0479cc6054e4f316fa810d567bdddf2dfa2de08788043
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: eeddda28aaf2233544f1f4072d1f1d62431d5a8ade16edfb39f57aa05d8199794305c043af3618bced6b752f247709fc5b0f6ee430309779e5ed56bd0f963cc7
|
7
|
+
data.tar.gz: 32c03df36eef13503fdeb2ebdb5a54a5fc26e682ced5b43e047d5e885135019e19b6617845dd0087d7c06c246dc49c6866ed00585e8b6978a1db9c58dc1ce4ad
|
data/.github/SECURITY.md
ADDED
@@ -0,0 +1,35 @@
|
|
1
|
+
# Reporting security issues
|
2
|
+
|
3
|
+
Thanks for your interest in making Recog more secure! If you feel
|
4
|
+
that you have found a security issue involving Metasploit, Meterpreter,
|
5
|
+
Recog, or any other Rapid7 open source project, you are welcome to let
|
6
|
+
us know in the way that's most comfortable for you.
|
7
|
+
|
8
|
+
## Via ZenDesk
|
9
|
+
|
10
|
+
You can click on the big blue button at [Rapid7's Vulnerability
|
11
|
+
Disclosure][r7-vulns] page, which will get you to our general
|
12
|
+
vulnerability reporting system. While this does require a (free) ZenDesk
|
13
|
+
account to use, you'll get regular updates on your issue as our software
|
14
|
+
support teams work through it. As it happens [that page][r7-vulns] also
|
15
|
+
will tell you what to expect when it comes to reporting vulns, how fast
|
16
|
+
we'll fix and respond, and all the rest, so it's a pretty good read
|
17
|
+
regardless.
|
18
|
+
|
19
|
+
## Via email
|
20
|
+
|
21
|
+
If you're more of a traditionalist, you can email your finding to
|
22
|
+
security@rapid7.com. If you like, you can use our [PGP key][pgp] to
|
23
|
+
encrypt your messages, but we certainly don't mind cleartext reports
|
24
|
+
over email.
|
25
|
+
|
26
|
+
## NOT via GitHub Issues
|
27
|
+
|
28
|
+
Please don't! Disclosing security vulnerabilities to public bug trackers
|
29
|
+
is kind of mean, even when it's well-intentioned, since you end up
|
30
|
+
dropping 0-day on pretty much everyone right out of the gate. We'd prefer
|
31
|
+
you didn't!
|
32
|
+
|
33
|
+
[r7-vulns]:https://www.rapid7.com/security/disclosure/
|
34
|
+
[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
|
35
|
+
|
data/.snyk
ADDED
@@ -0,0 +1,10 @@
|
|
1
|
+
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
2
|
+
python: 3.6.0
|
3
|
+
version: v1.14.1
|
4
|
+
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
5
|
+
ignore:
|
6
|
+
SNYK-PYTHON-PYYAML-590151:
|
7
|
+
- pyyaml:
|
8
|
+
reason: Project doesn't use vulnerable code path.
|
9
|
+
expires: 2021-06-01T00:00:00.000Z
|
10
|
+
patch: {}
|
data/LICENSE
CHANGED
data/bin/recog_standardize
CHANGED
@@ -68,7 +68,7 @@ ARGV.each do |arg|
|
|
68
68
|
f.params.each do |k,v|
|
69
69
|
paramIndex, val = v
|
70
70
|
next if paramIndex != 0
|
71
|
-
next if val.index("{") !=
|
71
|
+
next if val.index("{") != nil
|
72
72
|
next if val.strip == ""
|
73
73
|
case k
|
74
74
|
when "os.vendor", "service.vendor", "service.component.vendor", "hw.vendor"
|
@@ -111,7 +111,7 @@ ARGV.each do |arg|
|
|
111
111
|
puts "HW DEVICE MISSING: #{val}"
|
112
112
|
hw_device[val] = true
|
113
113
|
end
|
114
|
-
when "service.product"
|
114
|
+
when "service.product", "service.component.product"
|
115
115
|
if ! svc_prod[val]
