recog 2.3.15 → 2.3.16

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 563ed349556c084c9c46b32ec41eece72724826ae355a639bd2dd55d4a990f3d
-  data.tar.gz: 03e767f4fd9557af69c716515e74595fbb5f287883c6d4e742a1aea1a6cdb0ef
+  metadata.gz: f26ba5638d60668485ae809fd343a1a35262418a0174b31692e7467f0764152a
+  data.tar.gz: cfeeaf8d4740fbf534ac26b0300ffd9ac28f0649494a163f42cd654251f95a77
 SHA512:
-  metadata.gz: a5a458eef93bb3f5b9f298523f38f728e74bac390b22978af2bbf1c74b1ff55354128df657210ae49542b4a4338a3bdf8d69387c02a06ae7b0f59dc45e237775
-  data.tar.gz: 38d28282042fa32e206f795d63968fd45362563359e2a5d8a93070ac84b85e766c8bd8accebc518e6a06b8cd9d97a52cd5856928bc95de02857783b8669dbacc
+  metadata.gz: cdb40798655b68545b2c28d1f72555c0c442c9afadd63a9e3a97cfae755263663452ed5543db83e703569746dff1f2fefbc3a95213d463086cbf88ba9e121be6
+  data.tar.gz: bb49a46e193fb2dcb13740ee86500dd820e08bca2a57569eb77f462fb2f71d5061dbc734aac9f756074b31f40f12815bbe29f9ec194d4e7ccfa521702d2747a1

data/.snyk

@@ -0,0 +1,10 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+python: 3.6.0
+version: v1.14.1
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  SNYK-PYTHON-PYYAML-590151:
+    - pyyaml:
+        reason: Project doesn't use vulnerable code path.
+        expires: 2021-06-01T00:00:00.000Z
+patch: {}

data/LICENSE

@@ -2,6 +2,6 @@ Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Source: https://github.com/rapid7/recog
 
 Files: *
-Copyright: 2014-2015, Rapid7, Inc.
+Copyright: 2014, Rapid7, Inc.
 License: BSD-2-clause
 

data/lib/recog/version.rb

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = '2.3.15'
+  VERSION = '2.3.16'
 end

data/update_cpes.py

@@ -9,7 +9,7 @@ from lxml import etree
 
 def parse_r7_remapping(file):
     with open(file) as remap_file:
-        return yaml.load(remap_file)["mappings"]
+        return yaml.safe_load(remap_file)["mappings"]
 
 def parse_cpe_vp_map(file):
     vp_map = {} # cpe_type -> vendor -> products

data/xml/dns_versionbind.xml

@@ -619,17 +619,18 @@
        dnscmd /config /EnableVersionQuery 1
   -->
 
-  <fingerprint pattern="^Microsoft DNS (10.0.\d+)(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS (10.0.\d+)(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2016: GA</description>
     <!-- Windows 10 / 2016 moved towards a rolling release so capturing build
          is required unlike other Windows versions where we use a fixed string.
     -->
 
