recog 2.3.14 → 2.3.19

Sign up to get free protection for your applications and to get access to all the features.
Files changed (50) hide show
  1. checksums.yaml +4 -4
  2. data/.github/SECURITY.md +35 -0
  3. data/.github/workflows/ci.yml +26 -0
  4. data/.snyk +10 -0
  5. data/LICENSE +1 -1
  6. data/bin/recog_standardize +2 -2
  7. data/cpe-remap.yaml +55 -14
  8. data/identifiers/hw_device.txt +5 -4
  9. data/identifiers/hw_family.txt +12 -0
  10. data/identifiers/hw_product.txt +76 -6
  11. data/identifiers/os_architecture.txt +0 -10
  12. data/identifiers/os_device.txt +13 -31
  13. data/identifiers/os_family.txt +2 -95
  14. data/identifiers/os_product.txt +34 -117
  15. data/identifiers/service_family.txt +7 -36
  16. data/identifiers/service_product.txt +238 -92
  17. data/identifiers/vendor.txt +78 -193
  18. data/lib/recog/version.rb +1 -1
  19. data/requirements.txt +1 -1
  20. data/update_cpes.py +96 -48
  21. data/xml/dns_versionbind.xml +39 -16
  22. data/xml/favicons.xml +150 -17
  23. data/xml/ftp_banners.xml +21 -19
  24. data/xml/hp_pjl_id.xml +1 -1
  25. data/xml/html_title.xml +200 -23
  26. data/xml/http_cookies.xml +89 -1
  27. data/xml/http_servers.xml +144 -18
  28. data/xml/http_wwwauth.xml +28 -20
  29. data/xml/ldap_searchresult.xml +9 -6
  30. data/xml/mdns_device-info_txt.xml +308 -10
  31. data/xml/ntp_banners.xml +9 -1
  32. data/xml/operating_system.xml +1 -0
  33. data/xml/rtsp_servers.xml +7 -0
  34. data/xml/sip_banners.xml +344 -8
  35. data/xml/sip_user_agents.xml +320 -7
  36. data/xml/smb_native_lm.xml +32 -1
  37. data/xml/smb_native_os.xml +158 -33
  38. data/xml/smtp_banners.xml +7 -2
  39. data/xml/smtp_help.xml +2 -0
  40. data/xml/smtp_vrfy.xml +2 -1
  41. data/xml/snmp_sysdescr.xml +252 -86
  42. data/xml/ssh_banners.xml +118 -11
  43. data/xml/telnet_banners.xml +34 -9
  44. data/xml/tls_jarm.xml +139 -0
  45. data/xml/x509_issuers.xml +24 -5
  46. data/xml/x509_subjects.xml +97 -17
  47. metadata +6 -5
  48. data/identifiers/software_class.txt +0 -26
  49. data/identifiers/software_family.txt +0 -91
  50. data/identifiers/software_product.txt +0 -333
data/xml/http_cookies.xml CHANGED
@@ -49,6 +49,15 @@
49
49
  <param pos="0" name="service.product" value="Dynamo"/>
50
50
  </fingerprint>
51
51
 
52
+ <fingerprint pattern="^Bugzilla_login_request_cookie=.*">
53
+ <description>Bugzilla</description>
54
+ <example>Bugzilla_login_request_cookie=ylMVo9ZDtd; path=/; secure</example>
55
+ <param pos="0" name="cookie" value="Bugzilla_login_request_cookie"/>
56
+ <param pos="0" name="service.vendor" value="Mozilla"/>
57
+ <param pos="0" name="service.product" value="Bugzilla"/>
58
+ <param pos="0" name="service.cpe23" value="cpe:/a:mozilla:bugzilla:-"/>
59
+ </fingerprint>
60
+
52
61
  <fingerprint pattern="^(WebLogicSession)=[^!]+![^!]+!([0-9]+);.*">
53
62
  <description>BEA WebLogic (with timestamp)</description>
54
63
  <param pos="1" name="cookie"/>
@@ -156,10 +165,22 @@
156
165
  <fingerprint pattern="^DSSignInURL=/">
157
166
  <description>Pulse Secure VPN</description>
158
167
  <example>DSSignInURL=/; path=/; secure</example>
168
+ <param pos="0" name="service.vendor" value="Pulse Secure"/>
169
+ <param pos="0" name="service.product" value="Pulse Connect Secure"/>
170
+ <param pos="0" name="service.cpe23" value="cpe:/a:pulsesecure:pulse_connect_secure:-"/>
159
171
  <param pos="0" name="os.vendor" value="Pulse Secure"/>
160
172
  <param pos="0" name="os.family" value="SSL-VPN"/>
161
173
  <param pos="0" name="os.device" value="SSL-VPN"/>
162
- <param pos="0" name="os.product" value="SSL-VPN"/>
174
+ <param pos="0" name="os.product" value="Pulse Connect Secure"/>
175
+ </fingerprint>
176
+
177
+ <fingerprint pattern="^DokuWiki=.*">
178
+ <description>Dokuwiki</description>
179
+ <example>DokuWiki=t8l1aev7703vbtejovp165pv01; path=/; secure</example>
180
+ <param pos="0" name="cookie" value="DokuWiki"/>
181
+ <param pos="0" name="service.vendor" value="Dokuwiki"/>
182
+ <param pos="0" name="service.product" value="Dokuwiki"/>
183
+ <param pos="0" name="service.cpe23" value="cpe:/a:dokuwiki:dokuwiki:-"/>
163
184
  </fingerprint>
164
185
 
