recog 2.3.14 → 2.3.19
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/SECURITY.md +35 -0
- data/.github/workflows/ci.yml +26 -0
- data/.snyk +10 -0
- data/LICENSE +1 -1
- data/bin/recog_standardize +2 -2
- data/cpe-remap.yaml +55 -14
- data/identifiers/hw_device.txt +5 -4
- data/identifiers/hw_family.txt +12 -0
- data/identifiers/hw_product.txt +76 -6
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +13 -31
- data/identifiers/os_family.txt +2 -95
- data/identifiers/os_product.txt +34 -117
- data/identifiers/service_family.txt +7 -36
- data/identifiers/service_product.txt +238 -92
- data/identifiers/vendor.txt +78 -193
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +96 -48
- data/xml/dns_versionbind.xml +39 -16
- data/xml/favicons.xml +150 -17
- data/xml/ftp_banners.xml +21 -19
- data/xml/hp_pjl_id.xml +1 -1
- data/xml/html_title.xml +200 -23
- data/xml/http_cookies.xml +89 -1
- data/xml/http_servers.xml +144 -18
- data/xml/http_wwwauth.xml +28 -20
- data/xml/ldap_searchresult.xml +9 -6
- data/xml/mdns_device-info_txt.xml +308 -10
- data/xml/ntp_banners.xml +9 -1
- data/xml/operating_system.xml +1 -0
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +344 -8
- data/xml/sip_user_agents.xml +320 -7
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +158 -33
- data/xml/smtp_banners.xml +7 -2
- data/xml/smtp_help.xml +2 -0
- data/xml/smtp_vrfy.xml +2 -1
- data/xml/snmp_sysdescr.xml +252 -86
- data/xml/ssh_banners.xml +118 -11
- data/xml/telnet_banners.xml +34 -9
- data/xml/tls_jarm.xml +139 -0
- data/xml/x509_issuers.xml +24 -5
- data/xml/x509_subjects.xml +97 -17
- metadata +6 -5
- data/identifiers/software_class.txt +0 -26
- data/identifiers/software_family.txt +0 -91
- data/identifiers/software_product.txt +0 -333
data/xml/ssh_banners.xml
CHANGED
@@ -552,7 +552,7 @@
|
|
552
552
|
</fingerprint>
|
553
553
|
|
554
554
|
<fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
|
555
|
-
<description>OpenSSH running on FreeBSD 12.0</description>
|
555
|
+
<description>OpenSSH running on FreeBSD 12.0/12.1</description>
|
556
556
|
<example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
|
557
557
|
<param pos="1" name="service.version"/>
|
558
558
|
<param pos="2" name="openssh.comment"/>
|
@@ -888,9 +888,10 @@
|
|
888
888
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
|
889
889
|
</fingerprint>
|
890
890
|
|
891
|
-
<fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-
|
891
|
+
<fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6\S*)$">
|
892
892
|
<description>OpenSSH running on Ubuntu 13.10</description>
|
893
893
|
<example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
|
894
|
+
<example service.version="6.2p2" openssh.comment="Ubuntu-6">OpenSSH_6.2p2 Ubuntu-6</example>
|
894
895
|
<param pos="1" name="service.version"/>
|
895
896
|
<param pos="2" name="openssh.comment"/>
|
896
897
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -917,10 +918,11 @@
|
|
917
918
|
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
918
919
|
</fingerprint>
|
919
920
|
|
920
|
-
<fingerprint pattern="^OpenSSH_(6\.6(
|
921
|
+
<fingerprint pattern="^OpenSSH_(6\.6(?:\.1)?p1) (Ubuntu-2\S*)$">
|
921
922
|
<description>OpenSSH running on Ubuntu 14.04</description>
|
922
923
|
<example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
|
923
924
|
<example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
|
925
|
+
<example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2.13">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13</example>
|
924
926
|
<param pos="1" name="service.version"/>
|
925
927
|
<param pos="2" name="openssh.comment"/>
|
926
928