-    <example service.version="10.0.14393" os.build="10.0.14393">Microsoft DNS 10.0.14393 (383900CE)</example>
+    <example service.version="10.0.14393" os.build="10.0.14393" service.version.version="383900CE">Microsoft DNS 10.0.14393 (383900CE)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="1" name="service.version"/>
+    <param pos="2" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2016"/>
@@ -637,13 +638,14 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.3.9600(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.3.9600(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2012 R2</description>
-    <example>Microsoft DNS 6.3.9600 (25804825)</example>
+    <example service.version.version="25804825">Microsoft DNS 6.3.9600 (25804825)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.3.9600"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2012 R2"/>
@@ -651,13 +653,14 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.2.9200(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.2.9200(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2012</description>
-    <example>Microsoft DNS 6.2.9200 (23F04000)</example>
+    <example service.version.version="23F04000">Microsoft DNS 6.2.9200 (23F04000)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.2.9200"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2012"/>
@@ -665,14 +668,15 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.1.7601(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.1.7601(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2008 R2 Service Pack 1</description>
-    <example>Microsoft DNS 6.1.7601 (1DB15CD4)</example>
+    <example service.version.version="1DB15CD4">Microsoft DNS 6.1.7601 (1DB15CD4)</example>
     <example>Microsoft DNS 6.1.7601</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.1.7601"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -681,13 +685,14 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:Service Pack 1"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.1.7600(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.1.7600(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2008 R2</description>
-    <example>Microsoft DNS 6.1.7600 (1DB04228)</example>
+    <example service.version.version="1DB04228">Microsoft DNS 6.1.7600 (1DB04228)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.1.7600"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -708,13 +713,14 @@
     <example>Microsoft DNS 6.0.6100 (2AEF76E)</example>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.0.6003(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.0.6003(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2008 Service Pack 2 - Preview Rollup KB4489887 and later</description>
-    <example>Microsoft DNS 6.0.6003 (1773501D)</example>
+    <example service.version.version="1773501D">Microsoft DNS 6.0.6003 (1773501D)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.0.6003"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -723,13 +729,14 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:Service Pack 2"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.0.6002(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.0.6002(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2008 Service Pack 2</description>
-    <example>Microsoft DNS 6.0.6002 (17724D35)</example>
+    <example service.version.version="17724D35">Microsoft DNS 6.0.6002 (17724D35)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.0.6002"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -738,13 +745,14 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:Service Pack 2"/>
   </fingerprint>
 
-  <fingerprint pattern="^Microsoft DNS 6.0.6001(?: \(\w+\))?$">
+  <fingerprint pattern="^Microsoft DNS 6.0.6001(?: \(([^)]+)\))?$">
     <description>Microsoft DNS on Windows 2008 Service Pack 1</description>
-    <example>Microsoft DNS 6.0.6001 (17714726)</example>
+    <example service.version.version="17714726">Microsoft DNS 6.0.6001 (17714726)</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.family" value="DNS"/>
     <param pos="0" name="service.product" value="DNS"/>
     <param pos="0" name="service.version" value="6.0.6001"/>
+    <param pos="1" name="service.version.version"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>

data/xml/favicons.xml

@@ -464,6 +464,7 @@
     <param pos="0" name="service.vendor" value="SABnzbd"/>
     <param pos="0" name="service.product" value="SABnzbd"/>
     <param pos="0" name="service.certainty" value="0.5"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sabnzbd:sabnzbd:-"/>
   </fingerprint>
 
   <fingerprint pattern="^5c9f3938754b459fb3590a00e5947fed$">
@@ -612,6 +613,7 @@
     <param pos="0" name="service.vendor" value="Elastic"/>
     <param pos="0" name="service.product" value="Kibana"/>
     <param pos="0" name="service.certainty" value="0.5"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:elastic:kibana:-"/>
   </fingerprint>
 
   <fingerprint pattern="^(?:ef07026465d7b449a9759132486d1e3b|bcc4933f81eff43e5d9bcc5b2828aa70|b204c198a410e5ee28346c4a2110535e|c00da11c81f9b887eed4123daee89909)$">

data/xml/html_title.xml

@@ -1551,6 +1551,7 @@
     <example>Elastic Kibana</example>
     <param pos="0" name="service.vendor" value="Elastic"/>
     <param pos="0" name="service.product" value="Kibana"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:elastic:kibana:-"/>
   </fingerprint>
 
   <fingerprint pattern="^Grafana$">
@@ -2274,6 +2275,7 @@
     <example>SABnzbd - Log in</example>
     <param pos="0" name="service.vendor" value="SABnzbd"/>
     <param pos="0" name="service.product" value="SABnzbd"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:sabnzbd:sabnzbd:-"/>
   </fingerprint>
 