165
186
  <fingerprint pattern="^(EktGUID|ecm)=.*">
@@ -181,6 +202,15 @@
181
202
  <param pos="0" name="service.cpe23" value="cpe:/a:f5:big-ip_local_traffic_manager:-"/>
182
203
  </fingerprint>
183
204
 
205
+ <fingerprint pattern="^i_like_gogits=.*">
206
+ <description>Gogs</description>
207
+ <example>i_like_gogits=fc3914645f1d5c76; Path=/; HttpOnly</example>
208
+ <param pos="0" name="cookie" value="i_like_gogits"/>
209
+ <param pos="0" name="service.vendor" value="Gogs"/>
210
+ <param pos="0" name="service.product" value="Gogs"/>
211
+ <param pos="0" name="service.cpe23" value="cpe:/a:gogs:gogs:-"/>
212
+ </fingerprint>
213
+
184
214
  <fingerprint pattern="^(BigIPCookie)=.*">
185
215
  <description>F5 BIG-IP LTM</description>
186
216
  <param pos="1" name="cookie"/>
@@ -190,6 +220,25 @@
190
220
  <param pos="0" name="service.cpe23" value="cpe:/a:f5:big-ip_local_traffic_manager:-"/>
191
221
  </fingerprint>
192
222
 
223
+ <fingerprint pattern="^i_like_gitea=.*">
224
+ <description>Gitea</description>
225
+ <example>i_like_gitea=fc39d4645b1d5c7c; Path=/</example>
226
+ <param pos="0" name="cookie" value="i_like_gitea"/>
227
+ <param pos="0" name="service.vendor" value="Gitea"/>
228
+ <param pos="0" name="service.product" value="Gitea"/>
229
+ <param pos="0" name="service.certainty" value="0.5"/>
230
+ <param pos="0" name="service.cpe23" value="cpe:/a:gitea:gitea:-"/>
231
+ </fingerprint>
232
+
233
+ <fingerprint pattern="^_gitlab_session=.*">
234
+ <description>GitLab</description>
235
+ <param pos="0" name="cookie" value="_gitlab_session"/>
236
+ <param pos="0" name="service.vendor" value="GitLab"/>
237
+ <param pos="0" name="service.product" value="GitLab"/>
238
+ <param pos="0" name="service.certainty" value="0.5"/>
239
+ <param pos="0" name="service.cpe23" value="cpe:/a:gitlab:gitlab:-"/>
240
+ </fingerprint>
241
+
193
242
  <fingerprint pattern="^(SERVERID)=([A-Za-z0-9\-_]+)">
194
243
  <description>HAProxy - http://haproxy.1wt.eu/download/1.2/doc/architecture.txt</description>
195
244
  <param pos="1" name="cookie"/>
@@ -293,6 +342,16 @@
293
342
  <param pos="0" name="service.cpe23" value="cpe:/a:php:php:-"/>
294
343
  </fingerprint>
295
344
 
345
+ <fingerprint pattern="^phsid=.*">
346
+ <description>Phabricator</description>
347
+ <example>phsid=A%2Fxesybc4bypb74dlgojdgw2edct6osflno25h2fw7</example>
348
+ <param pos="0" name="cookie" value="phsid"/>
349
+ <param pos="0" name="service.vendor" value="Phacility"/>
350
+ <param pos="0" name="service.family" value="Phabricator"/>
351
+ <param pos="0" name="service.product" value="Phabricator"/>
352
+ <param pos="0" name="service.cpe23" value="cpe:/a:phacility:phabricator:-"/>
353
+ </fingerprint>
354
+
296
355
  <fingerprint pattern="^(RMID)=.*">
297
356
  <description>RealMedia OpenAdStream</description>
298
357
  <param pos="1" name="cookie"/>
@@ -339,6 +398,15 @@
339
398
  <param pos="0" name="service.cpe23" value="cpe:/a:sun:java_system_web_server:4.0"/>
340
399
  </fingerprint>
341
400
 