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -950,9 +952,10 @@
|
|
950
952
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
|
951
953
|
</fingerprint>
|
952
954
|
|
953
|
-
<fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-
|
955
|
+
<fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5\S*)$">
|
954
956
|
<description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
|
955
957
|
<example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
|
958
|
+
<example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1.4">OpenSSH_6.7p1 Ubuntu-5ubuntu1.4</example>
|
956
959
|
<param pos="1" name="service.version"/>
|
957
960
|
<param pos="2" name="openssh.comment"/>
|
958
961
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -966,9 +969,10 @@
|
|
966
969
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
|
967
970
|
</fingerprint>
|
968
971
|
|
969
|
-
<fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
|
972
|
+
<fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2\S*)$">
|
970
973
|
<description>OpenSSH running on Ubuntu 15.10</description>
|
971
974
|
<example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
|
975
|
+
<example service.version="6.9p1" openssh.comment="Ubuntu-2ubuntu0.2">OpenSSH_6.9p1 Ubuntu-2ubuntu0.2</example>
|
972
976
|
<param pos="1" name="service.version"/>
|
973
977
|
<param pos="2" name="openssh.comment"/>
|
974
978
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -982,9 +986,11 @@
|
|
982
986
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
|
983
987
|
</fingerprint>
|
984
988
|
|
985
|
-
<fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-
|
989
|
+
<fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4\S*)$">
|
986
990
|
<description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
|
987
991
|
<example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
|
992
|
+
<example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu1">OpenSSH_7.2p2 Ubuntu-4ubuntu1</example>
|
993
|
+
<example service.version="7.2p2" openssh.comment="Ubuntu-4">OpenSSH_7.2p2 Ubuntu-4</example>
|
988
994
|
<param pos="1" name="service.version"/>
|
989
995
|
<param pos="2" name="openssh.comment"/>
|
990
996
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -1030,9 +1036,10 @@
|
|
1030
1036
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
|
1031
1037
|
</fingerprint>
|
1032
1038
|
|
1033
|
-
<fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-
|
1039
|
+
<fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10\S*)$">
|
1034
1040
|
<description>OpenSSH running on Ubuntu 17.10</description>
|
1035
1041
|
<example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
|
1042
|
+
<example service.version="7.5p1" openssh.comment="Ubuntu-10">OpenSSH_7.5p1 Ubuntu-10</example>
|
1036
1043
|
<param pos="1" name="service.version"/>
|
1037
1044
|
<param pos="2" name="openssh.comment"/>
|
1038
1045
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -1046,9 +1053,10 @@
|
|
1046
1053
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
|
1047
1054
|
</fingerprint>
|
1048
1055
|
|
1049
|
-
<fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-
|
1056
|
+
<fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4\S*)$">
|
1050
1057
|
<description>OpenSSH running on Ubuntu 18.04</description>
|
1051
1058
|
<example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
|
1059
|
+
<example service.version="7.6p1" openssh.comment="Ubuntu-4">OpenSSH_7.6p1 Ubuntu-4</example>
|
1052
1060
|
<param pos="1" name="service.version"/>
|
1053
1061
|
<param pos="2" name="openssh.comment"/>
|
1054
1062
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -1062,9 +1070,10 @@
|
|
1062
1070
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
