recog 2.3.14 → 2.3.19

Sign up to get free protection for your applications and to get access to all the features.
Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/.github/SECURITY.md +35 -0
  3. data/.github/workflows/ci.yml +26 -0
  4. data/.snyk +10 -0
  5. data/LICENSE +1 -1
  6. data/bin/recog_standardize +2 -2
  7. data/cpe-remap.yaml +55 -14
  8. data/identifiers/hw_device.txt +5 -4
  9. data/identifiers/hw_family.txt +12 -0
  10. data/identifiers/hw_product.txt +76 -6
  11. data/identifiers/os_architecture.txt +0 -10
  12. data/identifiers/os_device.txt +13 -31
  13. data/identifiers/os_family.txt +2 -95
  14. data/identifiers/os_product.txt +34 -117
  15. data/identifiers/service_family.txt +7 -36
  16. data/identifiers/service_product.txt +238 -92
  17. data/identifiers/vendor.txt +78 -193
  18. data/lib/recog/version.rb +1 -1
  19. data/requirements.txt +1 -1
  20. data/update_cpes.py +96 -48
  21. data/xml/dns_versionbind.xml +39 -16
  22. data/xml/favicons.xml +150 -17
  23. data/xml/ftp_banners.xml +21 -19
  24. data/xml/hp_pjl_id.xml +1 -1
  25. data/xml/html_title.xml +200 -23
  26. data/xml/http_cookies.xml +89 -1
  27. data/xml/http_servers.xml +144 -18
  28. data/xml/http_wwwauth.xml +28 -20
  29. data/xml/ldap_searchresult.xml +9 -6
  30. data/xml/mdns_device-info_txt.xml +308 -10
  31. data/xml/ntp_banners.xml +9 -1
  32. data/xml/operating_system.xml +1 -0
  33. data/xml/rtsp_servers.xml +7 -0
  34. data/xml/sip_banners.xml +344 -8
  35. data/xml/sip_user_agents.xml +320 -7
  36. data/xml/smb_native_lm.xml +32 -1
  37. data/xml/smb_native_os.xml +158 -33
  38. data/xml/smtp_banners.xml +7 -2
  39. data/xml/smtp_help.xml +2 -0
  40. data/xml/smtp_vrfy.xml +2 -1
  41. data/xml/snmp_sysdescr.xml +252 -86
  42. data/xml/ssh_banners.xml +118 -11
  43. data/xml/telnet_banners.xml +34 -9
  44. data/xml/tls_jarm.xml +139 -0
  45. data/xml/x509_issuers.xml +24 -5
  46. data/xml/x509_subjects.xml +97 -17
  47. metadata +6 -5
  48. data/identifiers/software_class.txt +0 -26
  49. data/identifiers/software_family.txt +0 -91
  50. data/identifiers/software_product.txt +0 -333
data/xml/ftp_banners.xml CHANGED
@@ -360,10 +360,11 @@ example.com FTP server (Version: Mac OS X Server) ready.</example>
360
360
  <example service.version="1.0.11">=(&lt;*&gt;)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(&lt;*&gt;)=-</example>
361
361
  <example service.version="1.0.11">=(&lt;*&gt;)=-.:. (( Welcome to Pure-FTPd 1.0.11 )) .:.-=(&lt;*&gt;)=-&#13;
362
362
  more stuff</example>
363
- <param pos="0" name="service.fvendor" value="PureFTPd"/>
363
+ <param pos="0" name="service.vendor" value="PureFTPd"/>
364
364
  <param pos="0" name="service.family" value="Pure-FTPd"/>
365
365
  <param pos="0" name="service.product" value="Pure-FTPd"/>
366
366
  <param pos="1" name="service.version"/>
367
+ <param pos="0" name="service.cpe23" value="cpe:/a:pureftpd:pure-ftpd:{service.version}"/>
367
368
  </fingerprint>
368
369
 
369
370
  <fingerprint pattern="^-{9,10}(?:.*)\s+Pure-FTPd\s+(.*)-{9,10}">
@@ -522,9 +523,9 @@ more text</example>
522
523
  <param pos="0" name="service.vendor" value="APC"/>
523
524
  <param pos="0" name="service.product" value="FTP"/>
524
525
  <param pos="0" name="os.vendor" value="APC"/>
525
- <param pos="0" name="os.device" value="Power device"/>
526
+ <param pos="0" name="os.device" value="Power Device"/>
526
527
  <param pos="0" name="hw.vendor" value="APC"/>
527
- <param pos="0" name="hw.device" value="Power device"/>
528
+ <param pos="0" name="hw.device" value="Power Device"/>
528
529
  </fingerprint>
529
530
 
530
531
  <fingerprint pattern="^(\S+) Network Management Card AOS v(\d+\..+) FTP server ready\.$">
@@ -537,11 +538,11 @@ more text</example>
537
538
  <param pos="0" name="service.family" value="AOS"/>
538
539
  <param pos="2" name="service.version"/>
539
540
  <param pos="0" name="os.vendor" value="APC"/>
540
- <param pos="0" name="os.device" value="Power device"/>
541
+ <param pos="0" name="os.device" value="Power Device"/>
541
542
  <param pos="1" name="os.product"/>
542
543
  <param pos="2" name="os.version"/>
543
544
  <param pos="0" name="hw.vendor" value="APC"/>
544
- <param pos="0" name="hw.device" value="Power device"/>
545
+ <param pos="0" name="hw.device" value="Power Device"/>
545
546
  </fingerprint>
546
547
 