401
+ <fingerprint pattern="^_redmine_session=.*">
402
+ <description>Redmine</description>
403
+ <example>_redmine_session=BAh7B0kiD3Nlc3Npb25faWQGOgZFRkkiJWY2MGY5MTJiZjg0NGU1ZmQxZWI2OTViNzAxYjU4NTRiBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMW1kV3Z5NDl6eVkwWDl4bFQvMUxSSmxmbjhhaDR1WWxERWUrMFQ4dVcvS0k9BjsARg%3D%3D--ce5f52d49b68e30a7ec34b75bf456d6c79d234d2; path=/; HttpOnly</example>
404
+ <param pos="0" name="cookie" value="_redmine_session"/>
405
+ <param pos="0" name="service.vendor" value="Redmine"/>
406
+ <param pos="0" name="service.product" value="Redmine"/>
407
+ <param pos="0" name="service.cpe23" value="cpe:/a:redmine:redmine:-"/>
408
+ </fingerprint>
409
+
342
410
  <fingerprint pattern="^(gx_session_id|JROUTE)=.*">
343
411
  <description>Sun Java System Application Server (formerly iPlanet Application Server, Sun ONE Application Server)</description>
344
412
  <param pos="1" name="cookie"/>
@@ -372,6 +440,16 @@
372
440
  <param pos="0" name="service.product" value="Urchin Tracking Module"/>
373
441
  </fingerprint>
374
442
 
443
+ <fingerprint pattern="vxoaSessionID=">
444
+ <description>Silver Peak Appliance</description>
445
+ <example>vxoaSessionID=s%3A2650cfe1df092fc617d229d6d6b5dbfc.70yKRpb371czAWFkZWXdNfCSNexQvtiVr%2B3Z51YXbIw; Path=/; HttpOnly; Secure</example>
446
+ <example>vxoaSessionID=s%3A65e39ce7ae15193cb4bb0f812d20105b.qgHrgV4MtPKWeKwBrfynmxZmn5iaegh%2FRP0nV5ntaE8; Path=/; HttpOnly; Secure</example>
447
+ <example>vxoaSessionID=s%3A7e17300953b68c4713990a01bd00aa2b.5mg3edagZCkddCmWqMXbp4AOEzTVby6K2z2jfhal7Uw; Path=/; HttpOnly; Secure</example>
448
+ <param pos="0" name="hw.vendor" value="Silver Peak"/>
449
+ <param pos="0" name="hw.device" value="Network Appliance"/>
450
+ <param pos="0" name="hw.product" value="SD-WAN"/>
451
+ </fingerprint>
452
+
375
453
  <fingerprint pattern="^(vgncontext|vgnvisitor|ssuid)=.*">
376
454
  <description>Vignette</description>
377
455
  <param pos="1" name="cookie"/>
@@ -396,6 +474,16 @@
396
474
  <param pos="0" name="service.product" value="WebTrends"/>
397
475
  </fingerprint>
398
476
 
477
+ <fingerprint pattern="^(ZM_TEST|ZM_LOGIN_CSRF)=.*">
478
+ <description>Zimbra</description>
479
+ <example cookie="ZM_TEST">ZM_TEST=true;Secure</example>
480
+ <example cookie="ZM_LOGIN_CSRF">ZM_LOGIN_CSRF=38ef0bea-a4c3-4f41-9ac3-73d7622f3131;Secure;HttpOnly</example>
481
+ <param pos="1" name="cookie"/>
482
+ <param pos="0" name="service.vendor" value="Synacor"/>
483
+ <param pos="0" name="service.product" value="Zimbra Collaboration Suite"/>
484
+ <param pos="0" name="service.cpe23" value="cpe:/a:synacor:zimbra_collaboration_suite:-"/>
485
+ </fingerprint>
486
+
399
487
  <fingerprint pattern="^(_ZopeId)=.*">
400
488
  <description>Zope</description>
401
489
  <param pos="1" name="cookie"/>
data/xml/http_servers.xml CHANGED
@@ -2,6 +2,23 @@
2
2
  <fingerprints matches="http_header.server" protocol="http" database_type="service" preference="0.90">
3
3
  <!-- HTTP Server headers are matched against these patterns to fingerprint HTTP servers. -->
4
4
 