|
1063
1071
|
</fingerprint>
|
1064
1072
|
|
1065
|
-
<fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
|
1073
|
+
<fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4\S*)$">
|
1066
1074
|
<description>OpenSSH running on Ubuntu 18.10</description>
|
1067
1075
|
<example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
|
1076
|
+
<example service.version="7.7p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.7p1 Ubuntu-4ubuntu0.3</example>
|
1068
1077
|
<param pos="1" name="service.version"/>
|
1069
1078
|
<param pos="2" name="openssh.comment"/>
|
1070
1079
|
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
@@ -1110,6 +1119,39 @@
|
|
1110
1119
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
|
1111
1120
|
</fingerprint>
|
1112
1121
|
|
1122
|
+
<fingerprint pattern="^OpenSSH_(8\.2p1) (Ubuntu-4\S*)$">
|
1123
|
+
<description>OpenSSH running on Ubuntu 20.04</description>
|
1124
|
+
<example service.version="8.2p1" openssh.comment="Ubuntu-4ubuntu0.1">OpenSSH_8.2p1 Ubuntu-4ubuntu0.1</example>
|
1125
|
+
<example service.version="8.2p1" openssh.comment="Ubuntu-4">OpenSSH_8.2p1 Ubuntu-4</example>
|
1126
|
+
<param pos="1" name="service.version"/>
|
1127
|
+
<param pos="2" name="openssh.comment"/>
|
1128
|
+
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
1129
|
+
<param pos="0" name="service.family" value="OpenSSH"/>
|
1130
|
+
<param pos="0" name="service.product" value="OpenSSH"/>
|
1131
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
1132
|
+
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
1133
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1134
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1135
|
+
<param pos="0" name="os.version" value="20.04"/>
|
1136
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.04"/>
|
1137
|
+
</fingerprint>
|
1138
|
+
|
1139
|
+
<fingerprint pattern="^OpenSSH_(8\.3p1) (Ubuntu-1\S*)$">
|
1140
|
+
<description>OpenSSH running on Ubuntu 20.10</description>
|
1141
|
+
<example service.version="8.3p1" openssh.comment="Ubuntu-1">OpenSSH_8.3p1 Ubuntu-1</example>
|
1142
|
+
<param pos="1" name="service.version"/>
|
1143
|
+
<param pos="2" name="openssh.comment"/>
|
1144
|
+
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
1145
|
+
<param pos="0" name="service.family" value="OpenSSH"/>
|
1146
|
+
<param pos="0" name="service.product" value="OpenSSH"/>
|
1147
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
1148
|
+
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
1149
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1150
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1151
|
+
<param pos="0" name="os.version" value="20.10"/>
|
1152
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.10"/>
|
1153
|
+
</fingerprint>
|
1154
|
+
|
1113
1155
|
<fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
|
1114
1156
|
<description>OpenSSH running on Ubuntu (unknown release)</description>
|
1115
1157
|
<example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
|
@@ -1329,9 +1371,56 @@
|
|
1329
1371
|
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
|
1330
1372
|
</fingerprint>
|
1331
1373
|
|
1332
|
-
<fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10
|
1333
|
-
<description>OpenSSH running on Debian 10.
|
1374
|
+
<fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10)$">
|
1375
|
+
<description>OpenSSH running on Debian 10.0 (buster)</description>
|
1334
1376
|
<example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
|
1377
|
+
<param pos="1" name="service.version"/>
|
1378
|
+
<param pos="2" name="openssh.comment"/>
|
1379
|
+
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