547
548
  <fingerprint pattern="^(\S+) FTP server \(EMC-SNAS: ([^\)]+)\)(?: \S+)?$">
@@ -560,6 +561,7 @@ more text</example>
560
561
  <param pos="0" name="hw.vendor" value="EMC"/>
561
562
  <param pos="0" name="hw.device" value="Storage"/>
562
563
  <param pos="0" name="hw.product" value="Celerra"/>
564
+ <param pos="0" name="hw.cpe23" value="cpe:/h:emc:celerra_network_attached_storage:-"/>
563
565
  </fingerprint>
564
566
 
565
567
  <fingerprint pattern="^JD FTP Server Ready.*$">
@@ -603,7 +605,7 @@ more text</example>
603
605
  <param pos="0" name="service.vendor" value="Blue Coat"/>
604
606
  <param pos="0" name="service.product" value="Proxy"/>
605
607
  <param pos="0" name="os.vendor" value="Blue Coat"/>
606
- <param pos="0" name="os.device" value="Web proxy"/>
608
+ <param pos="0" name="os.device" value="Web Proxy"/>
607
609
  </fingerprint>
608
610
 
609
611
  <fingerprint pattern="^---freeFTPd 1.0---warFTPd 1.65---$">
@@ -634,7 +636,7 @@ more text</example>
634
636
  <param pos="0" name="os.vendor" value="IBM"/>
635
637
  <param pos="0" name="os.product" value="4690"/>
636
638
  <param pos="0" name="os.family" value="4690"/>
637
- <param pos="0" name="os.device" value="Point of sale"/>
639
+ <param pos="0" name="os.device" value="Point of Sale"/>
638
640
  </fingerprint>
639
641
 
640
642
  <fingerprint pattern="^([^ ]+) NcFTPd Server \(licensed copy\) ready\.$">
@@ -651,7 +653,7 @@ more text</example>
651
653
  <example>hostname DCS-2100 FTP server ready.</example>
652
654
  <param pos="0" name="os.vendor" value="D-Link"/>
653
655
  <param pos="0" name="os.product" value="DCS-2100"/>
654
- <param pos="0" name="os.device" value="Web cam"/>
656
+ <param pos="0" name="os.device" value="IP Camera"/>
655
657
  <param pos="1" name="host.name"/>
656
658
  </fingerprint>
657
659
 
@@ -682,12 +684,12 @@ more text</example>
682
684
  <example hw.product="233D" hw.version="4.48.4">AXIS 233D Network Dome Camera 4.48.4 (Mar 23 2010) ready.</example>
683
685
  <example hw.product="P1346" hw.version="5.50beta3">AXIS P1346 Network Camera 5.50beta3 (2014) ready</example>
684
686
  <param pos="0" name="hw.vendor" value="Axis"/>
685
- <param pos="0" name="hw.device" value="Web cam"/>
687
+ <param pos="0" name="hw.device" value="IP Camera"/>
686
688
  <param pos="1" name="hw.product"/>
687
689
  <param pos="2" name="hw.version"/>
688
690
  <param pos="0" name="os.vendor" value="AXIS"/>
689
691
  <param pos="0" name="os.family" value="Linux"/>
690
- <param pos="0" name="os.device" value="Web cam"/>
692
+ <param pos="0" name="os.device" value="IP Camera"/>
691
693
  </fingerprint>
692
694
 
693
695
  <fingerprint pattern="(?i)^AXIS (\S+) (?:(?:Mk II )?Video) (?:Encoder|Encoder Blade|Module|Server|Decoder) (\S+) .*">
@@ -732,7 +734,7 @@ more text</example>
732
734
  <example hw.product="560">AXIS 560 FTP Network Print Server V6.00 Jul 7 1999 ready.</example>
733
735
  <example hw.version="6.30.beta2">AXIS 5470e FTP Network Print Server V6.30.beta2 Sep 25 2002 ready.</example>
734
736
  <param pos="0" name="hw.vendor" value="Axis"/>
735
- <param pos="0" name="hw.device" value="Print server"/>
737
+ <param pos="0" name="hw.device" value="Print Server"/>
736
738
  <param pos="1" name="hw.product"/>
737
739
  <param pos="2" name="hw.version"/>
738
740
  </fingerprint>
@@ -986,7 +988,7 @@ more text</example>
986
988
  <example hw.product="10/100 +IPDS" os.version="1.0">LinkCom Xpress 10/100 +IPDS FTP version 1.0 ready</example>
987
989
  <param pos="0" name="hw.vendor" value="MPI Technologies"/>
988
990
  <param pos="0" name="hw.family" value="LinkCom Xpress"/>
989
- <param pos="0" name="hw.device" value="Print server"/>
991
+ <param pos="0" name="hw.device" value="Print Server"/>
990
992
  <param pos="1" name="hw.product"/>
991
993
  <param pos="2" name="os.version"/>
992
994
  </fingerprint>
@@ -996,7 +998,7 @@ more text</example>
996
998
  <example hw.product="EIO PRO 10">LinkCom Xpress EIO PRO 10</example>
997
999
  <param pos="0" name="hw.vendor" value="MPI Technologies"/>
998
1000
  <param pos="0" name="hw.family" value="LinkCom Xpress"/>
999
- <param pos="0" name="hw.device" value="Print server"/>
1001
+ <param pos="0" name="hw.device" value="Print Server"/>
1000
1002
  <param pos="1" name="hw.product"/>
1001
1003
  </fingerprint>
1002
1004
 