5
+ <fingerprint pattern="^BASHttpd/([\d.]+)">
6
+ <description>BASHttpd</description>
7
+ <example service.version="4.3.24">BASHttpd/4.3.24-release</example>
8
+ <param pos="0" name="service.product" value="bashttpd"/>
9
+ <param pos="0" name="service.vendor" value="Avleen Vig"/>
10
+ <param pos="1" name="service.version"/>
11
+ </fingerprint>
12
+
13
+ <fingerprint pattern="^monit ([\d.]+)$">
14
+ <description>Monit</description>
15
+ <example service.version="5.6">monit 5.6</example>
16
+ <param pos="0" name="service.vendor" value="Tildeslash"/>
17
+ <param pos="0" name="service.product" value="Monit"/>
18
+ <param pos="1" name="service.version"/>
19
+ <param pos="0" name="service.cpe23" value="cpe:/a:tildeslash:monit:{service.version}"/>
20
+ </fingerprint>
21
+
5
22
  <fingerprint pattern="(?i)^AirTunes/([\d\.]+)$">
6
23
  <description>Apple AirTunes/AirPlay, more generally RTSP used by a variety of wireless a/v products</description>
7
24
  <example service.version="220.68">AirTunes/220.68</example>
@@ -285,6 +302,7 @@
285
302
  <param pos="0" name="service.cpe23" value="cpe:/a:microsoft:iis:10.0"/>
286
303
  <param pos="0" name="os.vendor" value="Microsoft"/>
287
304
  <param pos="0" name="os.family" value="Windows"/>
305
+ <param pos="0" name="os.certainty" value="0.5"/>
288
306
  </fingerprint>
289
307
 
290
308
  <fingerprint pattern="^Microsoft-IIS/([\d\.]+)$">
@@ -440,7 +458,7 @@
440
458
  <param pos="0" name="service.component.vendor" value="Red Hat"/>
441
459
  <param pos="0" name="service.component.product" value="JBossWeb"/>
442
460
  <param pos="2" name="service.component.version"/>
443
- <param pos="0" name="service.component.cpe23" value="cpe:/a:redhat:jboss_web_framework_kit:{service.component.version}"/>
461
+ <param pos="0" name="service.component.cpe23" value="cpe:/a:redhat:jbossweb:{service.component.version}"/>
444
462
  </fingerprint>
445
463
 
446
464
  <fingerprint pattern="^Servlet\/[\d\.]+; JBossAS-(.*)$">
@@ -963,14 +981,14 @@
963
981
  <example>ReeCam IP Camera</example>
964
982
  <param pos="0" name="hw.vendor" value="Shenzhen Reecam Tech. Ltd."/>
965
983
  <param pos="0" name="hw.product" value="ReeCam"/>
966
- <param pos="0" name="hw.device" value="Web cam"/>
984
+ <param pos="0" name="hw.device" value="IP Camera"/>
967
985
  </fingerprint>
968
986
 
969
987
  <fingerprint pattern="^Netwave IP Camera$">
970
988
  <description>Netwave cameras</description>
971
989
  <example>Netwave IP Camera</example>
972
990
  <param pos="0" name="hw.vendor" value="Netwave"/>
973
- <param pos="0" name="hw.device" value="Web cam"/>
991
+ <param pos="0" name="hw.device" value="IP Camera"/>
974
992
  </fingerprint>
975
993
 
976
994
  <fingerprint pattern="^Cougar/([0-9.]*)$">
@@ -1013,7 +1031,7 @@
1013
1031
  <example>camera</example>
1014
1032
  <example>IPCamera Login</example>
1015
1033
  <example>Mini Dome IP Camera</example>
1016
- <param pos="0" name="hw.device" value="Web cam"/>
1034
+ <param pos="0" name="hw.device" value="IP Camera"/>
1017
1035
  </fingerprint>
1018
1036
 