1380
|
+
<param pos="0" name="service.family" value="OpenSSH"/>
|
1381
|
+
<param pos="0" name="service.product" value="OpenSSH"/>
|
1382
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
1383
|
+
<param pos="0" name="os.vendor" value="Debian"/>
|
1384
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1385
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1386
|
+
<param pos="0" name="os.version" value="10.0"/>
|
1387
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
|
1388
|
+
</fingerprint>
|
1389
|
+
|
1390
|
+
<fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u1)$">
|
1391
|
+
<description>OpenSSH running on Debian 10.1 (buster)</description>
|
1392
|
+
<example service.version="7.9p1" openssh.comment="Debian-10+deb10u1">OpenSSH_7.9p1 Debian-10+deb10u1</example>
|
1393
|
+
<param pos="1" name="service.version"/>
|
1394
|
+
<param pos="2" name="openssh.comment"/>
|
1395
|
+
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
1396
|
+
<param pos="0" name="service.family" value="OpenSSH"/>
|
1397
|
+
<param pos="0" name="service.product" value="OpenSSH"/>
|
1398
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
1399
|
+
<param pos="0" name="os.vendor" value="Debian"/>
|
1400
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1401
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1402
|
+
<param pos="0" name="os.version" value="10.1"/>
|
1403
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.1"/>
|
1404
|
+
</fingerprint>
|
1405
|
+
|
1406
|
+
<fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u2)$">
|
1407
|
+
<description>OpenSSH running on Debian 10.2 (buster)</description>
|
1408
|
+
<example service.version="7.9p1" openssh.comment="Debian-10+deb10u2">OpenSSH_7.9p1 Debian-10+deb10u2</example>
|
1409
|
+
<param pos="1" name="service.version"/>
|
1410
|
+
<param pos="2" name="openssh.comment"/>
|
1411
|
+
<param pos="0" name="service.vendor" value="OpenBSD"/>
|
1412
|
+
<param pos="0" name="service.family" value="OpenSSH"/>
|
1413
|
+
<param pos="0" name="service.product" value="OpenSSH"/>
|
1414
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
|
1415
|
+
<param pos="0" name="os.vendor" value="Debian"/>
|
1416
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1417
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1418
|
+
<param pos="0" name="os.version" value="10.2"/>
|
1419
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.2"/>
|
1420
|
+
</fingerprint>
|
1421
|
+
|
1422
|
+
<fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\S+)$">
|
1423
|
+
<description>OpenSSH running on Debian 10.x (buster catchall)</description>
|
1335
1424
|
<example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
|
1336
1425
|
<param pos="1" name="service.version"/>
|
1337
1426
|
<param pos="2" name="openssh.comment"/>
|
@@ -2019,7 +2108,12 @@
|
|
2019
2108
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
2020
2109
|
<param pos="0" name="os.family" value="Data ONTAP"/>
|
2021
2110
|
<param pos="0" name="os.product" value="Data ONTAP"/>
|
2111
|
+
<param pos="0" name="os.device" value="NAS"/>
|
2022
2112
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
|
2113
|
+
<param pos="0" name="hw.vendor" value="NetApp"/>
|
2114
|
+
<param pos="0" name="hw.family" value="Data ONTAP"/>
|
2115
|
+
<param pos="0" name="hw.product" value="Data ONTAP"/>
|
2116
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
2023
2117
|
</fingerprint>
|
2024
2118
|
|
2025
2119
|
<fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
|
@@ -2125,6 +2219,19 @@
|
|
2125
2219
|
<param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
|
2126
2220
|
</fingerprint>
|
2127
2221
|
|
2222
|
+
