recog 2.3.12 → 2.3.17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/SECURITY.md +35 -0
- data/.snyk +10 -0
- data/LICENSE +1 -1
- data/bin/recog_standardize +2 -2
- data/cpe-remap.yaml +46 -14
- data/identifiers/hw_device.txt +3 -4
- data/identifiers/hw_family.txt +6 -0
- data/identifiers/hw_product.txt +17 -6
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +11 -31
- data/identifiers/os_family.txt +1 -95
- data/identifiers/os_product.txt +9 -117
- data/identifiers/service_family.txt +4 -36
- data/identifiers/service_product.txt +211 -92
- data/identifiers/vendor.txt +46 -194
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +93 -45
- data/xml/dns_versionbind.xml +39 -16
- data/xml/favicons.xml +42 -17
- data/xml/ftp_banners.xml +39 -24
- data/xml/hp_pjl_id.xml +1 -1
- data/xml/html_title.xml +72 -22
- data/xml/http_cookies.xml +4 -1
- data/xml/http_servers.xml +342 -73
- data/xml/http_wwwauth.xml +20 -20
- data/xml/imap_banners.xml +39 -0
- data/xml/ldap_searchresult.xml +9 -6
- data/xml/ntp_banners.xml +1 -1
- data/xml/operating_system.xml +1 -0
- data/xml/pop_banners.xml +55 -2
- data/xml/sip_user_agents.xml +3 -3
- data/xml/smb_native_os.xml +1 -0
- data/xml/smtp_banners.xml +7 -2
- data/xml/smtp_help.xml +2 -0
- data/xml/smtp_vrfy.xml +2 -1
- data/xml/snmp_sysdescr.xml +125 -87
- data/xml/ssh_banners.xml +1 -1
- data/xml/telnet_banners.xml +155 -15
- data/xml/x509_issuers.xml +8 -5
- data/xml/x509_subjects.xml +25 -17
- metadata +4 -5
- data/identifiers/software_class.txt +0 -26
- data/identifiers/software_family.txt +0 -91
- data/identifiers/software_product.txt +0 -333
data/xml/ssh_banners.xml
CHANGED
@@ -2063,7 +2063,7 @@
|
|
2063
2063
|
<param pos="0" name="os.vendor" value="HP"/>
|
2064
2064
|
<param pos="0" name="os.family" value="Unix"/>
|
2065
2065
|
<param pos="0" name="os.product" value="Tru64 Unix"/>
|
2066
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:hp:
|
2066
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64_unix:-"/>
|
2067
2067
|
</fingerprint>
|
2068
2068
|
|
2069
2069
|
<fingerprint pattern="^ROSSSH$">
|
data/xml/telnet_banners.xml
CHANGED
@@ -66,7 +66,7 @@
|
|
66
66
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
67
67
|
</fingerprint>
|
68
68
|
|
69
|
-
<fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \(\w+\))?(?:\r|\n)+Login:\s*$">
|
69
|
+
<fingerprint pattern="^(?:\r|\n)*MikroTik v([\w.]+)(?: \([\w-]+\))?(?:\r|\n)+Login:\s*$">
|
70
70
|
<description>MikroTik RouterOS</description>
|
71
71
|
<!-- MikroTik v5.2\r\nLogin: -->
|
72
72
|
|
@@ -80,6 +80,9 @@
|
|
80
80
|
<!-- MikroTik v6.36rc12 (testing)\r\nLogin: -->
|
81
81
|
|
82
82
|
<example _encoding="base64" os.version="6.36rc12">TWlrcm9UaWsgdjYuMzZyYzEyICh0ZXN0aW5nKQ0KTG9naW46Cg==</example>
|
83
|
+
<!-- MikroTik v6.42.9 (long-term)\r\nLogin: -->
|
84
|
+
|
85
|
+
<example _encoding="base64" os.version="6.42.9">TWlrcm9UaWsgdjYuNDIuOSAobG9uZy10ZXJtKQ0KTG9naW46Cg==</example>
|
83
86
|
<param pos="0" name="os.vendor" value="MikroTik"/>
|
84
87
|
<param pos="0" name="os.device" value="Router"/>
|
85
88
|
<param pos="0" name="os.product" value="RouterOS"/>
|
@@ -165,6 +168,28 @@
|
|
165
168
|
<param pos="0" name="hw.device" value="Router"/>
|
166
169
|
</fingerprint>
|
167
170
|
|
171
|
+
<fingerprint pattern="^(?:\r|\n)*DD-WRT v(3.\d)-(r([\w]+)) ([\w-]+) \(c\) \d{4} NewMedia-NET GmbH(?:\r|\n)+Release: \d+\/\d+\/\d+(?:\r|\n)+Board: (\S+) ([^\n\r]+)(?:\r|\n)+.* login:\s*$">
|
172
|
+
<description>DD-WRT - 3.0 family - with hardward product</description>
|
173
|
+
<!-- DD-WRT v3.0-r40559 std (c) 2019 NewMedia-NET GmbH\r\nRelease: 08/06/19\r\nBoard: Linksys WRT3200ACM\r\n\r\nDD-WRT login: -->
|
174
|
+
|
175
|
+
<example _encoding="base64" os.version="3.0" os.version.version="r40559" os.edition="std" os.build="40559" hw.vendor="Linksys" hw.product="WRT3200ACM">
|
176
|
+
REQtV1JUIHYzLjAtcjQwNTU5IHN0ZCAoYykgMjAxOSBOZXdNZWRpYS1ORVQgR21iSA0KUmVsZ
|
177
|
+
WFzZTogMDgvMDYvMTkNCkJvYXJkOiBMaW5rc3lzIFdSVDMyMDBBQ00NCg0KREQtV1JUIGxvZ2
|
178
|
+
luOgo=
|
