recog 2.3.15 → 2.3.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/.github/workflows/ci.yml +26 -0
  3. data/.snyk +10 -0
  4. data/LICENSE +1 -1
  5. data/bin/recog_standardize +8 -2
  6. data/cpe-remap.yaml +314 -170
  7. data/identifiers/README.md +24 -10
  8. data/identifiers/fields.txt +104 -0
  9. data/identifiers/hw_device.txt +5 -4
  10. data/identifiers/hw_family.txt +17 -0
  11. data/identifiers/hw_product.txt +87 -6
  12. data/identifiers/os_architecture.txt +0 -10
  13. data/identifiers/os_device.txt +12 -31
  14. data/identifiers/os_family.txt +2 -94
  15. data/identifiers/os_product.txt +45 -124
  16. data/identifiers/service_family.txt +14 -37
  17. data/identifiers/service_product.txt +283 -88
  18. data/identifiers/vendor.txt +99 -192
  19. data/lib/recog/version.rb +1 -1
  20. data/requirements.txt +1 -1
  21. data/update_cpes.py +110 -49
  22. data/xml/apache_modules.xml +60 -0
  23. data/xml/dns_versionbind.xml +40 -17
  24. data/xml/favicons.xml +163 -20
  25. data/xml/ftp_banners.xml +25 -25
  26. data/xml/hp_pjl_id.xml +1 -1
  27. data/xml/html_title.xml +561 -51
  28. data/xml/http_cookies.xml +266 -61
  29. data/xml/http_servers.xml +472 -96
  30. data/xml/http_wwwauth.xml +53 -26
  31. data/xml/ldap_searchresult.xml +10 -6
  32. data/xml/mdns_device-info_txt.xml +308 -10
  33. data/xml/ntp_banners.xml +15 -1
  34. data/xml/operating_system.xml +1 -0
  35. data/xml/rtsp_servers.xml +7 -0
  36. data/xml/sip_banners.xml +346 -8
  37. data/xml/sip_user_agents.xml +321 -7
  38. data/xml/smb_native_lm.xml +32 -1
  39. data/xml/smb_native_os.xml +158 -33
  40. data/xml/smtp_banners.xml +48 -7
  41. data/xml/smtp_expn.xml +1 -0
  42. data/xml/smtp_help.xml +2 -0
  43. data/xml/smtp_vrfy.xml +3 -1
  44. data/xml/snmp_sysdescr.xml +211 -42
  45. data/xml/ssh_banners.xml +127 -14
  46. data/xml/telnet_banners.xml +44 -14
  47. data/xml/tls_jarm.xml +140 -0
  48. data/xml/x509_issuers.xml +179 -7
  49. data/xml/x509_subjects.xml +252 -35
  50. metadata +6 -5
  51. data/identifiers/software_class.txt +0 -26
  52. data/identifiers/software_family.txt +0 -91
  53. data/identifiers/software_product.txt +0 -333
data/xml/ssh_banners.xml CHANGED
@@ -33,12 +33,12 @@
33
33
  <param pos="0" name="service.product" value="iLO"/>
34
34
  <param pos="0" name="service.family" value="iLO"/>
35
35
  <param pos="1" name="service.version"/>
36
- <param pos="0" name="service.cpe23" value="cpe:/a:hp:integrated_lights_out:{service.version}"/>
37
36
  <param pos="0" name="hw.vendor" value="HP"/>
38
37
  <param pos="0" name="os.vendor" value="HP"/>
39
38
  <param pos="0" name="os.product" value="iLO"/>
40
39
  <param pos="0" name="os.family" value="iLO"/>
41
40
  <param pos="0" name="os.device" value="Lights Out Management"/>
41
+ <param pos="0" name="os.cpe23" value="cpe:/o:hp:integrated_lights-out_firmware:-"/>
42
42
  </fingerprint>
43
43
 
44
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
@@ -552,7 +552,7 @@
552
552
  </fingerprint>
553
553
 
554
554
  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
555
- <description>OpenSSH running on FreeBSD 12.0</description>
555
+ <description>OpenSSH running on FreeBSD 12.0/12.1</description>
556
556
  <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
557
557
  <param pos="1" name="service.version"/>
558
558
  <param pos="2" name="openssh.comment"/>
@@ -888,9 +888,10 @@
888
888
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
889
889
  </fingerprint>
890
890
 
