recog 2.3.14 → 2.3.15

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: c46efafef760f2701e6eeee565e715ac04544300ebfb08f0083db856e4c81603
4
- data.tar.gz: 4e66bbd5ec6364325c9c7130aeb7434ab20242def9d7200d0e7d8e588f577c40
3
+ metadata.gz: 563ed349556c084c9c46b32ec41eece72724826ae355a639bd2dd55d4a990f3d
4
+ data.tar.gz: 03e767f4fd9557af69c716515e74595fbb5f287883c6d4e742a1aea1a6cdb0ef
5
5
  SHA512:
6
- metadata.gz: 61ca19b2266100f66d6c220459941ddbc0aa795cbcd2bc52c6782cd66feeb6787a3d1657486ff2af99c196592b5cdabcb2c4d9b33e7efe136f175d2bf5c12bbc
7
- data.tar.gz: dd5718510eb4780815fda18496c37afcbb4971246d2b9c6e439ca4697ac17ca1f9e70d3f634b04b5b9be7374e4fc15a346d3177ac5cf827c50e9136f48169009
6
+ metadata.gz: a5a458eef93bb3f5b9f298523f38f728e74bac390b22978af2bbf1c74b1ff55354128df657210ae49542b4a4338a3bdf8d69387c02a06ae7b0f59dc45e237775
7
+ data.tar.gz: 38d28282042fa32e206f795d63968fd45362563359e2a5d8a93070ac84b85e766c8bd8accebc518e6a06b8cd9d97a52cd5856928bc95de02857783b8669dbacc
@@ -0,0 +1,35 @@
1
+ # Reporting security issues
2
+
3
+ Thanks for your interest in making Recog more secure! If you feel
4
+ that you have found a security issue involving Metasploit, Meterpreter,
5
+ Recog, or any other Rapid7 open source project, you are welcome to let
6
+ us know in the way that's most comfortable for you.
7
+
8
+ ## Via ZenDesk
9
+
10
+ You can click on the big blue button at [Rapid7's Vulnerability
11
+ Disclosure][r7-vulns] page, which will get you to our general
12
+ vulnerability reporting system. While this does require a (free) ZenDesk
13
+ account to use, you'll get regular updates on your issue as our software
14
+ support teams work through it. As it happens [that page][r7-vulns] also
15
+ will tell you what to expect when it comes to reporting vulns, how fast
16
+ we'll fix and respond, and all the rest, so it's a pretty good read
17
+ regardless.
18
+
19
+ ## Via email
20
+
21
+ If you're more of a traditionalist, you can email your finding to
22
+ security@rapid7.com. If you like, you can use our [PGP key][pgp] to
23
+ encrypt your messages, but we certainly don't mind cleartext reports
24
+ over email.
25
+
26
+ ## NOT via GitHub Issues
27
+
28
+ Please don't! Disclosing security vulnerabilities to public bug trackers
29
+ is kind of mean, even when it's well-intentioned, since you end up
30
+ dropping 0-day on pretty much everyone right out of the gate. We'd prefer
31
+ you didn't!
32
+
33
+ [r7-vulns]:https://www.rapid7.com/security/disclosure/
34
+ [pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
35
+
@@ -1,3 +1,3 @@
1
1
  module Recog
2
- VERSION = '2.3.14'
2
+ VERSION = '2.3.15'
3
3
  end
@@ -6099,6 +6099,19 @@ Copyright (c) 1995-2005 by Cisco Systems
6099
6099
  <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
6100
6100
  </fingerprint>
6101
6101
 
6102
+
6103
+ <fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
6104
+ <description>SonicWall - SonicOS Enhanced variant without hardware model</description>
6105
+ <example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>
6106
+ <example hw.product="SOHO" os.version="6.2.5.1-26n">SonicWALL SOHO wireless-N (SonicOS Enhanced 6.2.5.1-26n--HF175723-2n)</example>
6107
+ <param pos="0" name="os.vendor" value="SonicWall"/>
6108
+ <param pos="0" name="os.device" value="Firewall"/>
6109
+ <param pos="0" name="os.product" value="SonicOS"/>
6110
+ <param pos="1" name="hw.product"/>
6111
+ <param pos="2" name="os.version"/>
6112
+ <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
6113
+ </fingerprint>
6114
+
6102
6115
  <fingerprint pattern="^SonicWALL (.*?)\s+\(([^\)]+)\)\s*$">
6103
6116
  <description>SonicWall</description>
6104
6117
  <example>SonicWALL StrongARM / 233 Mhz (PRO 200)</example>
@@ -6314,96 +6327,121 @@ Copyright (c) 1995-2005 by Cisco Systems
6314
6327
 