179
|
+
</example>
|
180
|
+
<param pos="0" name="os.vendor" value="DD-WRT"/>
|
181
|
+
<param pos="0" name="os.product" value="DD-WRT"/>
|
182
|
+
<param pos="0" name="os.device" value="Router"/>
|
183
|
+
<param pos="1" name="os.version"/>
|
184
|
+
<param pos="2" name="os.version.version"/>
|
185
|
+
<param pos="3" name="os.build"/>
|
186
|
+
<param pos="4" name="os.edition"/>
|
187
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:dd-wrt:dd-wrt:{os.version}"/>
|
188
|
+
<param pos="5" name="hw.vendor"/>
|
189
|
+
<param pos="6" name="hw.product"/>
|
190
|
+
<param pos="0" name="hw.device" value="Router"/>
|
191
|
+
</fingerprint>
|
192
|
+
|
168
193
|
<fingerprint pattern="^(TD-\w+) [\d.]+ DSL Modem Router(?:\r|\n)+Authorization failed after trying \d+ times!!!\.(?:\r|\n)+Please login after \d+ seconds!\s*$">
|
169
194
|
<description>TP-LINK TD Family DSL Modem/Router</description>
|
170
195
|
<!-- TD-W8960N 5.0 DSL Modem Router\r\nAuthorization failed after trying 5 times!!!.\r\nPlease login after 416 seconds! -->
|
@@ -525,7 +550,7 @@
|
|
525
550
|
</example>
|
526
551
|
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
527
552
|
<param pos="0" name="hw.family" value="GXV"/>
|
528
|
-
<param pos="0" name="hw.device" value="
|
553
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
529
554
|
<param pos="1" name="hw.product"/>
|
530
555
|
</fingerprint>
|
531
556
|
|
@@ -592,7 +617,7 @@
|
|
592
617
|
<param pos="0" name="hw.vendor" value="SMA Solar Technology Ag"/>
|
593
618
|
<param pos="0" name="hw.family" value="Sunny"/>
|
594
619
|
<param pos="0" name="hw.product" value="WebBox"/>
|
595
|
-
<param pos="0" name="hw.device" value="Power
|
620
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
596
621
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
597
622
|
<param pos="0" name="os.family" value="Windows"/>
|
598
623
|
<param pos="0" name="os.product" value="Windows CE"/>
|
@@ -906,6 +931,7 @@
|
|
906
931
|
<param pos="1" name="hw.product"/>
|
907
932
|
<param pos="2" name="host.mac"/>
|
908
933
|
<param pos="3" name="host.id"/>
|
934
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
909
935
|
<param pos="4" name="os.version"/>
|
910
936
|
<param pos="5" name="os.version.version"/>
|
911
937
|
</fingerprint>
|
@@ -928,10 +954,24 @@
|
|
928
954
|
<param pos="1" name="hw.product"/>
|
929
955
|
<param pos="2" name="host.mac"/>
|
930
956
|
<param pos="3" name="host.id"/>
|
957
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
931
958
|
<param pos="4" name="os.version"/>
|
932
959
|
<param pos="5" name="os.version.version"/>
|
933
960
|
</fingerprint>
|
934
961
|
|
962
|
+
<fingerprint pattern="^(?:\r|\n|\x00|-)*Model name\s+: NPort (5[\w-]+)(?:\r|\n|\x00)+Please keyin your username:">
|
963
|
+
<description>Moxa NPort Device Server - 5xxx Series - Model only</description>
|
964
|
+
<!-- Model name : NPort 5110A\r\n\r\nPlease keyin your username: -->
|
965
|
+
|
966
|
+
<example _encoding="base64" hw.product="5110A">TW9kZWwgbmFtZSAgICAgICA6IE5Q
|
967
|
+
b3J0IDUxMTBBDQoNClBsZWFzZSBrZXlpbiB5b3VyIHVzZXJuYW1lOgo=
|
968
|
+
</example>
|
969
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
970
|
+
<param pos="0" name="hw.family" value="NPort"/>
|
971
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
972
|
+
<param pos="1" name="hw.product"/>
|
973
|
+
</fingerprint>
|
974
|
+
|
935
975
|
<fingerprint pattern="^Model name\s+: MGate (MB3[\w-]+)(?:\r|\n|\x00|)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version : ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
|
936
976
|
<description>Moxa MGate Modbus Gateway</description>
|
937
977
|
<!-- Model name : MGate MB3180\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
@@ -948,11 +988,12 @@
|
|
948
988
|
<param pos="1" name="hw.product"/>
|
949
989
|
<param pos="2" name="host.mac"/>
|
950
990
|
<param pos="3" name="host.id"/>
|
991
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
951
992
|
<param pos="4" name="os.version"/>
|
952
993
|
<param pos="5" name="os.version.version"/>