891
- <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
891
+ <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6\S*)$">
892
892
  <description>OpenSSH running on Ubuntu 13.10</description>
893
893
  <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
894
+ <example service.version="6.2p2" openssh.comment="Ubuntu-6">OpenSSH_6.2p2 Ubuntu-6</example>
894
895
  <param pos="1" name="service.version"/>
895
896
  <param pos="2" name="openssh.comment"/>
896
897
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -917,10 +918,11 @@
917
918
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
918
919
  </fingerprint>
919
920
 
920
- <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
921
+ <fingerprint pattern="^OpenSSH_(6\.6(?:\.1)?p1) (Ubuntu-2\S*)$">
921
922
  <description>OpenSSH running on Ubuntu 14.04</description>
922
923
  <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
923
924
  <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2</example>
925
+ <example service.version="6.6.1p1" openssh.comment="Ubuntu-2ubuntu2.13">OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.13</example>
924
926
  <param pos="1" name="service.version"/>
925
927
  <param pos="2" name="openssh.comment"/>
926
928
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -950,9 +952,10 @@
950
952
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
951
953
  </fingerprint>
952
954
 
953
- <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
955
+ <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5\S*)$">
954
956
  <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
955
957
  <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
958
+ <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1.4">OpenSSH_6.7p1 Ubuntu-5ubuntu1.4</example>
956
959
  <param pos="1" name="service.version"/>
957
960
  <param pos="2" name="openssh.comment"/>
958
961
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -966,9 +969,10 @@
966
969
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
967
970
  </fingerprint>
968
971
 
969
- <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
972
+ <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2\S*)$">
970
973
  <description>OpenSSH running on Ubuntu 15.10</description>
971
974
  <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
975
+ <example service.version="6.9p1" openssh.comment="Ubuntu-2ubuntu0.2">OpenSSH_6.9p1 Ubuntu-2ubuntu0.2</example>
972
976
  <param pos="1" name="service.version"/>
973
977
  <param pos="2" name="openssh.comment"/>
974
978
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -982,9 +986,11 @@
982
986
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
983
987
  </fingerprint>
984
988
 
985
- <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
989
+ <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4\S*)$">
986
990
  <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
987
991
  <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
992
+ <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu1">OpenSSH_7.2p2 Ubuntu-4ubuntu1</example>
993
+ <example service.version="7.2p2" openssh.comment="Ubuntu-4">OpenSSH_7.2p2 Ubuntu-4</example>
988
994
  <param pos="1" name="service.version"/>
989
995
  <param pos="2" name="openssh.comment"/>
990
996
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1030,9 +1036,10 @@
1030
1036
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
1031
1037
  </fingerprint>
1032
1038
 
1033
- <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
1039
+ <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10\S*)$">
1034
1040
  <description>OpenSSH running on Ubuntu 17.10</description>
1035
1041
  <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
1042
+ <example service.version="7.5p1" openssh.comment="Ubuntu-10">OpenSSH_7.5p1 Ubuntu-10</example>
1036
1043
  <param pos="1" name="service.version"/>
1037
1044
  <param pos="2" name="openssh.comment"/>
1038
1045
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1046,9 +1053,10 @@
1046
1053
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
1047
1054
  </fingerprint>
1048
1055
 
1049
- <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
1056
+ <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4\S*)$">
1050
1057
  <description>OpenSSH running on Ubuntu 18.04</description>
1051
1058
  <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
1059
+ <example service.version="7.6p1" openssh.comment="Ubuntu-4">OpenSSH_7.6p1 Ubuntu-4</example>
1052
1060
  <param pos="1" name="service.version"/>
1053
1061
  <param pos="2" name="openssh.comment"/>
1054
1062
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1062,9 +1070,10 @@
1062
1070
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
1063
1071
  </fingerprint>
1064
1072
 
1065
- <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
1073
+ <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4\S*)$">
1066
1074
  <description>OpenSSH running on Ubuntu 18.10</description>
1067
1075
  <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
1076
+ <example service.version="7.7p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.7p1 Ubuntu-4ubuntu0.3</example>
1068
1077
  <param pos="1" name="service.version"/>
1069
1078
  <param pos="2" name="openssh.comment"/>
1070
1079
  <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1110,6 +1119,39 @@
1110
1119
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
1111
1120
  </fingerprint>
1112
1121
 