|
116
116
|
puts "SERVICE PRODUCT MISSING: #{val}"
|
117
117
|
svc_prod[val] = true
|
data/cpe-remap.yaml
CHANGED
@@ -1,17 +1,19 @@
|
|
1
1
|
mappings:
|
2
2
|
alpine:
|
3
3
|
vendor: alpinelinux
|
4
|
+
products:
|
5
|
+
linux: alpine_linux
|
4
6
|
apache:
|
5
|
-
vendor: apache
|
6
7
|
products:
|
7
8
|
httpd: http_server
|
8
9
|
apple:
|
9
10
|
products:
|
10
11
|
ios: iphone_os
|
12
|
+
aprelium_technologies:
|
13
|
+
vendor: aprelium
|
11
14
|
alt-n:
|
12
15
|
vendor: altn
|
13
16
|
bea:
|
14
|
-
vendor: bea
|
15
17
|
products:
|
16
18
|
weblogic: weblogic_server
|
17
19
|
blue_coat:
|
@@ -21,63 +23,83 @@ mappings:
|
|
21
23
|
products:
|
22
24
|
cyrus_imap: cyrus_imap_server
|
23
25
|
centos:
|
24
|
-
vendor: centos
|
25
26
|
products:
|
26
27
|
linux: centos
|
28
|
+
centos_webpanel:
|
29
|
+
vendor: centos-webpanel
|
27
30
|
check_point:
|
28
31
|
vendor: checkpoint
|
29
32
|
cisco:
|
30
33
|
vendor: cisco
|
31
34
|
products:
|
32
35
|
adaptive_security_appliance: adaptive_security_appliance_software
|
36
|
+
apic: application_policy_infrastructure_controller
|
33
37
|
pix: pix_firewall_software
|
34
38
|
telepresence: telepresence_video_communication_server_software
|
39
|
+
crushftp:
|
40
|
+
products:
|
41
|
+
crushftp_web_interface: crushftp
|
42
|
+
data_domain:
|
43
|
+
vendor: dell
|
44
|
+
products:
|
45
|
+
dd_os: emc_data_domain_os
|
35
46
|
debian:
|
36
|
-
vendor: debian
|
37
47
|
products:
|
38
48
|
linux: debian_linux
|
49
|
+
drupal:
|
50
|
+
products:
|
51
|
+
cms: drupal
|
39
52
|
embedthis:
|
40
53
|
products:
|
41
54
|
goahead_webserver: goahead
|
55
|
+
emc:
|
56
|
+
products:
|
57
|
+
celerra: celerra_network_attached_storage
|
42
58
|
f5:
|
43
|
-
vendor: f5
|
44
59
|
products:
|
45
60
|
big-ip: big-ip_local_traffic_manager
|
46
61
|
big-ip_ltm: big-ip_local_traffic_manager
|
62
|
+
fedora_project:
|
63
|
+
vendor: fedoraproject
|
47
64
|
hp:
|
48
|
-
vendor: hp
|
49
65
|
products:
|
50
66
|
ilo: integrated_lights_out
|
51
67
|
tru64_unix: tru64
|
52
68
|
ibm:
|
53
|
-
vendor: ibm
|
54
69
|
products:
|
55
70
|
lotus_domino: lotus_domino_server
|
56
71
|
ibm_domino: lotus_domino
|
57
72
|
os/400: os_400
|
73
|
+
intel:
|
74
|
+
products:
|
75
|
+
intel(r)_active_management_technology: active_management_technology
|
76
|
+
intel(r)_standard_manageability: standard_manageability
|
58
77
|
jamf:
|
59
78
|
products:
|
60
79
|
jamf_pro: jamf
|
61
80
|
juniper:
|
62
|
-
vendor: juniper
|
63
81
|
products:
|
64
82
|
junos_os: junos
|
65
83
|
kibana:
|
66
84
|
vendor: elasticsearch
|
85
|
+
kodi:
|
86
|
+
products:
|
87
|
+
media_server: kodi
|
67
88
|
cz.nic:
|
68
89
|
vendor: knot-dns
|
69
90
|
litespeed_technologies:
|
70
91
|
vendor: litespeedtech
|
71
92
|
linux:
|
72
|
-
vendor: linux
|
73
93
|
products:
|
74
94
|
linux: linux_kernel
|
95
|
+
lynx_technology:
|
96
|
+
vendor: lynxtechnology
|
97
|
+
products:
|
98
|
+
twonky_media_server: twonky_server
|
75
99
|
mailenable:
|
76
|
-
vendor: mailenable
|
77
100
|
products:
|
78
101
|
mail_server: mailenable
|
79
102
|
microsoft:
|
80
|
-
vendor: microsoft
|
81
103
|
products:
|
82
104
|
active_directory_controller: active_directory
|
83
105
|