6315
6328
  <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*FW:\s*V([^,]+).*$">
6316
6329
  <description>Siemens HMI - firmware variant</description>
6317
- <example>Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
6318
- <example>Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
6330
+ <example hw.product="KTP1000 Basic PN">Siemens, SIMATIC HMI, KTP1000 Basic PN, 6AV6 647-0AF11-3AX0, HW: 1, FW: V01.06.00, Revision: 1</example>
6331
+ <example hw.version="01.06.00">Siemens, SIMATIC HMI, KTP600 Basic Mono PN, 6AV6647-0AB11-3AX0, HW:1, FW:V01.06.00</example>
6319
6332
  <example>Siemens, SIMATIC HMI, KTP600 Basic color PN, 6AV6 647-0AD11-3AX0, HW:1, FW:V11.00.02.00</example>
6320
- <param pos="0" name="os.vendor" value="Siemens"/>
6321
- <param pos="0" name="os.device" value="Monitoring"/>
6322
- <param pos="0" name="os.family" value="Simatic HMI"/>
6323
- <param pos="1" name="os.product"/>
6324
- <param pos="2" name="os.version"/>
6333
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6334
+ <param pos="0" name="os.device" value="HMI Controller"/>
6335
+ <param pos="0" name="os.family" value="Windows"/>
6336
+ <param pos="0" name="os.product" value="Windows CE"/>
6337
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
6338
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6339
+ <param pos="0" name="hw.family" value="Simatic HMI"/>
6340
+ <param pos="0" name="hw.device" value="HMI Controller"/>
6341
+ <param pos="1" name="hw.product"/>
6342
+ <param pos="2" name="hw.version"/>
6325
6343
  </fingerprint>
6326
6344
 
6327
6345
  <fingerprint pattern="^Siemens, SIMATIC HMI, ([^,]+),.*SW:\s*V\s*(\d+ \d+ \d+).*$">
6328
6346
  <description>Siemens HMI</description>
6329
- <example>Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
6330
- <example>Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
6347
+ <example hw.product="MP177">Siemens, SIMATIC HMI, MP177, 6AV6 642-0EA01-3AX0, HW: 0, SW: V 1 0 0</example>
6348
+ <example hw.version="1 0 2">Siemens, SIMATIC HMI, TP177B, 6AV6 642-0BD01-3AX0, HW: 0, SW: V 1 0 2</example>
6331
6349
  <example>Siemens, SIMATIC HMI, XP277, 6AV6 643-0CB01-1AX0, HW: 0, SW: V 1 1 2</example>
6332
6350
  <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0GC01-0AX0, HW: 0, SW: V 11 0 2</example>
6333
6351
  <example>Siemens, SIMATIC HMI, unknown, 6AV2 124-0JC01-0AX0, HW: 0, SW: V 11 0 0</example>
6334
- <param pos="0" name="os.vendor" value="Siemens"/>
6335
- <param pos="0" name="os.device" value="Monitoring"/>
6336
- <param pos="0" name="os.family" value="Simatic HMI"/>
6337
- <param pos="1" name="os.product"/>
6338
- <param pos="2" name="os.version"/>
6352
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6353
+ <param pos="0" name="os.device" value="HMI Controller"/>
6354
+ <param pos="0" name="os.family" value="Windows"/>
6355
+ <param pos="0" name="os.product" value="Windows CE"/>
6356
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:-"/>
6357
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6358
+ <param pos="0" name="hw.family" value="Simatic HMI"/>
6359
+ <param pos="0" name="hw.device" value="HMI Controller"/>
6360
+ <param pos="1" name="hw.product"/>
6361
+ <param pos="2" name="hw.version"/>
6339
6362
  </fingerprint>
6340
6363
 