|
953
994
|
</fingerprint>
|
954
995
|
|
955
|
-
<fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+">
|
996
|
+
<fingerprint pattern="^Model name\s+: (NE[\w-]+)(?:\r|\n|\x00)+MAC address\s+: ([\w:]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+)(?: Build (\d+)(?:\r|\n|\x00)+)?">
|
956
997
|
<description>Moxa NE Series Embedded device server</description>
|
957
998
|
<!-- Model name : NE-4110S\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
958
999
|
|
@@ -961,16 +1002,75 @@
|
|
961
1002
|
kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
|
962
1003
|
9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
|
963
1004
|
</example>
|
1005
|
+
<!-- Model name : NE-4110S\r\nMAC address : 00:90:E8:AA:AA:AA\r\nSerial No : 000\r\nFirmware version : 1.5.2\r\n\r\nPlease keyin your password: -->
|
1006
|
+
|
1007
|
+
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" host.id="000" os.version="1.5.2">
|
1008
|
+
TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQpNQUMgYWRkcmVzcyAgICAgIDogMDA6OTA6RTg6QUE6QUE6QUENClNlcmlhbCBObyAgICAgICAgOiAwMDANCkZpcm13YXJlIHZlcnNpb24gOiAxLjUuMg0KDQpQbGVhc2Uga2V5aW4geW91ciBwYXNzd29yZDoK
|
1009
|
+
</example>
|
964
1010
|
<param pos="0" name="hw.vendor" value="Moxa"/>
|
965
1011
|
<param pos="0" name="hw.family" value="NE"/>
|
966
1012
|
<param pos="0" name="hw.device" value="Device Server"/>
|
967
1013
|
<param pos="1" name="hw.product"/>
|
968
1014
|
<param pos="2" name="host.mac"/>
|
969
1015
|
<param pos="3" name="host.id"/>
|
1016
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
970
1017
|
<param pos="4" name="os.version"/>
|
971
1018
|
<param pos="5" name="os.version.version"/>
|
972
1019
|
</fingerprint>
|
973
1020
|
|
1021
|
+
<fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
|
1022
|
+
<description>Moxa MiiNePort Series Embedded device server</description>
|
1023
|
+
<!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
|
1024
|
+
|
1025
|
+
<example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF" host.id="9999" os.version="1.3.36" os.version.version="15031615">
|
1026
|
+
TW9kZWwgbmFtZSAgICAgICAgICA6IE1paU5lUG9ydCBFMg0KU2VyaWFsIE5vLiAgICAgICAgI
|
1027
|
+
CA6IDk5OTkNCkRldmljZSBuYW1lICAgICAgICAgOiBNaWlOZVBvcnRfRTJfNDA2NA0KRmlybX
|
1028
|
+
dhcmUgdmVyc2lvbiAgICA6IDEuMy4zNiBCdWlsZCAxNTAzMTYxNQ0KRXRoZXJuZXQgTUFDIGF
|
1029
|
+
kZHJlc3M6IDAwOjkwOkU4OjVBOjkyOkZGDQoNClBsZWFzZSBrZXlpbiB5b3VyIHBhc3N3b3Jk
|
1030
|
+
Ogo=
|
1031
|
+
</example>
|
1032
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1033
|
+
<param pos="0" name="hw.family" value="MiiNePort"/>
|
1034
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
1035
|
+
<param pos="1" name="hw.product"/>
|
1036
|
+
<param pos="2" name="host.id"/>
|
1037
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1038
|
+
<param pos="3" name="os.version"/>
|
1039
|
+
<param pos="4" name="os.version.version"/>
|
1040
|
+
<param pos="5" name="host.mac"/>
|
1041
|
+
</fingerprint>
|
1042
|
+
|
1043
|
+
<!-- The following is very specific in order to express CPE values -->
|
1044
|
+
|
1045
|
+
<fingerprint pattern="^EDR-G903 login:">
|
1046
|
+
<description>Moxa EDR Secure Routers - EDR-G903</description>
|
1047
|
+
<example>EDR-G903 login:</example>
|
1048
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1049
|
+
<param pos="0" name="hw.family" value="EDR"/>
|
1050
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1051
|
+
<param pos="0" name="hw.product" value="EDR-G903"/>
|
1052
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g903:-"/>
|
1053
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1054
|
+
<param pos="0" name="os.family" value="EDR"/>
|
1055
|
+
<param pos="0" name="os.device" value="Router"/>
|
1056
|
+
<param pos="0" name="os.product" value="EDR G903 Firmware"/>
|
1057
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:moxa:edr_g903_firmware:-"/>
|
1058
|
+
</fingerprint>
|
1059
|
+
|
1060
|
+
<fingerprint pattern="^EDR-G902 login:">
|
1061
|
+
<description>Moxa EDR Secure Routers - EDR-G902</description>