exchange_server_5.5: exchange_server
|
@@ -105,14 +127,18 @@ mappings:
|
|
105
127
|
vendor: modwsgi
|
106
128
|
mort_bay:
|
107
129
|
vendor: mortbay
|
130
|
+
munin:
|
131
|
+
vendor: munin-monitoring
|
108
132
|
nlnet_labs:
|
109
133
|
vendor: nlnetlabs
|
110
134
|
products:
|
111
135
|
dnsd: name_server_daemon
|
112
136
|
net-snmp:
|
113
|
-
vendor: net-snmp
|
114
137
|
products:
|
115
138
|
snmp_agent: net-snmp
|
139
|
+
owncloud:
|
140
|
+
products:
|
141
|
+
owncloud_server: owncloud
|
116
142
|
palo_alto_networks:
|
117
143
|
vendor: paloaltonetworks
|
118
144
|
products:
|
@@ -124,6 +150,11 @@ mappings:
|
|
124
150
|
vendor: parallels
|
125
151
|
proftpd_project:
|
126
152
|
vendor: proftpd
|
153
|
+
progress:
|
154
|
+
products:
|
155
|
+
openedge_explorer: openedge
|
156
|
+
pulse_secure:
|
157
|
+
vendor: pulsesecure
|
127
158
|
realvnc_ltd.:
|
128
159
|
vendor: realvnc
|
129
160
|
red_hat:
|
@@ -141,6 +172,8 @@ mappings:
|
|
141
172
|
vendor: sun
|
142
173
|
products:
|
143
174
|
solaris: sunos
|
175
|
+
swagger:
|
176
|
+
vendor: smartbear
|
144
177
|
tandberg:
|
145
178
|
vendor: cisco
|
146
179
|
tightvnc:
|
@@ -155,15 +188,14 @@ mappings:
|
|
155
188
|
vandyke_software:
|
156
189
|
vendor: vandyke
|
157
190
|
vmware:
|
158
|
-
vendor: vmware
|
159
191
|
products:
|
160
192
|
photon_linux: photon_os
|
161
193
|
zimbra: zimbra_desktop
|
194
|
+
vcenter: vcenter_server
|
162
195
|
vmware_esx_server: esx
|
163
196
|
vmware_esxi_server: esxi
|
164
197
|
wind_river:
|
165
198
|
vendor: windriver
|
166
199
|
x.org:
|
167
|
-
vendor: x.org
|
168
200
|
products:
|
169
201
|
x.org_x11: x11
|
data/identifiers/hw_device.txt
CHANGED
@@ -4,7 +4,7 @@ Access Control
|
|
4
4
|
Alarm Panel
|
5
5
|
Appliance
|
6
6
|
Audio Encoder
|
7
|
-
Broadband
|
7
|
+
Broadband Router
|
8
8
|
Building Automation
|
9
9
|
Cable Modem
|
10
10
|
Check Scanner
|
@@ -40,10 +40,10 @@ Network Appliance
|
|
40
40
|
Network Audio
|
41
41
|
Network Management Device
|
42
42
|
PLC
|
43
|
+
Power Device
|
43
44
|
Power Relay
|
44
|
-
Power device
|
45
45
|
Powerline
|
46
|
-
Print
|
46
|
+
Print Server
|
47
47
|
Printer
|
48
48
|
Router
|
49
49
|
SD-WAN Appliance
|
@@ -71,7 +71,6 @@ VoIP Switch
|
|
71
71
|
Voice Appliance
|
72
72
|
WAP
|
73
73
|
WLAN Repeater
|
74
|
-
Web cam
|
75
74
|
Whiteboard
|
76
75
|
Wireless Controller
|
77
76
|
Wireless Presenter
|
data/identifiers/hw_family.txt
CHANGED
@@ -7,6 +7,7 @@ Communication Manager
|
|
7
7
|
DVR
|
8
8
|
DiskStation
|
9
9
|
Document Centre
|
10
|
+
EDR
|
10
11
|
Extended Systems ExtendNet
|
11
12
|
FRITZ!Box
|
12
13
|
FRITZ!Powerline
|
@@ -36,6 +37,7 @@ Mac mini
|
|
36
37
|
MacBook
|
37
38
|
MacBook Pro
|
38
39
|
MegaRAC
|
40
|
+
MiiNePort
|
39
41
|
Multifunction
|
40
42
|
My Book
|
41
43
|
NE
|
@@ -59,6 +61,10 @@ SIP Device
|
|
59
61
|
SIP Gateway
|
60
62
|
Service Access Switch
|
61
63
|
Service Router
|
64
|
+
Simatic HMI
|
65
|
+
Simatic NET
|
66
|
+
Simatic S7
|
67
|
+
Simatic Sinumerik
|
62
68
|
SoundPoint
|
63
69
|
SoundTouch
|
64
70
|
SpeedTouch
|
data/identifiers/hw_product.txt
CHANGED
@@ -7,11 +7,13 @@ ADB-4820CD
|
|
7
7
|
APIC
|
8
8
|
AV Receiver
|
9
9
|
AVC787
|
10
|
+
Access Control
|
10
11