1019
1037
  <fingerprint pattern="^ASP.NET$">
@@ -1496,6 +1514,7 @@
1496
1514
  <param pos="0" name="service.product" value="Abyss Web Server X1"/>
1497
1515
  <param pos="0" name="service.family" value="Abyss Web Server"/>
1498
1516
  <param pos="1" name="service.version"/>
1517
+ <param pos="0" name="service.cpe23" value="cpe:/a:aprelium:abyss_web_server_x1:{service.version}"/>
1499
1518
  <param pos="0" name="os.vendor" value="Microsoft"/>
1500
1519
  <param pos="0" name="os.family" value="Windows"/>
1501
1520
  <param pos="0" name="os.product" value="Windows"/>
@@ -1508,6 +1527,7 @@
1508
1527
  <param pos="0" name="service.product" value="Abyss Web Server X1"/>
1509
1528
  <param pos="0" name="service.family" value="Abyss Web Server"/>
1510
1529
  <param pos="1" name="service.version"/>
1530
+ <param pos="0" name="service.cpe23" value="cpe:/a:aprelium:abyss_web_server_x1:{service.version}"/>
1511
1531
  <param pos="0" name="os.vendor" value="Microsoft"/>
1512
1532
  <param pos="0" name="os.family" value="Windows"/>
1513
1533
  <param pos="0" name="os.product" value="Windows"/>
@@ -1693,6 +1713,7 @@
1693
1713
  <example>SAP Internet Graphics Server</example>
1694
1714
  <param pos="0" name="service.vendor" value="SAP"/>
1695
1715
  <param pos="0" name="service.product" value="Internet Graphics Server"/>
1716
+ <param pos="0" name="service.cpe23" value="cpe:/a:sap:internet_graphics_server:-"/>
1696
1717
  <param pos="0" name="service.component.vendor" value="SAP"/>
1697
1718
  <param pos="0" name="service.component.product" value="NetWeaver Application Server"/>
1698
1719
  <param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
@@ -1767,7 +1788,7 @@
1767
1788
  <param pos="0" name="service.product" value="NetCache"/>
1768
1789
  <param pos="1" name="service.version"/>
1769
1790
  <param pos="0" name="os.vendor" value="Blue Coat"/>
1770
- <param pos="0" name="os.device" value="Web proxy"/>
1791
+ <param pos="0" name="os.device" value="Web Proxy"/>
1771
1792
  <param pos="0" name="os.family" value="NetCache"/>
1772
1793
  <param pos="0" name="os.product" value="NetCache"/>
1773
1794
  </fingerprint>
@@ -1781,16 +1802,20 @@
1781
1802
  <param pos="0" name="os.vendor" value="NetApp"/>
1782
1803
  <param pos="0" name="os.family" value="Data ONTAP"/>
1783
1804
  <param pos="0" name="os.product" value="Data ONTAP"/>
1784
- <param pos="0" name="os.device" value="File server"/>
1785
1805
  <param pos="1" name="os.version"/>
1806
+ <param pos="0" name="os.device" value="NAS"/>
1786
1807
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
1808
+ <param pos="0" name="hw.vendor" value="NetApp"/>
1809
+ <param pos="0" name="hw.family" value="Data ONTAP"/>
1810
+ <param pos="0" name="hw.device" value="NAS"/>
1811
+ <param pos="0" name="hw.product" value="Data ONTAP"/>
1787
1812
  </fingerprint>
1788
1813
 
1789
1814
  <fingerprint pattern="^BlueCoat-Security-Appliance$">
1790
1815
  <description>Blue Coat security appliance</description>
1791
1816
  <example>BlueCoat-Security-Appliance</example>
1792
1817
  <param pos="0" name="os.vendor" value="Blue Coat"/>
1793
- <param pos="0" name="os.device" value="Web proxy"/>
1818
+ <param pos="0" name="os.device" value="Web Proxy"/>
1794
1819
  <param pos="0" name="os.family" value="Blue Coat"/>
1795
1820
  <param pos="0" name="os.product" value="Appliance"/>
1796
1821
  </fingerprint>
@@ -2153,7 +2178,7 @@
2153
2178
  <fingerprint pattern="^D-Link MiniAVServer$">
2154
2179
  <description>D-Link embedded web server for web cams</description>
2155
2180
  <param pos="0" name="os.vendor" value="D-Link"/>
2156
- <param pos="0" name="os.device" value="Web cam"/>
2181
+ <param pos="0" name="os.device" value="IP Camera"/>
2157
2182
  </fingerprint>
2158
2183
 
2159
2184
  <fingerprint pattern="^ListManagerWeb/(\S+) .*$">
@@ -2368,6 +2393,15 @@
2368
2393
  <param pos="2" name="python.version"/>
2369
2394
  </fingerprint>
2370
2395
 
2396
+ <fingerprint pattern="^Grandstream (GXP[^\s]+) ([\d\.]+)$">
2397
+ <description>Grandstream IP Phone</description>
2398
+ <example hw.product="GXP2020" hw.version="1.2.5.3">Grandstream GXP2020 1.2.5.3</example>
2399
+ <param pos="0" name="hw.vendor" value="Grandstream"/>
2400
+ <param pos="0" name="hw.device" value="VoIP"/>
2401
+ <param pos="2" name="hw.version"/>
2402
+ <param pos="1" name="hw.product"/>
2403
+ </fingerprint>
2404
+
2371
2405
  <fingerprint pattern="^HP Web Jetadmin/((?:\d+\.)*\d+)\s*(.*)$">
2372
2406
  <description>Apache variant for web access to HP printers.</description>
2373
2407
  <example>HP Web Jetadmin/2.0.50 (Win32) mod_auth_sspi/1.0.1 mod_ssl/2.0.50 OpenSSL/0.9.6m</example>
@@ -2583,7 +2617,7 @@
2583
2617
  <param pos="0" name="service.family" value="emHTTPD"/>
2584
2618
  <param pos="1" name="service.version"/>
2585
2619
  <param pos="0" name="os.vendor" value="Microplex"/>
2586
- <param pos="0" name="os.device" value="Print server"/>
2620
+ <param pos="0" name="os.device" value="Print Server"/>
2587
2621
  </fingerprint>
2588
2622
 