|
1062
|
+
<example>EDR-G902 login:</example>
|
1063
|
+
<param pos="0" name="hw.vendor" value="Moxa"/>
|
1064
|
+
<param pos="0" name="hw.family" value="EDR"/>
|
1065
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1066
|
+
<param pos="0" name="hw.product" value="EDR-G902"/>
|
1067
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
|
1068
|
+
<param pos="0" name="os.vendor" value="Moxa"/>
|
1069
|
+
<param pos="0" name="os.family" value="EDR"/>
|
1070
|
+
<param pos="0" name="os.device" value="Router"/>
|
1071
|
+
<param pos="0" name="os.product" value="EDR G902 Firmware"/>
|
1072
|
+
</fingerprint>
|
1073
|
+
|
974
1074
|
<fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s*.*$">
|
975
1075
|
<description>RedHat general purpose linux</description>
|
976
1076
|
<!-- Red Hat Linux release 9 (Shrike)\nKernel 2.4.20-8 on an i686\nlogin: -->
|
@@ -1153,7 +1253,7 @@
|
|
1153
1253
|
Rmxvd1BvaW50LzIyMDAgU0RTTCBbQVRNXSBSb3V0ZXIgZnAyMjAwLTEyIHYzLjAuMiBSZWFkeQpMb2dpbjog
|
1154
1254
|
</example>
|
1155
1255
|
<param pos="0" name="os.vendor" value="FlowPoint"/>
|
1156
|
-
<param pos="0" name="hw.device" value="Broadband
|
1256
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1157
1257
|
<param pos="0" name="hw.product" value="DSL Router"/>
|
1158
1258
|
<param pos="1" name="hw.model"/>
|
1159
1259
|
<param pos="2" name="os.version"/>
|
@@ -1168,7 +1268,7 @@
|
|
1168
1268
|
MpIDIwMDEtMjAwMyBieSBHbG9iZXNwYW5WaXJhdGEsIEluYy4KCgpsb2dpbjog
|
1169
1269
|
</example>
|
1170
1270
|
<param pos="0" name="os.vendor" value="Conexant"/>
|
1171
|
-
<param pos="0" name="hw.device" value="Broadband
|
1271
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1172
1272
|
<param pos="1" name="os.version"/>
|
1173
1273
|
</fingerprint>
|
1174
1274
|
|
@@ -1370,7 +1470,7 @@
|
|
1370
1470
|
<description>System HP-UX</description>
|
1371
1471
|
<!-- HP-UX ctout B.11.11 U 9000/800 (tc)\nlogin: -->
|
1372
1472
|
|
1373
|
-
<example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)">
|
1473
|
+
<example _encoding="base64" host.name="ctout" os.version="11.11" hw.series="9000/800" hw.model="(tc)" hw.version="U">
|
1374
1474
|
SFAtVVggY3RvdXQgQi4xMS4xMSBVIDkwMDAvODAwICh0YykKCmxvZ2luOiA=
|
1375
1475
|
</example>
|
1376
1476
|
<param pos="0" name="os.vendor" value="HP"/>
|
@@ -1474,7 +1574,7 @@
|
|
1474
1574
|
T1JUPj4+TE9HT04gUEFTU1dPUkQ+My4yNyoqKioqKg==
|
1475
1575
|
</example>
|
1476
1576
|
<param pos="0" name="os.vendor" value="Conexant"/>
|
1477
|
-
<param pos="0" name="os.device" value="Broadband
|
1577
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
1478
1578
|
<param pos="0" name="os.product" value="AccessRunner ADSL router"/>
|
1479
1579
|
</fingerprint>
|
1480
1580
|
|
@@ -1487,7 +1587,7 @@
|
|
1487
1587
|
RoZSBjb25uZWN0aW9uIHJlcXVlc3QgISEh
|
1488
1588
|
</example>
|
1489
1589
|
<param pos="0" name="hw.vendor" value="DrayTek"/>
|
1490
|
-
<param pos="0" name="hw.device" value="Broadband
|
1590
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1491
1591
|
<param pos="0" name="hw.product" value="Vigor"/>
|
1492
1592
|
</fingerprint>
|
1493
1593
|
|
@@ -1800,14 +1900,20 @@
|
|
1800
1900
|
<param pos="1" name="hw.version"/>
|
1801
1901
|
</fingerprint>
|
1802
1902
|
|
1803
|
-
<fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) Docsis-Gateway">
|
1903
|
+
<fingerprint pattern="^RDK \(A Yocto Project based Distro\) ([^ ]+) (?:Docsis-Gateway|Business)">
|
1904
|
+
<description>DOCSIS Cable Modem Running RDK</description>
|
1804
1905
|
<!-- RDK (A Yocto Project based Distro) 2.0 Docsis-Gateway
|
1805
1906
|
Docsis-Gateway login: -->
|
1806
1907
|
|
1807
|
-
<description>DOCSIS Cable Modem Running RDK</description>
|
1808
1908
|
<example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
|
1809
|
-
|
1810
|
-
|
1909
|
+
UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgRG9jc2lzLUdhdGV3YXkNC
|
1910
|
+
g0NCg1Eb2NzaXMtR2F0ZXdheSBsb2dpbjo=
|
1911
|
+
</example>
|
1912
|
+
<!-- RDK (A Yocto Project based Distro) 2.0 Business\r\n\r\r\n\rBusiness login: -->