1122
+ <fingerprint pattern="^OpenSSH_(8\.2p1) (Ubuntu-4\S*)$">
1123
+ <description>OpenSSH running on Ubuntu 20.04</description>
1124
+ <example service.version="8.2p1" openssh.comment="Ubuntu-4ubuntu0.1">OpenSSH_8.2p1 Ubuntu-4ubuntu0.1</example>
1125
+ <example service.version="8.2p1" openssh.comment="Ubuntu-4">OpenSSH_8.2p1 Ubuntu-4</example>
1126
+ <param pos="1" name="service.version"/>
1127
+ <param pos="2" name="openssh.comment"/>
1128
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1129
+ <param pos="0" name="service.family" value="OpenSSH"/>
1130
+ <param pos="0" name="service.product" value="OpenSSH"/>
1131
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1132
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
1133
+ <param pos="0" name="os.family" value="Linux"/>
1134
+ <param pos="0" name="os.product" value="Linux"/>
1135
+ <param pos="0" name="os.version" value="20.04"/>
1136
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.04"/>
1137
+ </fingerprint>
1138
+
1139
+ <fingerprint pattern="^OpenSSH_(8\.3p1) (Ubuntu-1\S*)$">
1140
+ <description>OpenSSH running on Ubuntu 20.10</description>
1141
+ <example service.version="8.3p1" openssh.comment="Ubuntu-1">OpenSSH_8.3p1 Ubuntu-1</example>
1142
+ <param pos="1" name="service.version"/>
1143
+ <param pos="2" name="openssh.comment"/>
1144
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1145
+ <param pos="0" name="service.family" value="OpenSSH"/>
1146
+ <param pos="0" name="service.product" value="OpenSSH"/>
1147
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1148
+ <param pos="0" name="os.vendor" value="Ubuntu"/>
1149
+ <param pos="0" name="os.family" value="Linux"/>
1150
+ <param pos="0" name="os.product" value="Linux"/>
1151
+ <param pos="0" name="os.version" value="20.10"/>
1152
+ <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:20.10"/>
1153
+ </fingerprint>
1154
+
1113
1155
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1114
1156
  <description>OpenSSH running on Ubuntu (unknown release)</description>
1115
1157
  <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1329,9 +1371,56 @@
1329
1371
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
1330
1372
  </fingerprint>
1331
1373
 