2589
2623
  <fingerprint pattern="^UPS_Server/((?:\d+\.)*\d+)$">
@@ -2791,7 +2825,7 @@
2791
2825
  <param pos="0" name="service.vendor" value="Akamai"/>
2792
2826
  <param pos="0" name="service.product" value="GHost"/>
2793
2827
  <param pos="0" name="os.vendor" value="Akamai"/>
2794
- <param pos="0" name="os.device" value="Web proxy"/>
2828
+ <param pos="0" name="os.device" value="Web Proxy"/>
2795
2829
  </fingerprint>
2796
2830
 
2797
2831
  <fingerprint pattern="^gws$">
@@ -2925,6 +2959,7 @@
2925
2959
  <param pos="0" name="service.product" value="Intel(R) Active Management Technology"/>
2926
2960
  <param pos="0" name="service.family" value="Intel(R) Active Management Technology"/>
2927
2961
  <param pos="1" name="service.version"/>
2962
+ <param pos="0" name="service.cpe23" value="cpe:/a:intel:active_management_technology:{service.version}"/>
2928
2963
  </fingerprint>
2929
2964
 
2930
2965
  <fingerprint pattern="^(?:AMT|Intel\(R\) Active Management Technology)$">
@@ -2934,6 +2969,7 @@
2934
2969
  <param pos="0" name="service.vendor" value="Intel"/>
2935
2970
  <param pos="0" name="service.product" value="Intel(R) Active Management Technology"/>
2936
2971
  <param pos="0" name="service.family" value="Intel(R) Active Management Technology"/>
2972
+ <param pos="0" name="service.cpe23" value="cpe:/a:intel:active_management_technology:-"/>
2937
2973
  </fingerprint>
2938
2974
 
2939
2975
  <fingerprint pattern="^Intel\(R\) Standard Manageability\s(\d+\.\d+\.\d+\.\d+|\d+\.\d+\.\d+|\d+\.\d+)">
@@ -2944,6 +2980,7 @@
2944
2980
  <param pos="0" name="service.product" value="Intel(R) Standard Manageability"/>
2945
2981
  <param pos="0" name="service.family" value="Intel(R) Active Management Technology"/>
2946
2982
  <param pos="1" name="service.version"/>
2983
+ <param pos="0" name="service.cpe23" value="cpe:/a:intel:standard_manageability:{service.version}"/>
2947
2984
  </fingerprint>
2948
2985
 
2949
2986
  <fingerprint pattern="^Sunny WebBox$">
@@ -2955,7 +2992,7 @@
2955
2992
  <param pos="0" name="hw.vendor" value="SMA"/>
2956
2993
  <param pos="0" name="hw.family" value="Sunny"/>
2957
2994
  <param pos="0" name="hw.product" value="Sunny WebBox"/>
2958
- <param pos="0" name="hw.device" value="Power device"/>
2995
+ <param pos="0" name="hw.device" value="Power Device"/>
2959
2996
  <param pos="0" name="hw.cpe23" value="cpe:/h:sma:sunny_webbox:-"/>
2960
2997
  <param pos="0" name="os.vendor" value="Microsoft"/>
2961
2998
  <param pos="0" name="os.family" value="Windows"/>
@@ -2968,7 +3005,7 @@
2968
3005
  <example>EnergyICT RTU 101-F25CE1-1524</example>
2969
3006
  <param pos="0" name="hw.family" value="Honeywell"/>
2970
3007
  <param pos="0" name="hw.product" value="RTU"/>
2971
- <param pos="0" name="hw.device" value="Power device"/>
3008
+ <param pos="0" name="hw.device" value="Power Device"/>
2972
3009
  </fingerprint>
2973
3010
 
2974
3011
  <fingerprint pattern="^AV-TECH AV787 Video Web Server$">
@@ -3121,7 +3158,7 @@
3121
3158
  <description>Huawei Echolife / Home Gateway (and possibly other) devices with UPnP</description>
3122
3159
  <example>Linux UPnP/1.0 Huawei-ATP-IGD</example>
3123
3160
  <param pos="0" name="hw.vendor" value="Huawei"/>
3124
- <param pos="0" name="hw.device" value="Broadband router"/>
3161
+ <param pos="0" name="hw.device" value="Broadband Router"/>
3125
3162
  </fingerprint>
3126
3163
 