|
1913
|
+
|
1914
|
+
<example _encoding="base64" hw.device="DOCSIS Cable Modem" os.vendor="Yocto" os.product="RDK" os.version="2.0">
|
1915
|
+
UkRLIChBIFlvY3RvIFByb2plY3QgYmFzZWQgRGlzdHJvKSAyLjAgQnVzaW5lc3MNCg0NCg1Cd
|
1916
|
+
XNpbmVzcyBsb2dpbjoK
|
1811
1917
|
</example>
|
1812
1918
|
<param pos="0" name="hw.device" value="DOCSIS Cable Modem"/>
|
1813
1919
|
<param pos="0" name="os.vendor" value="Yocto"/>
|
@@ -1838,13 +1944,47 @@
|
|
1838
1944
|
<example _encoding="base64" os.version="2.90.00">
|
1839
1945
|
UHJlY2lzZS9SVENTIHYyLjkwLjAwIFRlbG5ldCBzZXJ2ZXIKCgpTZXJ2aWNlIFBvcnQgTWFuYWdlciBBY3RpdmUKCjxFc2M+IEVuZHMgU2Vzc2lvbgoKroot
|
1840
1946
|
</example>
|
1841
|
-
<param pos="0" name="hw.device" value="Power
|
1947
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
1842
1948
|
<param pos="0" name="hw.vendor" value="Liebert"/>
|
1843
|
-
<param pos="0" name="os.device" value="Power
|
1949
|
+
<param pos="0" name="os.device" value="Power Device"/>
|
1844
1950
|
<param pos="0" name="os.vendor" value="Liebert"/>
|
1845
1951
|
<param pos="1" name="os.version"/>
|
1846
1952
|
</fingerprint>
|
1847
1953
|
|
1954
|
+
<fingerprint pattern="^KeeneticOS version ([\w.-]+), copyright">
|
1955
|
+
<description>Keentic KeeneticOS</description>
|
1956
|
+
<!-- KeeneticOS version 3.04.C.6.0-0, copyright (c) 2010-2020 Keenetic Ltd.\r\n\r\nLogin: -->
|
1957
|
+
|
1958
|
+
<example _encoding="base64" os.version="3.04.C.6.0-0">
|
1959
|
+
S2VlbmV0aWNPUyB2ZXJzaW9uIDMuMDQuQy42LjAtMCwgY29weXJpZ2h0IChjKSAyMDEwLTIwM
|
1960
|
+
jAgS2VlbmV0aWMgTHRkLg0KDQpMb2dpbjoK
|
1961
|
+
</example>
|
1962
|
+
<param pos="0" name="hw.device" value="Router"/>
|
1963
|
+
<param pos="0" name="hw.vendor" value="Keenetic"/>
|
1964
|
+
<param pos="0" name="os.device" value="Router"/>
|
1965
|
+
<param pos="0" name="os.vendor" value="Keenetic"/>
|
1966
|
+
<param pos="0" name="os.product" value="KeeneticOS"/>
|
1967
|
+
<param pos="1" name="os.version"/>
|
1968
|
+
</fingerprint>
|
1969
|
+
|
1970
|
+
<fingerprint pattern="^\**(?:\r|\n)+\* Copyright \(c\) \d\d\d\d-\d\d\d\d New H3C Technologies Co., Ltd. All rights reserved.\*(?:\r|\n)+\* Without the owner's prior written consent,\s+\*(?:\r|\n)+\* no decompiling or reverse-engineering shall be allowed.\s+\*(?:\r|\n)+\*+(?:\r|\n)+login:\s*$">
|
1971
|
+
<description>Generic H3C Technologies banner</description>
|
1972
|
+
<!-- ******************************************************************************\r\n* Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved.*\r\n* Without the owner's prior written consent, *\r\n* no decompiling or reverse-engineering shall be allowed. *\r\n******************************************************************************\r\n\r\nlogin: -->
|
1973
|
+
|
1974
|
+
<example _encoding="base64">
|
1975
|
+
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqK
|
1976
|
+
ioqKioqKioqKioqKioqKioqKioqKioqDQoqIENvcHlyaWdodCAoYykgMjAwNC0yMDE3IE5ldy
|
1977
|
+
BIM0MgVGVjaG5vbG9naWVzIENvLiwgTHRkLiBBbGwgcmlnaHRzIHJlc2VydmVkLioNCiogV2l
|
1978
|
+
0aG91dCB0aGUgb3duZXIncyBwcmlvciB3cml0dGVuIGNvbnNlbnQsICAgICAgICAgICAgICAg
|
1979
|
+
ICAgICAgICAgICAgICAgICAgKg0KKiBubyBkZWNvbXBpbGluZyBvciByZXZlcnNlLWVuZ2luZ
|
1980
|
+
WVyaW5nIHNoYWxsIGJlIGFsbG93ZWQuICAgICAgICAgICAgICAgICAgICAqDQoqKioqKioqKi
|
1981
|
+
oqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKio
|
1982
|
+
qKioqKioqKioqKioqKioNCg0KbG9naW46Cg==
|
1983
|
+
</example>
|
1984
|
+
<param pos="0" name="hw.vendor" value="H3C"/>
|
1985
|
+
<param pos="0" name="os.vendor" value="H3C"/>
|
1986
|
+
</fingerprint>
|
1987
|
+
|
1848
1988
|
<fingerprint pattern="Telnet Administration (?:\r|\n)+ SAP J2EE Engine v([\d.]+)(?:\r|\n)+">
|
1849
1989
|
<description>SAP NetWeaver Application Server Java telnet service</description>
|
1850
1990
|
<!-- ***********************************************
|
data/xml/x509_issuers.xml
CHANGED
@@ -14,7 +14,8 @@
|
|
14
14
|
<description>Google Chromecast Gen 1</description>
|
15
15
|
<example>CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
16