6341
6364
  <fingerprint pattern="^Siemens, SIMATIC NET, ([^,]+),.*FW:\s*(?:Version )?V?([^,]+).*$">
6342
6365
  <description>Siemens NET - verbose variant</description>
6343
- <example os.product="CP 343-1 Advanced" os.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
6344
- <example os.product="CP 343-1 Lean" os.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
6345
- <example os.product="CP 343-1" os.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
6346
- <example os.product="SCALANCE X204-2" os.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
6347
- <example os.product="Scalance S612" os.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
6348
- <param pos="0" name="os.vendor" value="Siemens"/>
6349
- <param pos="0" name="os.device" value="Monitoring"/>
6350
- <param pos="0" name="os.family" value="Simatic NET"/>
6351
- <param pos="1" name="os.product"/>
6352
- <param pos="2" name="os.version"/>
6366
+ <example hw.product="CP 343-1 Advanced" hw.version="1.2.3">Siemens, SIMATIC NET, CP 343-1 Advanced, 6GK7 343-1GX30-0XE0, HW: Version 3, FW: Version V1.2.3, VPB9502953</example>
6367
+ <example hw.product="CP 343-1 Lean" hw.version="2.6.0">Siemens, SIMATIC NET, CP 343-1 Lean, 6GK7 343-1CX10-0XE0, HW: Version 6, FW: Version V2.6.0, VPC3513639</example>
6368
+ <example hw.product="CP 343-1" hw.version="2.2.20">Siemens, SIMATIC NET, CP 343-1, 6GK7 343-1EX30-0XE0, HW: Version 3, FW: Version V2.2.20, VPXN545808</example>
6369
+ <example hw.product="SCALANCE X204-2" hw.version="4.01">Siemens, SIMATIC NET, SCALANCE X204-2, 6GK5 204-2BB10-2AA3, HW: 4, FW: V4.01</example>
6370
+ <example hw.product="Scalance S612" hw.version="T03.00.00.00_25.00.00.01">Siemens, SIMATIC NET, Scalance S612, 6GK56120BA102AA3, HW: Version 6, FW: Version T03.00.00.00_25.00.00.01, VPB9542952</example>
6371
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6372
+ <param pos="0" name="os.family" value="Windows"/>
6373
+ <param pos="0" name="os.product" value="Windows 7"/>
6374
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
6375
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6376
+ <param pos="0" name="hw.family" value="Simatic NET"/>
6377
+ <param pos="0" name="hw.device" value="Monitoring"/>
6378
+ <param pos="1" name="hw.product"/>
6379
+ <param pos="2" name="hw.version"/>
6353
6380
  </fingerprint>
6354
6381
 
6355
6382
  <fingerprint pattern="^Siemens, SIMATIC NET (\S+) FW V (\S+)$">
6356
6383
  <description>Siemens NET</description>
6357
- <example>Siemens, SIMATIC NET CP1613 FW V 06.33</example>
6358
- <param pos="0" name="os.vendor" value="Siemens"/>
6359
- <param pos="0" name="os.device" value="Monitoring"/>
6360
- <param pos="0" name="os.family" value="Simatic NET"/>
6361
- <param pos="1" name="os.product"/>
6362
- <param pos="2" name="os.version"/>
6384
+ <example hw.product="CP1613" hw.version="06.33">Siemens, SIMATIC NET CP1613 FW V 06.33</example>
6385
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6386
+ <param pos="0" name="os.family" value="Windows"/>
6387
+ <param pos="0" name="os.product" value="Windows 7"/>
6388
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_7:-"/>
6389
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6390
+ <param pos="0" name="hw.family" value="Simatic NET"/>
6391
+ <param pos="0" name="hw.device" value="Monitoring"/>
6392
+ <param pos="1" name="hw.product"/>
6393
+ <param pos="2" name="hw.version"/>
6363
6394
  </fingerprint>
6364
6395
 
6365
6396
  <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?FW: (?:Version )?V?\.?([^,]+).*$">
6366
6397
  <description>Siemens S7</description>
6367
- <example os.product="CPU-1200" os.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
6368
- <example os.product="CPU315-2 PN/DP" os.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
6369
- <example os.product="IM151-8" os.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
6370
- <param pos="0" name="os.vendor" value="Siemens"/>
6371
- <param pos="0" name="os.device" value="Monitoring"/>
6372
- <param pos="0" name="os.family" value="Simatic S7"/>
6373
- <param pos="1" name="os.product"/>
6374
- <param pos="2" name="os.version"/>
6398
+ <example hw.product="CPU-1200" hw.version="2.0.2">Siemens, SIMATIC S7, CPU-1200, 6ES7 211-1BD30-0XB0, HW: 1, FW: V.2.0.2, SZVX8YU9000553</example>
6399
+ <example hw.product="CPU315-2 PN/DP" hw.version="2.5.0">Siemens, SIMATIC S7, CPU315-2 PN/DP, 6ES7 315-2EH13-0AB0 , HW: 3, FW: V2.5.0, S C-V4P07826200</example>
6400
+ <example hw.product="IM151-8" hw.version="3.2.3">Siemens, SIMATIC S7, IM151-8, 6ES7 151-8AB01-0AB0 , HW: 2, FW: V3.2.3, S C-B3UC78192011</example>
6401
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6402
+ <param pos="0" name="os.family" value="Windows"/>
6403
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6404
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6405
+ <param pos="1" name="hw.product"/>
6406
+ <param pos="2" name="hw.version"/>
6375
6407
  </fingerprint>
6376
6408
 