1332
- <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1333
- <description>OpenSSH running on Debian 10.x (buster)</description>
1374
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10)$">
1375
+ <description>OpenSSH running on Debian 10.0 (buster)</description>
1334
1376
  <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
1377
+ <param pos="1" name="service.version"/>
1378
+ <param pos="2" name="openssh.comment"/>
1379
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1380
+ <param pos="0" name="service.family" value="OpenSSH"/>
1381
+ <param pos="0" name="service.product" value="OpenSSH"/>
1382
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1383
+ <param pos="0" name="os.vendor" value="Debian"/>
1384
+ <param pos="0" name="os.family" value="Linux"/>
1385
+ <param pos="0" name="os.product" value="Linux"/>
1386
+ <param pos="0" name="os.version" value="10.0"/>
1387
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
1388
+ </fingerprint>
1389
+
1390
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u1)$">
1391
+ <description>OpenSSH running on Debian 10.1 (buster)</description>
1392
+ <example service.version="7.9p1" openssh.comment="Debian-10+deb10u1">OpenSSH_7.9p1 Debian-10+deb10u1</example>
1393
+ <param pos="1" name="service.version"/>
1394
+ <param pos="2" name="openssh.comment"/>
1395
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1396
+ <param pos="0" name="service.family" value="OpenSSH"/>
1397
+ <param pos="0" name="service.product" value="OpenSSH"/>
1398
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1399
+ <param pos="0" name="os.vendor" value="Debian"/>
1400
+ <param pos="0" name="os.family" value="Linux"/>
1401
+ <param pos="0" name="os.product" value="Linux"/>
1402
+ <param pos="0" name="os.version" value="10.1"/>
1403
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.1"/>
1404
+ </fingerprint>
1405
+
1406
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\+deb10u2)$">
1407
+ <description>OpenSSH running on Debian 10.2 (buster)</description>
1408
+ <example service.version="7.9p1" openssh.comment="Debian-10+deb10u2">OpenSSH_7.9p1 Debian-10+deb10u2</example>
1409
+ <param pos="1" name="service.version"/>
1410
+ <param pos="2" name="openssh.comment"/>
1411
+ <param pos="0" name="service.vendor" value="OpenBSD"/>
1412
+ <param pos="0" name="service.family" value="OpenSSH"/>
1413
+ <param pos="0" name="service.product" value="OpenSSH"/>
1414
+ <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1415
+ <param pos="0" name="os.vendor" value="Debian"/>
1416
+ <param pos="0" name="os.family" value="Linux"/>
1417
+ <param pos="0" name="os.product" value="Linux"/>
1418
+ <param pos="0" name="os.version" value="10.2"/>
1419
+ <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.2"/>
1420
+ </fingerprint>
1421
+
1422
+ <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10\S+)$">
1423
+ <description>OpenSSH running on Debian 10.x (buster catchall)</description>
1335
1424
  <example service.version="7.9p1" openssh.comment="Debian-10+deb10u6">OpenSSH_7.9p1 Debian-10+deb10u6</example>
1336
1425
  <param pos="1" name="service.version"/>
1337
1426
  <param pos="2" name="openssh.comment"/>
@@ -1615,7 +1704,7 @@
1615
1704
  <param pos="0" name="service.product" value="SSH"/>
1616
1705
  <param pos="0" name="os.vendor" value="Cisco"/>
1617
1706
  <param pos="0" name="os.product" value="Wireless LAN Controller"/>
1618
- <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
1707
+ <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller_software:-"/>
1619
1708
  </fingerprint>
1620
1709
 
1621
1710
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
@@ -1776,6 +1865,7 @@
1776
1865
  <param pos="0" name="service.vendor" value="Standard Networks"/>
1777
1866
  <param pos="0" name="service.family" value="MOVEit DMZ"/>
1778
1867
  <param pos="0" name="service.product" value="MOVEit DMZ"/>
1868
+ <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:{service.version}"/>
1779
1869
  <param pos="0" name="os.vendor" value="Microsoft"/>
1780
1870
  <param pos="0" name="os.family" value="Windows"/>
1781
1871
  <param pos="0" name="os.product" value="Windows"/>
@@ -1864,7 +1954,8 @@
1864
1954
  <param pos="1" name="service.version"/>
1865
1955
  <param pos="0" name="service.vendor" value="Attachmate"/>
1866
1956
  <param pos="0" name="service.family" value="Reflection"/>
1867
- <param pos="0" name="service.product" value="Reflection"/>
1957
+ <param pos="0" name="service.product" value="Reflection for Secure IT"/>
1958
+ <param pos="0" name="service.cpe23" value="cpe:/a:attachmate:reflection_for_secure_it:{service.version}"/>
1868
1959
  </fingerprint>
1869
1960
 
1870
1961
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
@@ -1883,6 +1974,7 @@
1883
1974
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1884
1975
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1885
1976
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1977
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1886
1978
  </fingerprint>
1887
1979
 
1888
1980
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
@@ -1894,6 +1986,7 @@
1894
1986
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1895
1987
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1896
1988
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1989
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1897
1990
  </fingerprint>
1898
1991
 
1899
1992
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
@@ -1907,6 +2000,7 @@
1907
2000
  <param pos="0" name="service.vendor" value="SSH Communications Security"/>
1908
2001
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1909
2002
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
2003
+ <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
1910
2004
  </fingerprint>
1911
2005
 