16
|
<param pos="0" name="os.vendor" value="Google"/>
|
17
|
-
<param pos="0" name="os.product" value="
|
17
|
+
<param pos="0" name="os.product" value="Chrome OS"/>
|
18
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
18
19
|
<param pos="0" name="hw.device" value="Media Server"/>
|
19
20
|
<param pos="0" name="hw.vendor" value="Google"/>
|
20
21
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
@@ -32,7 +33,8 @@
|
|
32
33
|
<example chromecast.generation="11" chromecast.capabilities="Video Assist">CN=Chromecast ICA 11 (Video Assist),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
33
34
|
<example chromecast.generation="12">CN=Chromecast ICA 12,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
34
35
|
<param pos="0" name="os.vendor" value="Google"/>
|
35
|
-
<param pos="0" name="os.product" value="
|
36
|
+
<param pos="0" name="os.product" value="Chrome OS"/>
|
37
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
36
38
|
<param pos="0" name="hw.device" value="Media Server"/>
|
37
39
|
<param pos="0" name="hw.vendor" value="Google"/>
|
38
40
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
@@ -113,7 +115,7 @@
|
|
113
115
|
<fingerprint pattern="^CN=[a-zA-Z0-9]+,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US$">
|
114
116
|
<description>APC UPS</description>
|
115
117
|
<example>CN=ZA1117619249,OU=Internally Generated Certificate,O=American Power Conversion Corp,L=Default Locality,ST=Default State,C=US</example>
|
116
|
-
<param pos="0" name="hw.device" value="Power
|
118
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
117
119
|
<param pos="0" name="hw.vendor" value="APC"/>
|
118
120
|
</fingerprint>
|
119
121
|
|
@@ -126,7 +128,7 @@
|
|
126
128
|
</fingerprint>
|
127
129
|
|
128
130
|
<fingerprint pattern="^O=VMware Installer$">
|
129
|
-
<description>
|
131
|
+
<description>VMware ESXi w/Installer</description>
|
130
132
|
<example>O=VMware Installer</example>
|
131
133
|
<param pos="0" name="os.vendor" value="VMware"/>
|
132
134
|
<param pos="0" name="os.product" value="ESXi"/>
|
@@ -135,10 +137,11 @@
|
|
135
137
|
</fingerprint>
|
136
138
|
|
137
139
|
<fingerprint pattern="^CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US$">
|
138
|
-
<description>
|
140
|
+
<description>VMware vCenter</description>
|
139
141
|
<example>CN=CA,OU=VMware Engineering,O=vCenter,ST=California,C=US</example>
|
140
142
|
<param pos="0" name="service.vendor" value="VMware"/>
|
141
143
|
<param pos="0" name="service.product" value="vCenter"/>
|
144
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:vcenter_server:-"/>
|
142
145
|
</fingerprint>
|
143
146
|
|
144
147
|
<fingerprint pattern="^CN=Default Issuer \(Do not trust\),OU=ISS,O=Hewlett Packard Enterprise,L=Houston,ST=Texas,C=US$">
|
data/xml/x509_subjects.xml
CHANGED
@@ -51,7 +51,7 @@
|
|
51
51
|
<fingerprint pattern="^CN=([a-fA-F0-9:]+),OU=([^,]+),O=Cisco-Linksys\\, LLC">
|
52
52
|
<description>Cisco / Linksys Router</description>
|
53
53
|
<example host.mac="00:22:6b:ef:1e:d0" hw.product="RV042">CN=00:22:6b:ef:1e:d0,OU=RV042,O=Cisco-Linksys\, LLC,L=Irvine,C=US</example>
|
54
|
-
<param pos="0" name="hw.device" value="Broadband
|
54
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
55
55
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
56
56
|
<param pos="2" name="hw.product"/>
|
57
57
|
<param pos="1" name="host.mac"/>
|
@@ -61,7 +61,7 @@
|
|
61
61
|
<description>Cisco Post-Linksys Router</description>
|
62
62
|
<example host.mac="74:a2:e6:5c:99:21" hw.product="RV042G">CN=74:a2:e6:5c:99:21,OU=RV042G,O=Cisco Systems\, Inc.,L=Irvine,C=US</example>
|
63
63
|
<example host.mac="4C4E315901D0" hw.product="RV180">CN=4C4E315901D0,OU=RV180,O=Cisco Systems\, Inc.,C=US</example>
|
64
|
-
<param pos="0" name="hw.device" value="Broadband
|
64
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
65
65
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
66
66
|
<param pos="2" name="hw.product"/>
|
67
67
|
<param pos="1" name="host.mac"/>
|
@@ -468,14 +468,14 @@
|
|
468
468