<fingerprint pattern="^Zyxel SSH server$">
|
2223
|
+
<description>Zyxel Firewall SSH service</description>
|
2224
|
+
<example>Zyxel SSH server</example>
|
2225
|
+
<param pos="0" name="service.vendor" value="Zyxel"/>
|
2226
|
+
<param pos="0" name="service.family" value="Zywall"/>
|
2227
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
2228
|
+
<param pos="0" name="os.product" value="ZyNOS firmware"/>
|
2229
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:zyxel:zynos_firmware:-"/>
|
2230
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
2231
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
2232
|
+
<param pos="0" name="hw.family" value="Unified Security Gateway"/>
|
2233
|
+
</fingerprint>
|
2234
|
+
|
2128
2235
|
<!--
|
2129
2236
|
1.2.22j4rad
|
2130
2237
|
2.40
|
data/xml/telnet_banners.xml
CHANGED
@@ -550,7 +550,7 @@
|
|
550
550
|
</example>
|
551
551
|
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
552
552
|
<param pos="0" name="hw.family" value="GXV"/>
|
553
|
-
<param pos="0" name="hw.device" value="
|
553
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
554
554
|
<param pos="1" name="hw.product"/>
|
555
555
|
</fingerprint>
|
556
556
|
|
@@ -617,7 +617,7 @@
|
|
617
617
|
<param pos="0" name="hw.vendor" value="SMA Solar Technology Ag"/>
|
618
618
|
<param pos="0" name="hw.family" value="Sunny"/>
|
619
619
|
<param pos="0" name="hw.product" value="WebBox"/>
|
620
|
-
<param pos="0" name="hw.device" value="Power
|
620
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
621
621
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
622
622
|
<param pos="0" name="os.family" value="Windows"/>
|
623
623
|
<param pos="0" name="os.product" value="Windows CE"/>
|
@@ -1064,6 +1064,7 @@
|
|
1064
1064
|
<param pos="0" name="hw.family" value="EDR"/>
|
1065
1065
|
<param pos="0" name="hw.device" value="Router"/>
|
1066
1066
|
<param pos="0" name="hw.product" value="EDR-G902"/>
|
1067
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
|
1067
1068
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
1068
1069
|
<param pos="0" name="os.family" value="EDR"/>
|
1069
1070
|
<param pos="0" name="os.device" value="Router"/>
|
@@ -1234,7 +1235,7 @@
|
|
1234
1235
|
</fingerprint>
|
1235
1236
|
|
1236
1237
|
<fingerprint pattern="^Welcome to ViewStation">
|
1237
|
-
<description>Polycom ViewStation Video
|
1238
|
+
<description>Polycom ViewStation Video Conference System</description>
|
1238
1239
|
<!-- Welcome to ViewStation\nPassword: -->
|
1239
1240
|
|
1240
1241
|
<example _encoding="base64">
|
@@ -1252,7 +1253,7 @@
|
|
1252
1253
|
Rmxvd1BvaW50LzIyMDAgU0RTTCBbQVRNXSBSb3V0ZXIgZnAyMjAwLTEyIHYzLjAuMiBSZWFkeQpMb2dpbjog
|
1253
1254
|
</example>
|
1254
1255
|
<param pos="0" name="os.vendor" value="FlowPoint"/>
|
1255
|
-
<param pos="0" name="hw.device" value="Broadband
|
1256
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1256
1257
|
<param pos="0" name="hw.product" value="DSL Router"/>
|
1257
1258
|
<param pos="1" name="hw.model"/>
|
1258
1259
|
<param pos="2" name="os.version"/>
|
@@ -1267,7 +1268,7 @@
|
|
1267
1268
|
MpIDIwMDEtMjAwMyBieSBHbG9iZXNwYW5WaXJhdGEsIEluYy4KCgpsb2dpbjog
|
1268
1269
|
</example>
|
1269
1270
|
<param pos="0" name="os.vendor" value="Conexant"/>
|
1270
|
-
<param pos="0" name="hw.device" value="Broadband
|
1271
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1271
1272
|
<param pos="1" name="os.version"/>
|
1272
1273
|
</fingerprint>
|
1273
1274
|
|
@@ -1491,7 +1492,12 @@
|
|
1491
1492
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
1492
1493
|
<param pos="0" name="os.family" value="Data ONTAP"/>
|
1493
1494
|
<param pos="0" name="os.product" value="Data ONTAP"/>
|
1495