3127
3164
  <fingerprint pattern="(?i)^OpenWRT/kamikaze UPnP/\S+ MiniUPnPd/([\d.]+)$">
@@ -3708,7 +3745,7 @@
3708
3745
  <description>Steinsvik Orbit IP Camera (Truen TCAM Rebrand)</description>
3709
3746
  <example>Linux/2.6.28.9-Mozart-8G, UPnP/1.0, Portable SDK for UPnP devices/1.6.6</example>
3710
3747
  <param pos="0" name="hw.vendor" value="Steinsvik"/>
3711
- <param pos="0" name="hw.device" value="Web cam"/>
3748
+ <param pos="0" name="hw.device" value="IP Camera"/>
3712
3749
  <param pos="0" name="hw.product" value="Orbit IP Camera"/>
3713
3750
  <param pos="0" name="os.vendor" value="Steinsvik"/>
3714
3751
  <param pos="0" name="os.family" value="Linux"/>
@@ -3738,9 +3775,9 @@
3738
3775
  <description>Axis Network Camera</description>
3739
3776
  <example>Linux/4.9.94-axis5, UPnP/1.0, Portable SDK for UPnP devices/1.6.22</example>
3740
3777
  <param pos="0" name="hw.vendor" value="AXIS"/>
3741
- <param pos="0" name="hw.device" value="Web cam"/>
3778
+ <param pos="0" name="hw.device" value="IP Camera"/>
3742
3779
  <param pos="0" name="os.vendor" value="AXIS"/>
3743
- <param pos="0" name="os.device" value="Web cam"/>
3780
+ <param pos="0" name="os.device" value="IP Camera"/>
3744
3781
  <param pos="0" name="os.family" value="Linux"/>
3745
3782
  <param pos="0" name="os.product" value="Linux"/>
3746
3783
  <param pos="1" name="os.version"/>
@@ -3987,7 +4024,7 @@
3987
4024
  <description>ANNKE IP Camera</description>
3988
4025
  <example>MWS 0.01</example>
3989
4026
  <param pos="0" name="hw.vendor" value="ANNKE"/>
3990
- <param pos="0" name="hw.device" value="Web cam"/>
4027
+ <param pos="0" name="hw.device" value="IP Camera"/>
3991
4028
  <param pos="0" name="hw.product" value="IP Camera"/>
3992
4029
  </fingerprint>
3993
4030
 
@@ -4077,7 +4114,7 @@
4077
4114
  <example>Xfinity Broadband Router Server</example>
4078
4115
  <param pos="0" name="hw.vendor" value="Comcast"/>
4079
4116
  <param pos="0" name="hw.product" value="Xfinity Broadband Router"/>
4080
- <param pos="0" name="hw.device" value="Broadband router"/>
4117
+ <param pos="0" name="hw.device" value="Broadband Router"/>
4081
4118
  </fingerprint>
4082
4119
 
4083
4120
  <fingerprint pattern="^IX Series IX21\d\d \(magellan-sec\) Software, Version ([^, ]+), (?:MAINTENANCE )?RELEASE SOFTWARE$">
@@ -4164,6 +4201,66 @@
4164
4201
  <param pos="2" name="python.version"/>
4165
4202
  </fingerprint>
4166
4203
 