|
</fingerprint>
|
469
469
|
|
470
470
|
<fingerprint pattern="^CN=VMware,OU=VMware,L=Palo Alto,C=US$">
|
471
|
-
<description>
|
471
|
+
<description>VMware Authentication Daemon</description>
|
472
472
|
<example>CN=VMware,OU=VMware,L=Palo Alto,C=US</example>
|
473
473
|
<param pos="0" name="service.vendor" value="VMware"/>
|
474
474
|
<param pos="0" name="service.product" value="vmauthd"/>
|
475
475
|
</fingerprint>
|
476
476
|
|
477
477
|
<fingerprint pattern="^CN=([a-zA-Z0-9\.\-\_]+),OU=VMware ESX Server Default Certificate,O=VMware\\, Inc,L=Palo Alto,ST=California,C=US$">
|
478
|
-
<description>
|
478
|
+
<description>VMware ESX</description>
|
479
479
|
<example>CN=server99.,OU=VMware ESX Server Default Certificate,O=VMware\, Inc,L=Palo Alto,ST=California,C=US</example>
|
480
480
|
<param pos="0" name="os.vendor" value="VMware"/>
|
481
481
|
<param pos="0" name="os.product" value="ESX"/>
|
@@ -485,7 +485,7 @@
|
|
485
485
|
</fingerprint>
|
486
486
|
|
487
487
|
<fingerprint pattern="^CN.*,OU=SRM,O=VMware\\, Inc\.,L=Palo Alto,ST=California,C=US$">
|
488
|
-
<description>
|
488
|
+
<description>VMware SRM</description>
|
489
489
|
<example>CN=SRM01,OU=SRM,O=VMware\, Inc.,L=Palo Alto,ST=California,C=US</example>
|
490
490
|
<param pos="0" name="os.vendor" value="VMware"/>
|
491
491
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -512,7 +512,8 @@
|
|
512
512
|
<example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
513
513
|
<example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
514
514
|
<param pos="0" name="os.vendor" value="Google"/>
|
515
|
-
<param pos="0" name="os.product" value="
|
515
|
+
<param pos="0" name="os.product" value="Chrome OS"/>
|
516
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
516
517
|
<param pos="0" name="hw.device" value="Media Server"/>
|
517
518
|
<param pos="0" name="hw.vendor" value="Google"/>
|
518
519
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
@@ -657,6 +658,9 @@
|
|
657
658
|
<fingerprint pattern="^CN=VMM APIC,OU=VMM\d+,O=Cisco,L=San Jose,ST=CA,C=US$">
|
658
659
|
<description>Cisco APIC</description>
|
659
660
|
<example>CN=VMM APIC,OU=VMM15,O=Cisco,L=San Jose,ST=CA,C=US</example>
|
661
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
662
|
+
<param pos="0" name="service.product" value="APIC"/>
|
663
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:application_policy_infrastructure_controller:-"/>
|
660
664
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
661
665
|
<param pos="0" name="hw.product" value="APIC"/>
|
662
666
|
<param pos="0" name="hw.device" value="Network Appliance"/>
|
@@ -665,6 +669,9 @@
|
|
665
669
|
<fingerprint pattern="^CN=APIC$">
|
666
670
|
<description>Cisco APIC - bare CN</description>
|
667
671
|
<example>CN=APIC</example>
|
672
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
673
|
+
<param pos="0" name="service.product" value="APIC"/>
|
674
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:application_policy_infrastructure_controller:-"/>
|
668
675
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
669
676
|
<param pos="0" name="hw.product" value="APIC"/>
|
670
677
|
<param pos="0" name="hw.device" value="Network Appliance"/>
|
@@ -840,18 +847,18 @@
|
|
840
847
|
<param pos="0" name="os.family" value="Linux"/>
|
841
848
|
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
842
849
|
<param pos="0" name="hw.family" value="UniFi"/>
|
843
|
-
<param pos="0" name="hw.device" value="
|
850
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
844
851
|
</fingerprint>
|
845
852
|
|
846
853
|
<fingerprint pattern="^CN=camera\.ubnt\.dev,">
|
847
854
|
<description>UniFi Video Camera</description>
|
848
855
|
<example>CN=camera.ubnt.dev,OU=devint,O=Ubiquiti Networks Inc.,L=Taipei,C=TW</example>
|
849
856
|
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
850
|
-
<param pos="0" name="hw.device" value="
|
857
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
851
858
|
<param pos="0" name="hw.product" value="Camera"/>
|
852
859
|