1912
2006
  <fingerprint pattern="^ARRIS_(.*)$">
@@ -1994,6 +2088,7 @@
1994
2088
  <param pos="0" name="service.vendor" value="Standard Networks"/>
1995
2089
  <param pos="0" name="service.family" value="MOVEit DMZ"/>
1996
2090
  <param pos="0" name="service.product" value="MOVEit DMZ"/>
2091
+ <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:moveit_dmz:-"/>
1997
2092
  <param pos="0" name="os.vendor" value="Microsoft"/>
1998
2093
  <param pos="0" name="os.family" value="Windows"/>
1999
2094
  <param pos="0" name="os.product" value="Windows"/>
@@ -2019,7 +2114,12 @@
2019
2114
  <param pos="0" name="os.vendor" value="NetApp"/>
2020
2115
  <param pos="0" name="os.family" value="Data ONTAP"/>
2021
2116
  <param pos="0" name="os.product" value="Data ONTAP"/>
2117
+ <param pos="0" name="os.device" value="NAS"/>
2022
2118
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
2119
+ <param pos="0" name="hw.vendor" value="NetApp"/>
2120
+ <param pos="0" name="hw.family" value="Data ONTAP"/>
2121
+ <param pos="0" name="hw.product" value="Data ONTAP"/>
2122
+ <param pos="0" name="hw.device" value="NAS"/>
2023
2123
  </fingerprint>
2024
2124
 
2025
2125
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
@@ -2125,6 +2225,19 @@
2125
2225
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
2126
2226
  </fingerprint>
2127
2227
 
2228
+ <fingerprint pattern="^Zyxel SSH server$">
2229
+ <description>Zyxel Firewall SSH service</description>
2230
+ <example>Zyxel SSH server</example>
2231
+ <param pos="0" name="service.vendor" value="Zyxel"/>
2232
+ <param pos="0" name="service.family" value="Zywall"/>
2233
+ <param pos="0" name="os.vendor" value="Zyxel"/>
2234
+ <param pos="0" name="os.product" value="ZyNOS firmware"/>
2235
+ <param pos="0" name="os.cpe23" value="cpe:/o:zyxel:zynos_firmware:-"/>
2236
+ <param pos="0" name="hw.vendor" value="Zyxel"/>
2237
+ <param pos="0" name="hw.device" value="Firewall"/>
2238
+ <param pos="0" name="hw.family" value="Unified Security Gateway"/>
2239
+ </fingerprint>
2240
+
2128
2241
  <!--
2129
2242
  1.2.22j4rad
2130
2243
  2.40
data/xml/telnet_banners.xml CHANGED
@@ -550,7 +550,7 @@
550
550
  </example>
551
551
  <param pos="0" name="hw.vendor" value="Grandstream"/>
552
552
  <param pos="0" name="hw.family" value="GXV"/>
553
- <param pos="0" name="hw.device" value="Web cam"/>
553
+ <param pos="0" name="hw.device" value="IP Camera"/>
554
554
  <param pos="1" name="hw.product"/>
555
555
  </fingerprint>
556
556
 
@@ -617,7 +617,7 @@
617
617
  <param pos="0" name="hw.vendor" value="SMA Solar Technology Ag"/>
618
618
  <param pos="0" name="hw.family" value="Sunny"/>
619
619
  <param pos="0" name="hw.product" value="WebBox"/>
620
- <param pos="0" name="hw.device" value="Power device"/>
620
+ <param pos="0" name="hw.device" value="Power Device"/>
621
621
  <param pos="0" name="os.vendor" value="Microsoft"/>
622
622
  <param pos="0" name="os.family" value="Windows"/>
623
623
  <param pos="0" name="os.product" value="Windows CE"/>
@@ -1018,7 +1018,7 @@
1018
1018
  <param pos="5" name="os.version.version"/>
1019
1019
  </fingerprint>
1020
1020
 
1021
- <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:-_\&amp;]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
1021
+ <fingerprint pattern="^Model name\s+: (MiiNePort [\w-]+)(?:\r|\n|\x00)+Serial No.\s+: (\d+)(?:\r|\n|\x00)+Device name\s+: [\w:\&amp;-]+(?:\r|\n|\x00)+Firmware version\s+: ([\d.]+) Build (\d+)(?:\r|\n|\x00)+Ethernet MAC address: ([\w:]+)(?:\r|\n|\x00)+">
1022
1022
  <description>Moxa MiiNePort Series Embedded device server</description>
1023
1023
  <!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
1024
1024
 