@@ -1039,7 +1041,7 @@ more text</example>
1039
1041
  <example>EUFSALE MarkNet X2011e FTP Server 4.20.21 ready.</example>
1040
1042
  <param pos="0" name="os.vendor" value="Lexmark"/>
1041
1043
  <param pos="0" name="os.family" value="MarkNet"/>
1042
- <param pos="0" name="os.device" value="Print server"/>
1044
+ <param pos="0" name="os.device" value="Print Server"/>
1043
1045
  <param pos="1" name="os.product"/>
1044
1046
  <param pos="2" name="os.version"/>
1045
1047
  </fingerprint>
@@ -1189,11 +1191,11 @@ more text</example>
1189
1191
  <example>ESI-2999A Version 6.30a.07 ready.</example>
1190
1192
  <param pos="0" name="os.vendor" value="Sybase"/>
1191
1193
  <param pos="0" name="os.family" value="Extended Systems ExtendNet"/>
1192
- <param pos="0" name="os.device" value="Print server"/>
1194
+ <param pos="0" name="os.device" value="Print Server"/>
1193
1195
  <param pos="1" name="os.product"/>
1194
1196
  <param pos="2" name="os.version"/>
1195
1197
  <param pos="0" name="hw.family" value="Extended Systems ExtendNet"/>
1196
- <param pos="0" name="hw.device" value="Print server"/>
1198
+ <param pos="0" name="hw.device" value="Print Server"/>
1197
1199
  <param pos="1" name="hw.product"/>
1198
1200
  </fingerprint>
1199
1201
 
@@ -1233,7 +1235,7 @@ more text</example>
1233
1235
  <param pos="0" name="service.product" value="Fiery Print Server"/>
1234
1236
  <param pos="0" name="os.vendor" value="EFI"/>
1235
1237
  <param pos="0" name="os.product" value="Fiery Print Server"/>
1236
- <param pos="0" name="os.device" value="Print server"/>
1238
+ <param pos="0" name="os.device" value="Print Server"/>
1237
1239
  </fingerprint>
1238
1240
 
1239
1241
  <!-- Conjectured based on known MX FTP fingerprints -->
@@ -1289,11 +1291,11 @@ more text</example>
1289
1291
  <example os.version="V56.17.5Z">ZBR-79071 Version V56.17.5Z ready.</example>
1290
1292
  <example os.version="7.02">ZBR-46687 Version 7.02 ready.</example>
1291
1293
  <param pos="0" name="os.vendor" value="ZebraNet"/>
1292
- <param pos="0" name="os.device" value="Print server"/>
1294
+ <param pos="0" name="os.device" value="Print Server"/>
1293
1295
  <param pos="1" name="os.product"/>
1294
1296
  <param pos="2" name="os.version"/>
1295
1297
  <param pos="0" name="hw.vendor" value="ZebraNet"/>
1296
- <param pos="0" name="hw.device" value="Print server"/>
1298
+ <param pos="0" name="hw.device" value="Print Server"/>
1297
1299
  <param pos="1" name="hw.product"/>
1298
1300
  </fingerprint>
1299
1301
 
data/xml/hp_pjl_id.xml CHANGED
@@ -393,7 +393,7 @@
393
393
  <example>EX4112-4127</example>
394
394
  <param pos="0" name="os.vendor" value="Xerox"/>
395
395
  <param pos="0" name="os.family" value="EX"/>
396
- <param pos="0" name="os.device" value="Print server"/>
396
+ <param pos="0" name="os.device" value="Print Server"/>
397
397
  <param pos="1" name="os.product"/>
398
398
  </fingerprint>
399
399
 
data/xml/html_title.xml CHANGED
@@ -255,6 +255,7 @@
255
255
  <param pos="0" name="hw.vendor" value="Philips"/>
256
256
  <param pos="0" name="hw.product" value="Hue"/>
257
257
  <param pos="0" name="hw.device" value="Light Bulb"/>
258
+ <param pos="0" name="hw.cpe23" value="cpe:/h:philips:hue:-"/>
258
259
  </fingerprint>
259
260
 
260
261
  <fingerprint pattern="LANDesk\(R\) Management Agent$">
@@ -378,8 +379,10 @@
378
379
  <param pos="0" name="os.vendor" value="Ubiquiti"/>
379
380
  <param pos="0" name="os.family" value="Linux"/>
380
381
  <param pos="0" name="os.product" value="EdgeOS"/>
382
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
381
383
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
382
384
  <param pos="0" name="hw.product" value="EdgeSwitch"/>
385
+ <param pos="0" name="hw.cpe23" value="cpe:/h:ui:edgeswitch:-"/>
383
386
  </fingerprint>
384
387
 
385
388
  <fingerprint pattern="^EdgeOS$">
@@ -388,6 +391,7 @@
388
391
  <param pos="0" name="os.vendor" value="Ubiquiti"/>
389
392
  <param pos="0" name="os.family" value="Linux"/>
390
393
  <param pos="0" name="os.product" value="EdgeOS"/>
394
+ <param pos="0" name="os.cpe23" value="cpe:/o:ui:edgeos:-"/>
391
395
  <param pos="0" name="hw.vendor" value="Ubiquiti"/>
392
396
  </fingerprint>
393
397
 
@@ -592,6 +596,14 @@
592
596
  <param pos="0" name="hw.product" value="Lantick Ethernet Relay Controller"/>
593
597
  </fingerprint>
594
598
 
599
+ <fingerprint pattern="^XYTRONIX Relay$">
600
+ <description>Xytronix Relay</description>
601
+ <example>XYTRONIX Relay</example>
602
+ <param pos="0" name="hw.vendor" value="Xytronix"/>
603
+ <param pos="0" name="hw.device" value="Relay Controller"/>
604
+ <param pos="0" name="hw.product" value="Ethernet Relay Controller"/>
605
+ </fingerprint>
606
+
595
607
  <fingerprint pattern="^(myUTN(?:-[a-zA-Z0-9]+)?) Control Center$">
596
608
  <description>myUTN Device Server</description>
597
609
  <example hw.product="myUTN-50a">myUTN-50a Control Center</example>
@@ -621,14 +633,14 @@
621
633
  <description>Eltek Power Controller</description>
622
634
  <example>WebPower</example>
623
635
  <param pos="0" name="hw.vendor" value="Eltek"/>
624
- <param pos="0" name="hw.device" value="Power device"/>
636
+ <param pos="0" name="hw.device" value="Power Device"/>
625
637
  </fingerprint>
626
638
 