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
853
860
|
<param pos="0" name="os.family" value="Linux"/>
|
854
|
-
<param pos="0" name="os.device" value="
|
861
|
+
<param pos="0" name="os.device" value="IP Camera"/>
|
855
862
|
</fingerprint>
|
856
863
|
|
857
864
|
<fingerprint pattern="^CN=UBNT,OU=Technical Support,O=Ubiquiti Networks Inc\.,L=San Jose,ST=CA,C=US$">
|
@@ -901,7 +908,7 @@
|
|
901
908
|
<description>Verizon / Greenwave FIOS Router</description>
|
902
909
|
<example>CN=GreenWave Systems,OU=PKI,O=GreenWave Systems,L=Irvine,ST=California,C=US</example>
|
903
910
|
<param pos="0" name="hw.vendor" value="Greenwave Systems"/>
|
904
|
-
<param pos="0" name="hw.device" value="Broadband
|
911
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
905
912
|
<param pos="0" name="hw.product" value="Verizon FiOS Router"/>
|
906
913
|
</fingerprint>
|
907
914
|
|
@@ -1035,7 +1042,7 @@
|
|
1035
1042
|
<param pos="0" name="service.vendor" value="Akamai"/>
|
1036
1043
|
<param pos="0" name="service.product" value="GHost"/>
|
1037
1044
|
<param pos="0" name="os.vendor" value="Akamai"/>
|
1038
|
-
<param pos="0" name="os.device" value="Web
|
1045
|
+
<param pos="0" name="os.device" value="Web Proxy"/>
|
1039
1046
|
</fingerprint>
|
1040
1047
|
|
1041
1048
|
<fingerprint pattern="^CN=HP_3PAR_">
|
@@ -1195,10 +1202,11 @@
|
|
1195
1202
|
</fingerprint>
|
1196
1203
|
|
1197
1204
|
<fingerprint pattern="^CN=VMware default certificate,OU=vCenterServer.*,O=VMware\\, Inc\.$">
|
1198
|
-
<description>
|
1205
|
+
<description>VMware vCenter</description>
|
1199
1206
|
<example>CN=VMware default certificate,OU=vCenterServer_2013.09.26_220623,O=VMware\, Inc.</example>
|
1200
1207
|
<param pos="0" name="service.vendor" value="VMware"/>
|
1201
1208
|
<param pos="0" name="service.product" value="vCenter"/>
|
1209
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:vmware:vcenter_server:-"/>
|
1202
1210
|
</fingerprint>
|
1203
1211
|
|
1204
1212
|
<fingerprint pattern="^CN=selfappliance,OU=Engineering,O=Symplified,L=Boulder,ST=Colorado,C=US$">
|
@@ -1220,9 +1228,9 @@
|
|
1220
1228
|
<description>Axis Communications Web Cam</description>
|
1221
1229
|
<example host.mac="accc8ea31abf">CN=axis-accc8ea31abf,O=Axis Communications AB</example>
|
1222
1230
|
<param pos="0" name="hw.vendor" value="AXIS"/>
|
1223
|
-
<param pos="0" name="hw.device" value="
|
1231
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
1224
1232
|
<param pos="0" name="os.vendor" value="AXIS"/>
|
1225
|
-
<param pos="0" name="os.device" value="
|
1233
|
+
<param pos="0" name="os.device" value="IP Camera"/>
|
1226
1234
|
<param pos="0" name="os.family" value="Linux"/>
|
1227
1235
|
<param pos="1" name="host.mac"/>
|
1228
1236
|
</fingerprint>
|
@@ -1231,10 +1239,10 @@
|
|
1231
1239
|
<description>ELAN Web Cam</description>
|
1232
1240
|
<example host.name="ServerRoom">CN=ServerRoom,OU=Nortek,O=ELAN,L=StuddardMD,ST=10000,C=US</example>
|
1233
1241
|
<param pos="0" name="hw.vendor" value="ELAN"/>
|
1234
|
-
<param pos="0" name="hw.device" value="
|
1242
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
1235
1243
|
<param pos="0" name="hw.product" value="HDIPCam"/>
|
1236
1244
|
<param pos="0" name="os.vendor" value="ELAN"/>
|
1237
|
-
<param pos="0" name="os.device" value="
|
1245
|
+
<param pos="0" name="os.device" value="IP Camera"/>
|
1238
1246
|
<param pos="0" name="os.family" value="Linux"/>
|
1239
1247
|
<param pos="1" name="host.name"/>
|
1240
1248
|
</fingerprint>
|
@@ -1305,7 +1313,7 @@
|
|
1305
1313
|
<example hw.product="usg20w" host.mac="5067F0BC1D3C">CN=usg20w_5067F0BC1D3C</example>
|
1306
1314
|
<example hw.product="usg20" host.mac="107BEF0AD201">CN=usg20_107BEF0AD201</example>
|
1307
1315
|
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
1308
|
-
<param pos="0" name="hw.device" value="Broadband
|
1316
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1309
1317
|
<param pos="1" name="hw.product"/>
|
1310
1318
|
<param pos="2" name="host.mac"/>
|
1311
1319
|
</fingerprint>
|