|
Access Gateway
|
11
12
|
Access Point
|
12
13
|
Adaptive Security Appliance
|
13
14
|
AirPort Express
|
14
15
|
AirPort Extreme
|
16
|
+
Alarm Panel
|
15
17
|
AppDynamics
|
16
18
|
Apple TV (2nd generation)
|
17
19
|
Apple TV (3rd generation)
|
@@ -38,6 +40,7 @@ CloudKey
|
|
38
40
|
CommandPost
|
39
41
|
ConnectUPS Web Card
|
40
42
|
Crosswork SON Appliance
|
43
|
+
DCS-932
|
41
44
|
DD OS
|
42
45
|
DNA Center
|
43
46
|
DSL Router
|
@@ -47,6 +50,9 @@ Discovery
|
|
47
50
|
Document Centre
|
48
51
|
DuraFon
|
49
52
|
ECOM100
|
53
|
+
EDR-G902
|
54
|
+
EDR-G903
|
55
|
+
EM7
|
50
56
|
EP-series
|
51
57
|
EXA Signal Analyzer
|
52
58
|
Eagle Eye Director II
|
@@ -67,12 +73,12 @@ FortiManager
|
|
67
73
|
GigaVUE
|
68
74
|
HDHomeRun
|
69
75
|
HDIPCam
|
70
|
-
HDX {hw.model}
|
71
76
|
HiPer Access Router Card
|
72
77
|
Home Controller
|
73
78
|
Home Gateway
|
74
79
|
HomePod
|
75
80
|
Hue
|
81
|
+
HyperFlex Connect
|
76
82
|
IA Appliance
|
77
83
|
IAM
|
78
84
|
IBHLink S7++
|
@@ -161,12 +167,14 @@ Makito X Decoder
|
|
161
167
|
MediaLink Controller
|
162
168
|
MediaSense
|
163
169
|
Meeting Management
|
170
|
+
Meeting Server
|
164
171
|
MegaRAC
|
165
172
|
Mercury
|
166
173
|
Mergepoint
|
167
174
|
Miniserver
|
168
175
|
My Book Live
|
169
176
|
N5172B Signal Generator
|
177
|
+
NAS4Free
|
170
178
|
NFVIS
|
171
179
|
NPort
|
172
180
|
NetScreen
|
@@ -174,7 +182,9 @@ NetVR
|
|
174
182
|
Netbox
|
175
183
|
Network Gateway
|
176
184
|
Network Node
|
185
|
+
Nexus 1000V
|
177
186
|
Nexus Player
|
187
|
+
OfficeConnect Switch
|
178
188
|
OnHub
|
179
189
|
OpenManage
|
180
190
|
OpenManage Switch
|
@@ -195,12 +205,10 @@ RTU
|
|
195
205
|
Rack PDU Card
|
196
206
|
Raspberry Pi
|
197
207
|
ReadyNAS
|
198
|
-
RealPresence Group {hw.model}
|
199
|
-
RealPresence Trio {hw.model}
|
200
208
|
RecoverPoint
|
201
209
|
ReeCam
|
202
210
|
Roku
|
203
|
-
Room Alert
|
211
|
+
Room Alert
|
204
212
|
S7 DALI Gateway
|
205
213
|
SHIELD
|
206
214
|
SIP Gateway
|
@@ -224,6 +232,7 @@ Spot
|
|
224
232
|
Stealthwatch
|
225
233
|
Storage Appliance
|
226
234
|
Sub
|
235
|
+
Sunny WebBox
|
227
236
|
SuperStack 3
|
228
237
|
SuperStack 3 Firewall
|
229
238
|
SuperStack II
|
@@ -231,16 +240,16 @@ Symmetry EN-2DBC
|
|
231
240
|
System Management
|
232
241
|
TelePresence
|
233
242
|
TelePresence MCU
|
234
|
-
TemPageR {hw.product.model}
|
235
243
|
Tenable Appliance
|
236
244
|
Tenable Core
|
237
|
-
|
245
|
+
Tetration
|
238
246
|
Time Capsule
|
239
247
|
TouchLink Control Panel
|
240
248
|
UCS Manager
|
241
249
|
UniFi Cloud Key
|
242
250
|
UniFi NVR
|
243
251
|
UniFi Security Gateway
|
252
|
+
Univerge
|
244
253
|
Universal Media Gateway
|
245
254
|
VBrick Rev
|
246
255
|
Verizon FiOS Router
|
@@ -256,6 +265,7 @@ Wireless Dock
|
|
256
265
|
Wireless LAN Controller
|
257
266
|
Wireless Router
|
258
267
|
XCC
|
268
|
+
Xfinity Broadband Router
|
259
269
|
Xserve (Early 2008)
|
260
270
|
Xserve (Early 2009)
|
261
271
|
Xserve (Late 2006)
|
@@ -268,6 +278,7 @@ e-STUDIO
|
|
268
278
|
iCOM Control Panel
|
269
279
|
iDRAC
|
270
280
|
iLO
|
281
|
+
iLO 3
|
271
282
|
iMac (21.5-inch, 2017)
|
272
283
|
iMac (21.5-inch, Late 2012)
|
273
284
|
iMac (21.5-inch, Late 2013)
|