627
639
  <fingerprint pattern="(Expert Power Control NET \d+x\d+) - (.*)$">
628
640
  <description>Gude Expert Power Control</description>
629
641
  <example host.name="Rack42" hw.product="Expert Power Control NET 2x6">Expert Power Control NET 2x6 - Rack42</example>
630
642
  <param pos="0" name="hw.vendor" value="Gude"/>
631
- <param pos="0" name="hw.device" value="Power device"/>
643
+ <param pos="0" name="hw.device" value="Power Device"/>
632
644
  <param pos="1" name="hw.product"/>
633
645
  <param pos="2" name="host.name"/>
634
646
  </fingerprint>
@@ -637,7 +649,7 @@
637
649
  <description>Sentry Switched CDU</description>
638
650
  <example>Sentry Switched CDU</example>
639
651
  <param pos="0" name="hw.vendor" value="ServerTech"/>
640
- <param pos="0" name="hw.device" value="Power device"/>
652
+ <param pos="0" name="hw.device" value="Power Device"/>
641
653
  <param pos="0" name="hw.product" value="Sentry Switched CDU"/>
642
654
  </fingerprint>
643
655
 
@@ -645,7 +657,7 @@
645
657
  <description>Emerson Network Power Rack PDU Card</description>
646
658
  <example>Emerson Network Power Rack PDU Card</example>
647
659
  <param pos="0" name="hw.vendor" value="Emerson"/>
648
- <param pos="0" name="hw.device" value="Power device"/>
660
+ <param pos="0" name="hw.device" value="Power Device"/>
649
661
  <param pos="0" name="hw.product" value="Rack PDU Card"/>
650
662
  </fingerprint>
651
663
 
@@ -656,7 +668,7 @@
656
668
  <example hw.vendor="Vertiv">Vertiv IntelliSlot Web Card</example>
657
669
  <example hw.vendor="Liebert">Liebert IntelliSlot Web Card</example>
658
670
  <param pos="1" name="hw.vendor"/>
659
- <param pos="0" name="hw.device" value="Power device"/>
671
+ <param pos="0" name="hw.device" value="Power Device"/>
660
672
  <param pos="0" name="hw.product" value="IntelliSlot Web Card"/>
661
673
  </fingerprint>
662
674
 
@@ -664,7 +676,7 @@
664
676
  <description>ConnectUPS Web/SNMP Card</description>
665
677
  <example>ConnectUPS Web/SNMP Card</example>
666
678
  <param pos="0" name="hw.vendor" value="APC"/>
667
- <param pos="0" name="hw.device" value="Power device"/>
679
+ <param pos="0" name="hw.device" value="Power Device"/>
668
680
  <param pos="0" name="hw.product" value="ConnectUPS Web Card"/>
669
681
  </fingerprint>
670
682
 
@@ -1001,7 +1013,7 @@
1001
1013
  <description>Cisco IP Camera</description>
1002
1014
  <example>Cisco IP Camera</example>
1003
1015
  <param pos="0" name="hw.vendor" value="Cisco"/>
1004
- <param pos="0" name="hw.device" value="Web cam"/>
1016
+ <param pos="0" name="hw.device" value="IP Camera"/>
1005
1017
  </fingerprint>
1006
1018
 
1007
1019
  <fingerprint pattern="^Cisco TelePresence MCU">
@@ -1158,19 +1170,19 @@
1158
1170
  <description>Axis Communications Web Cam</description>
1159
1171
  <example>AXIS</example>
1160
1172
  <param pos="0" name="hw.vendor" value="AXIS"/>
1161
- <param pos="0" name="hw.device" value="Web cam"/>
1173
+ <param pos="0" name="hw.device" value="IP Camera"/>
1162
1174
  <param pos="0" name="os.vendor" value="AXIS"/>
1163
1175
  <param pos="0" name="os.family" value="Linux"/>
1164
- <param pos="0" name="os.device" value="Web cam"/>
1176
+ <param pos="0" name="os.device" value="IP Camera"/>
1165
1177
  </fingerprint>
1166
1178
 
1167
1179
  <fingerprint pattern="^Hanwha Techwin$">
1168
1180
  <description>Hanwha Techwin IP Camera</description>
1169
1181
  <example>Hanwha Techwin</example>
1170
1182
  <param pos="0" name="hw.vendor" value="Hanwha Techwin"/>
1171
- <param pos="0" name="hw.device" value="Web cam"/>
1183
+ <param pos="0" name="hw.device" value="IP Camera"/>
1172
1184
  <param pos="0" name="os.vendor" value="Hanwha Techwin"/>
1173
- <param pos="0" name="os.device" value="Web cam"/>
1185
+ <param pos="0" name="os.device" value="IP Camera"/>
1174
1186
  <param pos="0" name="os.family" value="Linux"/>
1175
1187
  </fingerprint>
1176
1188
 
@@ -1179,10 +1191,10 @@
1179
1191
  <example hw.product="WV-NS202A">WV-NS202A Network Camera</example>
1180
1192
  <example hw.product="WV-NS954">WV-NS954 Network Camera</example>
1181
1193
  <param pos="0" name="hw.vendor" value="Panasonic"/>
1182
- <param pos="0" name="hw.device" value="Web cam"/>
1194
+ <param pos="0" name="hw.device" value="IP Camera"/>
1183
1195
  <param pos="1" name="hw.product"/>
1184
1196
  <param pos="0" name="os.vendor" value="Panasonic"/>
1185
- <param pos="0" name="os.device" value="Web cam"/>
1197
+ <param pos="0" name="os.device" value="IP Camera"/>
1186
1198
  <param pos="0" name="os.family" value="Linux"/>
1187
1199
  </fingerprint>
1188
1200
 