@@ -1064,6 +1064,7 @@
1064
1064
  <param pos="0" name="hw.family" value="EDR"/>
1065
1065
  <param pos="0" name="hw.device" value="Router"/>
1066
1066
  <param pos="0" name="hw.product" value="EDR-G902"/>
1067
+ <param pos="0" name="hw.cpe23" value="cpe:/h:moxa:edr-g902:-"/>
1067
1068
  <param pos="0" name="os.vendor" value="Moxa"/>
1068
1069
  <param pos="0" name="os.family" value="EDR"/>
1069
1070
  <param pos="0" name="os.device" value="Router"/>
@@ -1231,10 +1232,13 @@
1231
1232
  <param pos="0" name="os.vendor" value="Arescom"/>
1232
1233
  <param pos="0" name="os.device" value="WAP"/>
1233
1234
  <param pos="1" name="os.model"/>
1235
+ <param pos="0" name="hw.vendor" value="Arescom"/>
1236
+ <param pos="0" name="hw.device" value="WAP"/>
1237
+ <param pos="1" name="hw.model"/>
1234
1238
  </fingerprint>
1235
1239
 
1236
1240
  <fingerprint pattern="^Welcome to ViewStation">
1237
- <description>Polycom ViewStation Video Vonference System</description>
1241
+ <description>Polycom ViewStation Video Conference System</description>
1238
1242
  <!-- Welcome to ViewStation\nPassword: -->
1239
1243
 
1240
1244
  <example _encoding="base64">
@@ -1252,7 +1256,7 @@
1252
1256
  Rmxvd1BvaW50LzIyMDAgU0RTTCBbQVRNXSBSb3V0ZXIgZnAyMjAwLTEyIHYzLjAuMiBSZWFkeQpMb2dpbjog
1253
1257
  </example>
1254
1258
  <param pos="0" name="os.vendor" value="FlowPoint"/>
1255
- <param pos="0" name="hw.device" value="Broadband router"/>
1259
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1256
1260
  <param pos="0" name="hw.product" value="DSL Router"/>
1257
1261
  <param pos="1" name="hw.model"/>
1258
1262
  <param pos="2" name="os.version"/>
@@ -1267,7 +1271,7 @@
1267
1271
  MpIDIwMDEtMjAwMyBieSBHbG9iZXNwYW5WaXJhdGEsIEluYy4KCgpsb2dpbjog
1268
1272
  </example>
1269
1273
  <param pos="0" name="os.vendor" value="Conexant"/>
1270
- <param pos="0" name="hw.device" value="Broadband router"/>
1274
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1271
1275
  <param pos="1" name="os.version"/>
1272
1276
  </fingerprint>
1273
1277
 
@@ -1491,7 +1495,12 @@
1491
1495
  <param pos="0" name="os.vendor" value="NetApp"/>
1492
1496
  <param pos="0" name="os.family" value="Data ONTAP"/>
1493
1497
  <param pos="0" name="os.product" value="Data ONTAP"/>
1498
+ <param pos="0" name="os.device" value="NAS"/>
1494
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1500
+ <param pos="0" name="hw.vendor" value="NetApp"/>
1501
+ <param pos="0" name="hw.family" value="Data ONTAP"/>
1502
+ <param pos="0" name="hw.product" value="Data ONTAP"/>
1503
+ <param pos="0" name="hw.device" value="NAS"/>
1495
1504
  </fingerprint>
1496
1505
 
1497
1506
  <fingerprint pattern="OpenVMS.*Version\sV([^\s]+).*">
@@ -1573,7 +1582,7 @@
1573
1582
  T1JUPj4+TE9HT04gUEFTU1dPUkQ+My4yNyoqKioqKg==
1574
1583
  </example>
1575
1584
  <param pos="0" name="os.vendor" value="Conexant"/>
1576
- <param pos="0" name="os.device" value="Broadband router"/>
1585
+ <param pos="0" name="os.device" value="Broadband Router"/>
1577
1586
  <param pos="0" name="os.product" value="AccessRunner ADSL router"/>
1578
1587
  </fingerprint>
1579
1588
 
@@ -1586,7 +1595,7 @@
1586
1595
  RoZSBjb25uZWN0aW9uIHJlcXVlc3QgISEh
1587
1596
  </example>
1588
1597
  <param pos="0" name="hw.vendor" value="DrayTek"/>
1589
- <param pos="0" name="hw.device" value="Broadband router"/>
1598
+ <param pos="0" name="hw.device" value="Broadband Router"/>
1590
1599
  <param pos="0" name="hw.product" value="Vigor"/>
1591
1600
  </fingerprint>
1592
1601
 