|
+
<param pos="0" name="os.device" value="NAS"/>
|
1494
1496
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
|
1497
|
+
<param pos="0" name="hw.vendor" value="NetApp"/>
|
1498
|
+
<param pos="0" name="hw.family" value="Data ONTAP"/>
|
1499
|
+
<param pos="0" name="hw.product" value="Data ONTAP"/>
|
1500
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
1495
1501
|
</fingerprint>
|
1496
1502
|
|
1497
1503
|
<fingerprint pattern="OpenVMS.*Version\sV([^\s]+).*">
|
@@ -1573,7 +1579,7 @@
|
|
1573
1579
|
T1JUPj4+TE9HT04gUEFTU1dPUkQ+My4yNyoqKioqKg==
|
1574
1580
|
</example>
|
1575
1581
|
<param pos="0" name="os.vendor" value="Conexant"/>
|
1576
|
-
<param pos="0" name="os.device" value="Broadband
|
1582
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
1577
1583
|
<param pos="0" name="os.product" value="AccessRunner ADSL router"/>
|
1578
1584
|
</fingerprint>
|
1579
1585
|
|
@@ -1586,7 +1592,7 @@
|
|
1586
1592
|
RoZSBjb25uZWN0aW9uIHJlcXVlc3QgISEh
|
1587
1593
|
</example>
|
1588
1594
|
<param pos="0" name="hw.vendor" value="DrayTek"/>
|
1589
|
-
<param pos="0" name="hw.device" value="Broadband
|
1595
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
1590
1596
|
<param pos="0" name="hw.product" value="Vigor"/>
|
1591
1597
|
</fingerprint>
|
1592
1598
|
|
@@ -1943,9 +1949,9 @@
|
|
1943
1949
|
<example _encoding="base64" os.version="2.90.00">
|
1944
1950
|
UHJlY2lzZS9SVENTIHYyLjkwLjAwIFRlbG5ldCBzZXJ2ZXIKCgpTZXJ2aWNlIFBvcnQgTWFuYWdlciBBY3RpdmUKCjxFc2M+IEVuZHMgU2Vzc2lvbgoKroot
|
1945
1951
|
</example>
|
1946
|
-
<param pos="0" name="hw.device" value="Power
|
1952
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
1947
1953
|
<param pos="0" name="hw.vendor" value="Liebert"/>
|
1948
|
-
<param pos="0" name="os.device" value="Power
|
1954
|
+
<param pos="0" name="os.device" value="Power Device"/>
|
1949
1955
|
<param pos="0" name="os.vendor" value="Liebert"/>
|
1950
1956
|
<param pos="1" name="os.version"/>
|
1951
1957
|
</fingerprint>
|
@@ -2065,4 +2071,23 @@
|
|
2065
2071
|
<param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
|
2066
2072
|
</fingerprint>
|
2067
2073
|
|
2074
|
+
<fingerprint pattern="^(?:\r|\n|\s)*UDP/TCP/IP Stack: ACT Video security">
|
2075
|
+
<description>ACT Security IP Cameras</description>
|
2076
|
+
<!--
|
2077
|
+
UDP/TCP/IP Stack: ACT Video security\r\n
|
2078
|
+
V5.8\r\n
|
2079
|
+
Welcome connection : 192.168.0.1:61300\r\n
|
2080
|
+
\r\n
|
2081
|
+
Password:
|
2082
|
+
-->
|
2083
|
+
|
2084
|
+
<example _encoding="base64">
|
2085
|
+
VURQL1RDUC9JUCBTdGFjazogQUNUIFZpZGVvIHNlY3VyaXR5DQpWNS44DQpX
|
2086
|
+
ZWxjb21lIGNvbm5lY3Rpb24gOiAxOTIuMTY4LjAuMTo2MTMwMA0KDQpQYXNz
|
2087
|
+
d29yZDog
|
2088
|
+
</example>
|
2089
|
+
<param pos="0" name="hw.vendor" value="ACT Security"/>
|
2090
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
2091
|
+
</fingerprint>
|
2092
|
+
|
2068
2093
|
</fingerprints>
|
data/xml/tls_jarm.xml
ADDED
@@ -0,0 +1,139 @@
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
|
+
<fingerprints matches="tls.jarm" protocol="tls" database_type="service">
|
3
|
+
<!--
|
4
|
+
Fingerprint based on https://github.com/salesforce/jarm
|
5
|
+
-->
|
6
|
+
|
7
|
+
<fingerprint pattern="^2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa|2ad2ad16d2ad2ad22c2ad2ad2ad2adce2e4c8c53174ecbf5529ce7584d5518$|2ad2ad16d2ad2ad22c42d42d000000d342d5966a57139eeaff9f8bc4841b25$">
|
8
|
+
<description>Tor relay</description>
|
9
|
+
<example>2ad2ad16d2ad2ad00042d42d000000332dc9cd7d90589195193c8bb05d84fa</example>
|
10
|
+
<example>2ad2ad16d2ad2ad22c2ad2ad2ad2adce2e4c8c53174ecbf5529ce7584d5518</example>
|
11
|
+
<example>2ad2ad16d2ad2ad22c42d42d000000d342d5966a57139eeaff9f8bc4841b25</example>