@@ -1551,6 +1563,7 @@
1551
1563
  <example>Elastic Kibana</example>
1552
1564
  <param pos="0" name="service.vendor" value="Elastic"/>
1553
1565
  <param pos="0" name="service.product" value="Kibana"/>
1566
+ <param pos="0" name="service.cpe23" value="cpe:/a:elastic:kibana:-"/>
1554
1567
  </fingerprint>
1555
1568
 
1556
1569
  <fingerprint pattern="^Grafana$">
@@ -1592,6 +1605,14 @@
1592
1605
  <param pos="0" name="service.cpe23" value="cpe:/a:manageengine:opmanager:-"/>
1593
1606
  </fingerprint>
1594
1607
 
1608
+ <fingerprint pattern="^ManageEngine Desktop Central 9$">
1609
+ <description>ManageEngine Desktop Central 9</description>
1610
+ <example>ManageEngine Desktop Central 9</example>
1611
+ <param pos="0" name="service.vendor" value="ManageEngine"/>
1612
+ <param pos="0" name="service.product" value="Desktop Central"/>
1613
+ <param pos="0" name="service.cpe23" value="cpe:/a:manageengine:desktop_central:-"/>
1614
+ </fingerprint>
1615
+
1595
1616
  <fingerprint pattern="^ManageEngine ADAudit Plus$">
1596
1617
  <description>ManageEngineADAudit Plus</description>
1597
1618
  <example>ManageEngine ADAudit Plus</example>
@@ -1622,9 +1643,9 @@
1622
1643
  <fingerprint pattern="^Liebert OpenComms Network Interface Card$">
1623
1644
  <description>Liebert UPS</description>
1624
1645
  <example>Liebert OpenComms Network Interface Card</example>
1625
- <param pos="0" name="hw.device" value="Power device"/>
1646
+ <param pos="0" name="hw.device" value="Power Device"/>
1626
1647
  <param pos="0" name="hw.vendor" value="Liebert"/>
1627
- <param pos="0" name="os.device" value="Power device"/>
1648
+ <param pos="0" name="os.device" value="Power Device"/>
1628
1649
  <param pos="0" name="os.vendor" value="Liebert"/>
1629
1650
  </fingerprint>
1630
1651
 
@@ -1673,6 +1694,7 @@
1673
1694
  <param pos="0" name="service.family" value="NetScaler"/>
1674
1695
  <param pos="0" name="service.device" value="Network Management Device"/>
1675
1696
  <param pos="0" name="service.product" value="NetScaler Gateway"/>
1697
+ <param pos="0" name="service.cpe23" value="cpe:/a:citrix:netscaler_gateway:-"/>
1676
1698
  </fingerprint>
1677
1699
 
1678
1700
  <fingerprint pattern="^Citrix (?:NetScaler SDX|ADC SDX)$">
@@ -2000,7 +2022,7 @@
2000
2022
  <description>Mobotix Network Camera</description>
2001
2023
  <example>Redirect to userimage: /control/userimage.html</example>
2002
2024
  <param pos="0" name="hw.vendor" value="Mobotix"/>
2003
- <param pos="0" name="hw.device" value="Web cam"/>
2025
+ <param pos="0" name="hw.device" value="IP Camera"/>
2004
2026
  <param pos="0" name="hw.product" value="IP Camera"/>
2005
2027
  </fingerprint>
2006
2028
 
@@ -2059,6 +2081,7 @@
2059
2081
  <param pos="0" name="os.vendor" value="Data Domain"/>
2060
2082
  <param pos="0" name="os.product" value="DD OS"/>
2061
2083
  <param pos="0" name="os.device" value="Storage"/>
2084
+ <param pos="0" name="os.cpe23" value="cpe:/o:dell:emc_data_domain_os:-"/>
2062
2085
  <param pos="0" name="hw.vendor" value="Data Domain"/>
2063
2086
  <param pos="0" name="hw.product" value="DD OS"/>
2064
2087
  <param pos="0" name="hw.device" value="Storage"/>
@@ -2176,6 +2199,14 @@
2176
2199
  <param pos="0" name="service.product" value="Kiwi Syslog"/>
2177
2200
  </fingerprint>
2178
2201
 
2202
+ <fingerprint pattern="^SolarWinds Orion$">
2203
+ <description>SolarWinds Orion</description>
2204
+ <example>SolarWinds Orion</example>
2205
+ <param pos="0" name="service.vendor" value="SolarWinds"/>
2206
+ <param pos="0" name="service.product" value="Orion Platform"/>
2207
+ <param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:orion_platform:-"/>
2208
+ </fingerprint>
2209
+
2179
2210
  <fingerprint pattern="^ClickShare Configurator$">
2180
2211
  <description>ClickShare Wireless Presenter</description>
2181
2212
  <example>ClickShare Configurator</example>
@@ -2192,7 +2223,7 @@
2192
2223
  <example hw.product="IQA22N">IQA22N IQEYE1A1613: Live Images</example>
2193
2224
  <example hw.product="IQeye703">IQeye703 IQEYE011750: Live Images</example>
2194
2225
  <param pos="0" name="hw.vendor" value="IQinVision"/>
2195
- <param pos="0" name="hw.device" value="Web cam"/>
2226
+ <param pos="0" name="hw.device" value="IP Camera"/>
2196
2227
  <param pos="1" name="hw.product"/>
2197
2228
  </fingerprint>
2198
2229
 