   <fingerprint pattern="^(?:Zabbix|.*: Zabbix)$">

data/xml/http_servers.xml

@@ -440,7 +440,7 @@
     <param pos="0" name="service.component.vendor" value="Red Hat"/>
     <param pos="0" name="service.component.product" value="JBossWeb"/>
     <param pos="2" name="service.component.version"/>
-    <param pos="0" name="service.component.cpe23" value="cpe:/a:redhat:jboss_web_framework_kit:{service.component.version}"/>
+    <param pos="0" name="service.component.cpe23" value="cpe:/a:redhat:jbossweb:{service.component.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^Servlet\/[\d\.]+; JBossAS-(.*)$">

data/xml/smtp_banners.xml

@@ -77,6 +77,7 @@
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^^(?:(\S+) +)?ArGoSoft Mail Server Freeware, Version [^ ]+ \(([^ ]+\.[^ ]+\.[^ ]+\.[^ ]+)\) *$">
@@ -91,6 +92,7 @@
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
     <param pos="1" name="host.name"/>
   </fingerprint>
 
@@ -108,6 +110,7 @@
     <param pos="0" name="service.product" value="Mail Server"/>
     <param pos="1" name="host.name"/>
     <param pos="2" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^([^ ]+) +AppleShare IP Mail Server ([^ ]+\.[\d.]+) SMTP Server Ready *$">

data/xml/smtp_help.xml

@@ -15,6 +15,7 @@
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
     <param pos="1" name="service.version"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:{service.version}"/>
   </fingerprint>
 
   <fingerprint pattern="^214[ -].*support@argosoft\.com *$">
@@ -23,6 +24,7 @@
     <param pos="0" name="service.vendor" value="ArGoSoft"/>
     <param pos="0" name="service.family" value="Mail Server"/>
     <param pos="0" name="service.product" value="Mail Server"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:argosoft:mail_server:-"/>
   </fingerprint>
 
   <fingerprint pattern="^500[ -]Syntax error, command &quot;XXXX&quot; unrecognized$">

data/xml/snmp_sysdescr.xml

@@ -6099,7 +6099,6 @@ Copyright (c) 1995-2005 by Cisco Systems
     <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
   </fingerprint>
 
-
   <fingerprint pattern="^SonicWALL (\S+).*?\(SonicOS \S+ ((?:\d\.)+\d+-\d+[a-zA-Z]).*\)">
     <description>SonicWall - SonicOS Enhanced variant without hardware model</description>
     <example hw.product="SOHO" os.version="5.9.1.4-4o">SonicWALL SOHO (SonicOS Enhanced 5.9.1.4-4o)</example>

data/xml/telnet_banners.xml

@@ -1064,6 +1064,7 @@
     <param pos="0" name="hw.family" value="EDR"/>
     <param pos="0" name="hw.device" value="Router"/>
     <param pos="0" name="hw.product" value="EDR-G902"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
     <param pos="0" name="os.vendor" value="Moxa"/>
     <param pos="0" name="os.family" value="EDR"/>
     <param pos="0" name="os.device" value="Router"/>

data/xml/x509_issuers.xml

@@ -14,7 +14,8 @@
     <description>Google Chromecast Gen 1</description>
     <example>CN=Eureka Gen1 ICA,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
-    <param pos="0" name="os.product" value="ChromeOS"/>
+    <param pos="0" name="os.product" value="Chrome OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
@@ -32,7 +33,8 @@
     <example chromecast.generation="11" chromecast.capabilities="Video Assist">CN=Chromecast ICA 11 (Video Assist),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <example chromecast.generation="12">CN=Chromecast ICA 12,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
-    <param pos="0" name="os.product" value="ChromeOS"/>
+    <param pos="0" name="os.product" value="Chrome OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>

data/xml/x509_subjects.xml

@@ -512,7 +512,8 @@
     <example chromecast.serial_number="LVDZG5" host.mac_local="FA8FCA67413D">CN=LVDZG5 FA8FCA67413D,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
-    <param pos="0" name="os.product" value="ChromeOS"/>
+    <param pos="0" name="os.product" value="Chrome OS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.3.15
+  version: 2.3.16
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-10-22 00:00:00.000000000 Z
+date: 2020-11-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -132,6 +132,7 @@ files:
 - ".rspec"
 - ".ruby-gemset"
 - ".ruby-version"
+- ".snyk"
 - ".travis.yml"
 - ".yardopts"
 - CONTRIBUTING.md