|
12
|
+
<param pos="0" name="service.product" value="Tor"/>
|
13
|
+
<param pos="0" name="service.vendor" value="Tor Project"/>
|
14
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:torproject:tor:-"/>
|
15
|
+
</fingerprint>
|
16
|
+
|
17
|
+
<fingerprint pattern="^2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d$">
|
18
|
+
<description>Synology NAS</description>
|
19
|
+
<example>2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d</example>
|
20
|
+
<param pos="0" name="os.device" value="NAS"/>
|
21
|
+
<param pos="0" name="os.family" value="Linux"/>
|
22
|
+
<param pos="0" name="os.product" value="DSM"/>
|
23
|
+
<param pos="0" name="os.vendor" value="Synology"/>
|
24
|
+
<param pos="0" name="hw.vendor" value="Synology"/>
|
25
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
26
|
+
</fingerprint>
|
27
|
+
|
28
|
+
<fingerprint pattern="^2ad2ad16d2ad2ad22c2ad2ad2ad2ad7e5e7dc6f569c9c16238278a408347ef$">
|
29
|
+
<description>Ubiquiti EdgeRouter</description>
|
30
|
+
<example>2ad2ad16d2ad2ad22c2ad2ad2ad2ad7e5e7dc6f569c9c16238278a408347ef</example>
|
31
|
+
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
32
|
+
<param pos="0" name="hw.device" value="Router"/>
|
33
|
+
<param pos="0" name="hw.Product" value="EdgeRouter X"/>
|
34
|
+
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
35
|
+
<param pos="0" name="os.family" value="Linux"/>
|
36
|
+
<param pos="0" name="os.device" value="Router"/>
|
37
|
+
</fingerprint>
|
38
|
+
|
39
|
+
<fingerprint pattern="^07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d$">
|
40
|
+
<description>Metasploit listener</description>
|
41
|
+
<example>07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d</example>
|
42
|
+
<param pos="0" name="service.vendor" value="Rapid7"/>
|
43
|
+
<param pos="0" name="service.product" value="Metasploit"/>
|
44
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:rapid7:metasploit:-"/>
|
45
|
+
</fingerprint>
|
46
|
+
|
47
|
+
<!-- This fingerprint matches Java's TLS stack,
|
48
|
+
see https://blog.cobaltstrike.com/2020/12/08/a-red-teamer-plays-with-jarm/ for details -->
|
49
|
+
|
50
|
+
<fingerprint pattern="^07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1$">
|
51
|
+
<description>Cobalt Strike listener</description>
|
52
|
+
<example>07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1</example>
|
53
|
+
<param pos="0" name="service.vendor" value="Strategic Cyber LLC"/>
|
54
|
+
<param pos="0" name="service.product" value="Cobalt Strike Listener"/>
|
55
|
+
<param pos="0" name="service.certainty" value="0.3"/>
|
56
|
+
</fingerprint>
|
57
|
+
|
58
|
+
<fingerprint pattern="^04b02b00004b04b04b04b02b04b04b9674c6b4e623ae36cc2d998e99e2262e$">
|
59
|
+
<description>Ligowave WiFi access point</description>
|
60
|
+
<example>04b02b00004b04b04b04b02b04b04b9674c6b4e623ae36cc2d998e99e2262e</example>
|
61
|
+
<param pos="0" name="hw.vendor" value="Ligowave"/>
|
62
|
+
<param pos="0" name="hw.product" value="Infinity Controler"/>
|
63
|
+
</fingerprint>
|
64
|
+
|
65
|
+
<fingerprint pattern="^06d06d07d06d06d06c06d06d06d06d7991b0b1ad2cbf06082e3b1a9dcaaa8d$">
|
66
|
+
<description>D-Link DCS-825L WiFi baby camera</description>
|
67
|
+
<example>06d06d07d06d06d06c06d06d06d06d7991b0b1ad2cbf06082e3b1a9dcaaa8d</example>
|
68
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
69
|
+
<param pos="0" name="hw.product" value="DCS-825L"/>
|
70
|
+
</fingerprint>
|
71
|
+
|
72
|
+
<fingerprint pattern="^0ed3dd16d25d00000042d43d000000e9435856b7ee99e87c06831602602f2d$">
|
73
|
+
<description>LANCOM Systems - 883 VoIP</description>
|
74
|
+
<example>0ed3dd16d25d00000042d43d000000e9435856b7ee99e87c06831602602f2d</example>