@@ -2214,7 +2245,7 @@
2214
2245
  <description>Genetec AutoVu SharpV ALPR Camera</description>
2215
2246
  <example>Genetec - SHARPV01111</example>
2216
2247
  <param pos="0" name="hw.vendor" value="Genetec"/>
2217
- <param pos="0" name="hw.device" value="Web cam"/>
2248
+ <param pos="0" name="hw.device" value="IP Camera"/>
2218
2249
  <param pos="0" name="hw.product" value="AutoVu SharpV"/>
2219
2250
  </fingerprint>
2220
2251
 
@@ -2241,6 +2272,7 @@
2241
2272
  <example>TwonkyMedia server media browser</example>
2242
2273
  <param pos="0" name="service.vendor" value="Lynx Technology"/>
2243
2274
  <param pos="0" name="service.product" value="Twonky Media Server"/>
2275
+ <param pos="0" name="service.cpe23" value="cpe:/a:lynxtechnology:twonky_server:-"/>
2244
2276
  </fingerprint>
2245
2277
 
2246
2278
  <fingerprint pattern="^Spiceworks(?: Server Busy| Help Desk)?$">
@@ -2274,6 +2306,7 @@
2274
2306
  <example>SABnzbd - Log in</example>
2275
2307
  <param pos="0" name="service.vendor" value="SABnzbd"/>
2276
2308
  <param pos="0" name="service.product" value="SABnzbd"/>
2309
+ <param pos="0" name="service.cpe23" value="cpe:/a:sabnzbd:sabnzbd:-"/>
2277
2310
  </fingerprint>
2278
2311
 
2279
2312
  <fingerprint pattern="^(?:Zabbix|.*: Zabbix)$">
@@ -2344,6 +2377,9 @@
2344
2377
  <description>OpenMediaVault</description>
2345
2378
  <example host.name="raspberrypi">openmediavault control panel - raspberrypi</example>
2346
2379
  <example host.name="raspberrypi">OpenMediaVault web administration interface - raspberrypi</example>
2380
+ <param pos="0" name="service.vendor" value="OpenMediaVault"/>
2381
+ <param pos="0" name="service.product" value="OpenMediaVault"/>
2382
+ <param pos="0" name="service.cpe23" value="cpe:/a:openmediavault:openmediavault:-"/>
2347
2383
  <param pos="0" name="os.vendor" value="OpenMediaVault"/>
2348
2384
  <param pos="0" name="os.family" value="Linux"/>
2349
2385
  <param pos="0" name="os.product" value="OpenMediaVault"/>
@@ -2390,6 +2426,7 @@
2390
2426
  <param pos="0" name="service.vendor" value="CrushFTP"/>
2391
2427
  <param pos="0" name="service.product" value="CrushFTP Web Interface"/>
2392
2428
  <param pos="0" name="service.certainty" value="0.5"/>
2429
+ <param pos="0" name="service.cpe23" value="cpe:/a:crushftp:crushftp:-"/>
2393
2430
  </fingerprint>
2394
2431
 
2395
2432
  <fingerprint pattern="^OpenEdge Explorer$">
@@ -2397,6 +2434,7 @@
2397
2434
  <example>OpenEdge Explorer</example>
2398
2435
  <param pos="0" name="service.vendor" value="Progress"/>
2399
2436
  <param pos="0" name="service.product" value="OpenEdge Explorer"/>
2437
+ <param pos="0" name="service.cpe23" value="cpe:/a:progress:openedge:-"/>
2400
2438
  </fingerprint>
2401
2439
 
2402
2440
  <fingerprint pattern="^Consul by HashiCorp$">
@@ -2442,7 +2480,8 @@
2442
2480
  <example>Swagger UI</example>
2443
2481
  <example>Swagger Editor</example>
2444
2482
  <param pos="0" name="service.vendor" value="Swagger"/>
2445
- <param pos="0" name="service.product" value="UI"/>
2483
+ <param pos="0" name="service.product" value="Swagger UI"/>
2484
+ <param pos="0" name="service.cpe23" value="cpe:/a:smartbear:swagger_ui:-"/>
2446
2485
  </fingerprint>
2447
2486
 
2448
2487
  <fingerprint pattern="^Emby$">
@@ -2498,6 +2537,7 @@
2498
2537
  <example>SolarWinds Virtualization Manager</example>
2499
2538
  <param pos="0" name="service.vendor" value="SolarWinds"/>
2500
2539
  <param pos="0" name="service.product" value="Virtualization Manager"/>
2540
+ <param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:virtualization_manager:-"/>
2501
2541
  </fingerprint>
2502
2542
 
2503
2543
  <fingerprint pattern="^(?:Gitea: .*|LocalRepo|TurnKey Gitea)$">
@@ -2515,7 +2555,9 @@
2515
2555
  <description>Metasploit Pro (and Community Edition Web UI)</description>
2516
2556
  <example>Metasploit</example>
2517
2557
  <param pos="0" name="service.vendor" value="Rapid7"/>
2518
- <param pos="0" name="service.product" value="Metasploit Pro"/>
2558
+ <param pos="0" name="service.product" value="Metasploit"/>
2559
+ <param pos="0" name="service.edition" value="Pro"/>
2560
+ <param pos="0" name="service.cpe23" value="cpe:/a:rapid7:metasploit:-"/>
2519
2561
  </fingerprint>
2520
2562
 
2521
2563
  <fingerprint pattern="^Makito X Decoder$">
@@ -2559,6 +2601,7 @@
2559
2601
  <param pos="0" name="service.vendor" value="ownCloud"/>
2560
2602
  <param pos="0" name="service.product" value="ownCloud Server"/>
2561
2603
  <param pos="0" name="service.certainty" value="0.5"/>
2604
+ <param pos="0" name="service.cpe23" value="cpe:/a:owncloud:owncloud:-"/>
2562
2605
  </fingerprint>
2563
2606
 