6377
6409
  <fingerprint pattern="^Siemens, SIMATIC S7, ([^,]+), .*?, V\.([^,]+).*$">
6378
6410
  <description>Siemens S7 - variant 1</description>
6379
- <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
6380
- <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
6411
+ <example hw.product="CPU-1200">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1BD30-0XB0 SZVA1YU6008610 , 1, V.1.0.1, SZVA1YU6008610</example>
6412
+ <example hw.version="1.0.1">Siemens, SIMATIC S7, CPU-1200, 6ES7 212-1HD30-0XB0 SZVA3YU7002312 , 1, V.1.0.1, SZVA3YU7002312</example>
6381
6413
  <example>Siemens, SIMATIC S7, CPU-1200, 6ES7 214-1BE30-0XB0 SZVA2YYY007305 , 1, V.1.0.2, SZVA2YYY007305</example>
6382
- <param pos="0" name="os.vendor" value="Siemens"/>
6383
- <param pos="0" name="os.device" value="Monitoring"/>
6384
- <param pos="0" name="os.family" value="Simatic S7"/>
6385
- <param pos="1" name="os.product"/>
6386
- <param pos="2" name="os.version"/>
6414
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6415
+ <param pos="0" name="os.family" value="Windows"/>
6416
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6417
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6418
+ <param pos="1" name="hw.product"/>
6419
+ <param pos="2" name="hw.version"/>
6387
6420
  </fingerprint>
6388
6421
 
6389
6422
  <fingerprint pattern="^Siemens, SIMATIC, (\S+)$">
6390
6423
  <description>Siemens S7 - model only variant</description>
6391
- <example>Siemens, SIMATIC, S7-300</example>
6392
- <param pos="0" name="os.vendor" value="Siemens"/>
6393
- <param pos="0" name="os.device" value="Monitoring"/>
6394
- <param pos="0" name="os.family" value="Simatic S7"/>
6395
- <param pos="1" name="os.product"/>
6424
+ <example hw.product="S7-300">Siemens, SIMATIC, S7-300</example>
6425
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6426
+ <param pos="0" name="os.family" value="Windows"/>
6427
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6428
+ <param pos="0" name="hw.family" value="Simatic S7"/>
6429
+ <param pos="1" name="hw.product"/>
6396
6430
  </fingerprint>
6397
6431
 
6398
6432
  <fingerprint pattern="^Siemens, SINUMERIK, solution line ([^,]+),.*?FW:V([^,]+).*$">
6399
6433
  <description>Siemens Sinumerik Solution Line</description>
6400
- <example>Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
6401
- <example>Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
6402
- <param pos="0" name="os.vendor" value="Siemens"/>
6434
+ <example hw.product="PCU50">Siemens, SINUMERIK, solution line PCU50, , HW:1, FW:V00.00.00,</example>
6435
+ <example hw.version="00.00.00">Siemens, SINUMERIK, solution line PCU50.3B-P 1GB XP, 6FC5210-0DF33-2AB0, HW:A, FW:V00.00.00, ST-BN2040231</example>
6436
+ <param pos="0" name="os.vendor" value="Microsoft"/>
6403
6437
  <param pos="0" name="os.device" value="Monitoring"/>
6404
- <param pos="0" name="os.family" value="Simatic Sinumerik"/>
6405
- <param pos="1" name="os.product"/>
6406
- <param pos="2" name="os.version"/>
6438
+ <param pos="0" name="os.family" value="Windows"/>
6439
+ <param pos="0" name="os.product" value="Windows 10"/>
6440
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
6441
+ <param pos="0" name="hw.vendor" value="Siemens"/>
6442
+ <param pos="0" name="hw.family" value="Simatic Sinumerik"/>
6443
+ <param pos="1" name="hw.product"/>
6444
+ <param pos="2" name="hw.version"/>
6407
6445
  </fingerprint>
6408
6446
 
6409
6447
  <fingerprint pattern="^Name:(ReliantUNIX)-. release:(\S+) version:(\S+) machine:(\S+)$">
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: recog
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.3.14
4
+ version: 2.3.15
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rapid7 Research
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-08-07 00:00:00.000000000 Z
11
+ date: 2020-10-22 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rspec
@@ -127,6 +127,7 @@ files:
127
127
  - ".github/ISSUE_TEMPLATE/feature_request.md"
128
128
  - ".github/ISSUE_TEMPLATE/fingerprint_request.md"
129
129
  - ".github/PULL_REQUEST_TEMPLATE"
130
+ - ".github/SECURITY.md"
130
131
  - ".gitignore"
131
132
  - ".rspec"
132
133
  - ".ruby-gemset"