4204
+ <fingerprint pattern="^pve-api-daemon/[\d.]+">
4205
+ <description>Proxmox api daemon</description>
4206
+ <example>pve-api-daemon/3.0</example>
4207
+ <param pos="0" name="service.vendor" value="Proxmox"/>
4208
+ <param pos="0" name="service.product" value="Proxmox"/>
4209
+ <param pos="0" name="os.vendor" value="Proxmox"/>
4210
+ <param pos="0" name="os.family" value="Linux"/>
4211
+ <param pos="0" name="os.product" value="Proxmox"/>
4212
+ </fingerprint>
4213
+
4214
+ <fingerprint pattern="^Cherokee/([\d.]+) \(Debian\)$">
4215
+ <description>Cherokee Web Server - Debian variant</description>
4216
+ <example service.version="1.2.104">Cherokee/1.2.104 (Debian)</example>
4217
+ <param pos="0" name="service.vendor" value="Cherokee Project"/>
4218
+ <param pos="0" name="service.product" value="Cherokee"/>
4219
+ <param pos="1" name="service.version"/>
4220
+ <param pos="0" name="service.cpe23" value="cpe:/a:cherokee-project:cherokee:{service.version}"/>
4221
+ <param pos="0" name="os.vendor" value="Debian"/>
4222
+ <param pos="0" name="os.product" value="Linux"/>
4223
+ <param pos="0" name="os.certainty" value="0.5"/>
4224
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
4225
+ </fingerprint>
4226
+
4227
+ <fingerprint pattern="^Cherokee/([\d.]+) \(Ubuntu\)$">
4228
+ <description>Cherokee Web Server - Ubuntu variant</description>
4229
+ <example service.version="1.2.104">Cherokee/1.2.104 (Ubuntu)</example>
4230
+ <param pos="0" name="service.vendor" value="Cherokee Project"/>
4231
+ <param pos="0" name="service.product" value="Cherokee"/>
4232
+ <param pos="1" name="service.version"/>
4233
+ <param pos="0" name="service.cpe23" value="cpe:/a:cherokee-project:cherokee:{service.version}"/>
4234
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
4235
+ <param pos="0" name="os.product" value="Linux"/>
4236
+ <param pos="0" name="os.certainty" value="0.5"/>
4237
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
4238
+ </fingerprint>
4239
+
4240
+ <fingerprint pattern="^Cherokee/([\d.]+) \(Gentoo Linux\)$">
4241
+ <description>Cherokee Web Server - Gentoo variant</description>
4242
+ <example service.version="1.2.104">Cherokee/1.2.104 (Gentoo Linux)</example>
4243
+ <param pos="0" name="service.vendor" value="Cherokee Project"/>
4244
+ <param pos="0" name="service.product" value="Cherokee"/>
4245
+ <param pos="1" name="service.version"/>
4246
+ <param pos="0" name="service.cpe23" value="cpe:/a:cherokee-project:cherokee:{service.version}"/>
4247
+ <param pos="0" name="os.vendor" value="Gentoo"/>
4248
+ <param pos="0" name="os.product" value="Linux"/>
4249
+ <param pos="0" name="os.certainty" value="0.5"/>
4250
+ <param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:-"/>
4251
+ </fingerprint>
4252
+
4253
+ <fingerprint pattern="^Cherokee(?:/([\d.]+))?(?: \(UNIX\))?$">
4254
+ <description>Cherokee Web Server</description>
4255
+ <example>Cherokee</example>
4256
+ <example service.version="0.2.7">Cherokee/0.2.7</example>
4257
+ <example service.version="1.2.101">Cherokee/1.2.101 (UNIX)</example>
4258
+ <param pos="0" name="service.vendor" value="Cherokee Project"/>
4259
+ <param pos="0" name="service.product" value="Cherokee"/>
4260
+ <param pos="1" name="service.version"/>
4261
+ <param pos="0" name="service.cpe23" value="cpe:/a:cherokee-project:cherokee:{service.version}"/>
4262
+ </fingerprint>
4263
+
4167
4264
  <!-- This is a version of ACME mini_httpd where the value 'mini_httpd' has been
4168
4265
  replaced with a UUID in the Server header AND body of the response. It
4169
4266
  is likely vendor or product specific.
@@ -4179,4 +4276,33 @@
4179
4276
  <param pos="0" name="service.cpe23" value="cpe:/a:acme:mini_httpd:-"/>
4180
4277
  </fingerprint>
4181
4278
 
4279
+ <fingerprint pattern="^Unspecified, UPnP/[\d\.]+, Unspecified$">
4280
+ <description>UPNP server</description>
4281
+ <example>Unspecified, UPnP/1.0, Unspecified</example>
4282
+ <param pos="0" name="service.family" value="UPnP"/>
4283
+ </fingerprint>
4284
+
4285
+ <fingerprint pattern="^WNR2000v([0-9]) UPnP/[\d\.]+ miniupnpd/([\d\.]+)$">
4286
+ <description>Netgear WNR2000v5 Router UPnP</description>
4287
+ <example hw.version="5" service.version="1.0">WNR2000v5 UPnP/1.0 miniupnpd/1.0</example>
4288
+ <param pos="1" name="hw.version"/>
4289
+ <param pos="2" name="service.version"/>
4290
+ <param pos="0" name="service.vendor" value="Netgear"/>
4291
+ <param pos="0" name="service.family" value="UPnP"/>
4292
+ <param pos="0" name="service.product" value="MiniUPnP"/>
4293
+ <param pos="0" name="hw.vendor" value="Netgear"/>
4294
+ <param pos="0" name="hw.product" value="WNR2000"/>
4295
+ <param pos="0" name="hw.device" value="Router"/>
4296
+ <param pos="0" name="hw.cpe23" value="cpe:/h:netgear:wnr2000:{hw.version}"/>
4297
+ </fingerprint>
4298
+
4299
+ <fingerprint pattern="^ev-compat$">
4300
+ <description>PELCO CAMERA DEVICE</description>
4301
+ <example>ev-compat</example>
4302
+ <param pos="0" name="service.vendor" value="Pelco"/>
4303
+ <param pos="0" name="service.family" value="UPnP"/>
4304
+ <param pos="0" name="hw.vendor" value="Pelco"/>
4305
+ <param pos="0" name="hw.device" value="IP Camera"/>
4306
+ </fingerprint>
4307
+
4182
4308
  </fingerprints>