|
75
|
+
<param pos="0" name="hw.vendor" value="LANCOM Systems"/>
|
76
|
+
<param pos="0" name="hw.product" value="883 VoIP"/>
|
77
|
+
</fingerprint>
|
78
|
+
|
79
|
+
<fingerprint pattern="^21d14d00021d21d21c42d43d00041d320c989d4ed06a7e9d3133ba36bb2752$">
|
80
|
+
<description>Apple CUPS - web interface</description>
|
81
|
+
<example>21d14d00021d21d21c42d43d00041d320c989d4ed06a7e9d3133ba36bb2752</example>
|
82
|
+
<param pos="0" name="service.vendor" value="Apple"/>
|
83
|
+
<param pos="0" name="service.product" value="CUPS"/>
|
84
|
+
<param pos="0" name="service.family" value="CUPS"/>
|
85
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:apple:cups:-"/>
|
86
|
+
</fingerprint>
|
87
|
+
|
88
|
+
<fingerprint pattern="^0bd14d0000bd0bd0000bd14d0bd0bd6b64279c20472e17718ddea38ab610fa$">
|
89
|
+
<description>Netgear R Series</description>
|
90
|
+
<example>0bd14d0000bd0bd0000bd14d0bd0bd6b64279c20472e17718ddea38ab610fa</example>
|
91
|
+
<param pos="0" name="hw.vendor" value="Netgear"/>
|
92
|
+
<param pos="0" name="hw.product" value="R Series"/>
|
93
|
+
</fingerprint>
|
94
|
+
|
95
|
+
<fingerprint pattern="^2ad2ad16d2ad2ad07c2ad2ad2ad2ad4271ee10d978b0aecbc22f1de60ab611$">
|
96
|
+
<description>Netgear Orbi-micro</description>
|
97
|
+
<example>2ad2ad16d2ad2ad07c2ad2ad2ad2ad4271ee10d978b0aecbc22f1de60ab611</example>
|
98
|
+
<param pos="0" name="hw.vendor" value="Netgear"/>
|
99
|
+
<param pos="0" name="hw.product" value="Orbi micro"/>
|
100
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
101
|
+
<param pos="0" name="hw.family" value="Orbi"/>
|
102
|
+
</fingerprint>
|
103
|
+
|
104
|
+
<fingerprint pattern="^04d02d00004d04d04c04d02d04d04d9674c6b4e623ae36cc2d998e99e2262e$">
|
105
|
+
<description>Netgear D Series</description>
|
106
|
+
<example>04d02d00004d04d04c04d02d04d04d9674c6b4e623ae36cc2d998e99e2262e</example>
|
107
|
+
<param pos="0" name="hw.vendor" value="Netgear"/>
|
108
|
+
<param pos="0" name="hw.product" value="D Series"/>
|
109
|
+
</fingerprint>
|
110
|
+
|
111
|
+
<fingerprint pattern="^21d3fd00021d21d21c21d3fd21d21d89188428dae58757cf803176e9701156$">
|
112
|
+
<description>Chromecast</description>
|
113
|
+
<example>21d3fd00021d21d21c21d3fd21d21d89188428dae58757cf803176e9701156</example>
|
114
|
+
<param pos="0" name="os.vendor" value="Google"/>
|
115
|
+
<param pos="0" name="os.product" value="Chrome OS"/>
|
116
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
117
|
+
<param pos="0" name="hw.device" value="Media Server"/>
|
118
|
+
<param pos="0" name="hw.vendor" value="Google"/>
|
119
|
+
<param pos="0" name="hw.product" value="Chromecast"/>
|
120
|
+
</fingerprint>
|
121
|
+
|
122
|
+
<fingerprint pattern="^21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601$">
|
123
|
+
<description>VMWare ESXi</description>
|
124
|
+
<example>21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601</example>
|
125
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
126
|
+
<param pos="0" name="os.family" value="VMware ESX/ESXi"/>
|
127
|
+
<param pos="0" name="os.product" value="ESXi"/>
|
128
|
+
<param pos="0" name="os.device" value="Hypervisor"/>
|
129
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:-"/>
|
130
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
131
|
+
</fingerprint>
|
132
|
+
|
133
|
+
<fingerprint pattern="^29d21b20d29d29d21c41d21b21b41d494e0df9532e75299f15ba73156cee38$">
|
134
|
+
<description>Merlin C2</description>
|
135
|
+
<example>29d21b20d29d29d21c41d21b21b41d494e0df9532e75299f15ba73156cee38</example>
|
136
|
+
<param pos="0" name="service.product" value="Merlin"/>
|
137
|
+
</fingerprint>
|
138
|
+
|
139
|
+
</fingerprints>
|