2564
2607
  <fingerprint pattern="^Octopus Deploy$">
@@ -2588,8 +2631,9 @@
2588
2631
  <example>TurnKey Moodle</example>
2589
2632
  <example>New Site</example>
2590
2633
  <param pos="0" name="service.vendor" value="Moodle"/>
2591
- <param pos="0" name="service.product" value="Moodle CMS"/>
2634
+ <param pos="0" name="service.product" value="Moodle"/>
2592
2635
  <param pos="0" name="service.certainty" value="0.5"/>
2636
+ <param pos="0" name="service.cpe23" value="cpe:/a:moodle:moodle:-"/>
2593
2637
  </fingerprint>
2594
2638
 
2595
2639
  <fingerprint pattern="^ArchiveTeam Warrior$">
@@ -2637,11 +2681,13 @@
2637
2681
  <param pos="0" name="service.product" value="Security Scanner"/>
2638
2682
  </fingerprint>
2639
2683
 
2640
- <fingerprint pattern="^Kodi$">
2684
+ <fingerprint pattern="^(?:Chorus 2 - )?Kodi(?: web interface)?$">
2641
2685
  <description>Kodi Media Server</description>
2642
2686
  <example>Kodi</example>
2687
+ <example>Chorus 2 - Kodi web interface</example>
2643
2688
  <param pos="0" name="service.vendor" value="Kodi"/>
2644
2689
  <param pos="0" name="service.product" value="Media Server"/>
2690
+ <param pos="0" name="service.cpe23" value="cpe:/a:kodi:kodi:-"/>
2645
2691
  </fingerprint>
2646
2692
 
2647
2693
  <fingerprint pattern="^(?:Drupal|TurnKey Drupal\d+|Select an installation profile)$">
@@ -2652,6 +2698,7 @@
2652
2698
  <example>Select an installation profile</example>
2653
2699
  <param pos="0" name="service.vendor" value="Drupal"/>
2654
2700
  <param pos="0" name="service.product" value="CMS"/>
2701
+ <param pos="0" name="service.cpe23" value="cpe:/a:drupal:drupal:-"/>
2655
2702
  </fingerprint>
2656
2703
 
2657
2704
  <fingerprint pattern="^LibreNMS$">
@@ -2707,10 +2754,140 @@
2707
2754
  <fingerprint pattern="^Pulse Connect Secure - SSL">
2708
2755
  <description>Pulse Secure VPN</description>
2709
2756
  <example>Pulse Connect Secure - SSL</example>
2757
+ <param pos="0" name="service.vendor" value="Pulse Secure"/>
2758
+ <param pos="0" name="service.product" value="Pulse Connect Secure"/>
2759
+ <param pos="0" name="service.cpe23" value="cpe:/a:pulsesecure:pulse_connect_secure:-"/>
2710
2760
  <param pos="0" name="os.vendor" value="Pulse Secure"/>
2711
2761
  <param pos="0" name="os.family" value="SSL-VPN"/>
2712
2762
  <param pos="0" name="os.device" value="SSL-VPN"/>
2713
- <param pos="0" name="os.product" value="SSL-VPN"/>
2763
+ <param pos="0" name="os.product" value="Pulse Connect Secure"/>
2764
+ </fingerprint>
2765
+
2766
+ <fingerprint pattern="^Jellyfin$">
2767
+ <description>Jellyfin media server</description>
2768
+ <example>Jellyfin</example>
2769
+ <param pos="0" name="service.vendor" value="Jellyfin"/>
2770
+ <param pos="0" name="service.product" value="Media Server"/>
2771
+ </fingerprint>
2772
+
2773
+ <fingerprint pattern="^proxmox - Proxmox Virtual Environment$">
2774
+ <description>Proxmox open-source virtualization platform</description>
2775
+ <example>proxmox - Proxmox Virtual Environment</example>
2776
+ <param pos="0" name="service.vendor" value="Proxmox"/>
2777
+ <param pos="0" name="service.product" value="Proxmox"/>
2778
+ <param pos="0" name="os.vendor" value="Proxmox"/>
2779
+ <param pos="0" name="os.family" value="Linux"/>
2780
+ <param pos="0" name="os.product" value="Proxmox"/>
2781
+ </fingerprint>
2782
+
2783
+ <fingerprint pattern="^Sony Network Camera$">
2784
+ <description>Sony Network Camera</description>
2785
+ <example>Sony Network Camera</example>
2786
+ <param pos="0" name="hw.vendor" value="Sony"/>
2787
+ <param pos="0" name="hw.device" value="IP Camera"/>
2788
+ <param pos="0" name="hw.product" value="Network Camera"/>
2789
+ </fingerprint>
2790
+
2791
+ <fingerprint pattern="Lifesize&amp;reg;$">
2792
+ <description>Lifesize TelePresence</description>
2793
+ <example>Lifesize&amp;reg;</example>
2794
+ <example>400 - Bad Request Lifesize&amp;reg;</example>
2795
+ <param pos="0" name="hw.vendor" value="Lifesize"/>
2796
+ <param pos="0" name="hw.device" value="Video Conferencing"/>
2797
+ <param pos="0" name="hw.product" value="TelePresence"/>
2798
+ <param pos="0" name="os.vendor" value="Lifesize"/>
2799
+ <param pos="0" name="os.family" value="Linux"/>
2800
+ <param pos="0" name="os.product" value="TelePresence"/>
2801
+ <param pos="0" name="os.device" value="Video Conferencing"/>
2802
+ </fingerprint>
2803
+
2804
+ <fingerprint pattern="^AT&amp;amp;T VPN Gateway$">
2805
+ <description>ATT VPN Gateway</description>
2806
+ <example>AT&amp;amp;T VPN Gateway</example>
2807
+ <param pos="0" name="hw.vendor" value="ATT"/>
2808
+ <param pos="0" name="hw.device" value="VPN"/>
2809
+ <param pos="0" name="hw.product" value="VPN Gateway"/>
2810
+ </fingerprint>
2811
+
2812
+ <fingerprint pattern="^AT&amp;amp;T U\d+: '([^']+)'$">
2813
+ <description>ATT VPN Gateway w Hostname</description>
2814
+ <example host.name="Austin-Boston">AT&amp;amp;T U115: 'Austin-Boston'</example>
2815
+ <param pos="0" name="hw.vendor" value="ATT"/>
2816
+ <param pos="0" name="hw.device" value="VPN"/>
2817
+ <param pos="0" name="hw.product" value="VPN Gateway"/>
2818
+ <param pos="1" name="host.name"/>
2819
+ </fingerprint>
2820
+
2821
+ <fingerprint pattern="^(?:Symantec Encryption Verified Directory|Symantec Encryption Server.*)$">
2822
+ <description>Symantec PGP Key Management Server</description>
2823
+ <example>Symantec Encryption Verified Directory</example>
2824
+ <example>Symantec Encryption Server - Page Not Found</example>
2825
+ <example>Symantec Encryption Server - Login</example>
2826
+ <param pos="0" name="hw.vendor" value="Symantec"/>
2827
+ <param pos="0" name="hw.device" value="Security Appliance"/>
2828
+ <param pos="0" name="hw.product" value="Key Management Server"/>
2829
+ </fingerprint>
2830
+
2831
+ <fingerprint pattern="^Riverbed Technology, Inc\.$">
2832
+ <description>Riverbed Steelhead Appliance</description>
2833
+ <example>Riverbed Technology, Inc.</example>
2834
+ <param pos="0" name="hw.vendor" value="Riverbed"/>
2835
+ <param pos="0" name="hw.device" value="Security Appliance"/>
2836
+ <param pos="0" name="hw.product" value="Steelhead"/>
2837
+ <param pos="0" name="os.product" value="RiOS"/>
2838
+ <param pos="0" name="os.vendor" value="Riverbed"/>
2839
+ <param pos="0" name="os.cpe23" value="cpe:/o:riverbed:rios:-"/>
2840
+ </fingerprint>
2841
+
2842
+ <fingerprint pattern="^ClearPass - Aruba Networks$">
2843
+ <description>ClearPass Policy Manager Appliance</description>
2844
+ <example>ClearPass - Aruba Networks</example>
2845
+ <param pos="0" name="hw.vendor" value="Aruba Networks"/>
2846
+ <param pos="0" name="hw.device" value="Network Appliance"/>
2847
+ <param pos="0" name="hw.product" value="ClearPass Policy Manager"/>
2848
+ <param pos="0" name="service.vendor" value="Aruba Networks"/>
2849
+ <param pos="0" name="service.device" value="Network Appliance"/>
2850
+ <param pos="0" name="service.product" value="ClearPass Policy Manager"/>
2851
+ <param pos="0" name="service.cpe23" value="cpe:/a:arubanetworks:clearpass_policy_manager:-"/>
2852
+ </fingerprint>
2853
+
2854
+ <fingerprint pattern="^MSTR Collab Server$">
2855
+ <description>MicroStrategy Collaboration Server</description>
2856
+ <example>MSTR Collab Server</example>
2857
+ <param pos="0" name="service.vendor" value="MicroStrategy"/>
2858
+ <param pos="0" name="service.product" value="Collaboration Server"/>
2859
+ <param pos="0" name="service.certainty" value="0.5"/>
2860
+ </fingerprint>
2861
+
2862
+ <fingerprint pattern="^Openfire Admin Console$">
2863
+ <description>Openfire Admin Console</description>
2864
+ <example>Openfire Admin Console</example>
2865
+ <param pos="0" name="service.vendor" value="Ignite Realtime"/>
2866
+ <param pos="0" name="service.product" value="OpenFire"/>
2867
+ <param pos="0" name="service.cpe23" value="cpe:/a:igniterealtime:openfire:-"/>
2868
+ </fingerprint>
2869
+
2870
+ <fingerprint pattern="^:: PBX in a Flash">
2871
+ <description>PBX in a Flash</description>
2872
+ <example>:: PBX in a Flash, Welcome!</example>
2873
+ <param pos="0" name="hw.vendor" value="PIAF"/>
2874
+ <param pos="0" name="hw.device" value="SIP Gateway"/>
2875
+ <param pos="0" name="hw.product" value="PIAF Virtual Appliance"/>
2876
+ </fingerprint>
2877
+
2878
+ <fingerprint pattern="^Hak5 Cloud C">
2879
+ <description>Hak5 Cloud c2</description>
2880
+ <example>Hak5 Cloud C²</example>
2881
+ <param pos="0" name="service.vendor" value="Hak5"/>
2882
+ <param pos="0" name="service.product" value="Cloud C2"/>
2883
+ </fingerprint>
2884
+
2885
+ <fingerprint pattern="^Metabase$">
2886
+ <description>Metabase</description>
2887
+ <example>Metabase</example>
2888
+ <param pos="0" name="service.vendor" value="Metabase"/>
2889
+ <param pos="0" name="service.product" value="Metabase"/>
2890
+ <param pos="0" name="service.cpe23" value="cpe:/a:metabase:metabase:-"/>
2714
2891
  </fingerprint>
2715
2892
 
2716
2893
  </fingerprints>