@@ -1797,7 +1806,7 @@
1797
1806
  \n \nServer Name: PS-B04E8E\nServer Model: LPV 2 - TX 1\nF / W Version: 2.00 J \nMAC Address: AE 32 EA 21 BB E3\n
1798
1807
  Uptime: 0 days, 00: 00: 12\n \nPlease Enter Password:"-->
1799
1808
 
1800
- <example _encoding="base64" os.version="2.00" host.id="PS-B04E8E" os.model="LPV" os.address="AE 32 EA 21 BB E3">
1809
+ <example _encoding="base64" os.version="2.00" host.id="PS-B04E8E" hw.model="LPV" host.mac="AE 32 EA 21 BB E3">
1801
1810
  KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiogV2VsY29tZSB0byBNRUxDTyBQc
1802
1811
  mludCBTZXJ2ZXIgKlxuKiBUZWxuZXQgQ29uc29sZSAqXG4qKioqKioqKioqKioqKioqKioqKioqKi
1803
1812
  oqKioqKioqKioqKlxuIFxuU2VydmVyIE5hbWU6IFBTLUIwNEU4RVxuU2VydmVyIE1vZGVsOiBMUFY
@@ -1807,11 +1816,13 @@
1807
1816
  </example>
1808
1817
  <param pos="0" name="os.vendor" value="Buffalo"/>
1809
1818
  <param pos="0" name="os.family" value="PrintServer"/>
1810
- <param pos="0" name="os.device" value="Printer"/>
1819
+ <param pos="0" name="os.device" value="Print Server"/>
1811
1820
  <param pos="1" name="host.id"/>
1812
- <param pos="2" name="os.model"/>
1821
+ <param pos="0" name="hw.vendor" value="Buffalo"/>
1822
+ <param pos="0" name="hw.device" value="Print Server"/>
1823
+ <param pos="2" name="hw.model"/>
1813
1824
  <param pos="3" name="os.version"/>
1814
- <param pos="4" name="os.address"/>
1825
+ <param pos="4" name="host.mac"/>
1815
1826
  </fingerprint>
1816
1827
 
1817
1828
  <fingerprint pattern="^(?m)AIX Version\W(\d).*">
@@ -1943,9 +1954,9 @@
1943
1954
  <example _encoding="base64" os.version="2.90.00">
1944
1955
  UHJlY2lzZS9SVENTIHYyLjkwLjAwIFRlbG5ldCBzZXJ2ZXIKCgpTZXJ2aWNlIFBvcnQgTWFuYWdlciBBY3RpdmUKCjxFc2M+IEVuZHMgU2Vzc2lvbgoKroot
1945
1956
  </example>
1946
- <param pos="0" name="hw.device" value="Power device"/>
1957
+ <param pos="0" name="hw.device" value="Power Device"/>
1947
1958
  <param pos="0" name="hw.vendor" value="Liebert"/>
1948
- <param pos="0" name="os.device" value="Power device"/>
1959
+ <param pos="0" name="os.device" value="Power Device"/>
1949
1960
  <param pos="0" name="os.vendor" value="Liebert"/>
1950
1961
  <param pos="1" name="os.version"/>
1951
1962
  </fingerprint>
@@ -2065,4 +2076,23 @@
2065
2076
  <param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
2066
2077
  </fingerprint>
2067
2078
 
2079
+ <fingerprint pattern="^(?:\r|\n|\s)*UDP/TCP/IP Stack: ACT Video security">
2080
+ <description>ACT Security IP Cameras</description>
2081
+ <!--
2082
+ UDP/TCP/IP Stack: ACT Video security\r\n
2083
+ V5.8\r\n
2084
+ Welcome connection : 192.168.0.1:61300\r\n
2085
+ \r\n
2086
+ Password:
2087
+ -->
2088
+
2089
+ <example _encoding="base64">
2090
+ VURQL1RDUC9JUCBTdGFjazogQUNUIFZpZGVvIHNlY3VyaXR5DQpWNS44DQpX
2091
+ ZWxjb21lIGNvbm5lY3Rpb24gOiAxOTIuMTY4LjAuMTo2MTMwMA0KDQpQYXNz
2092
+ d29yZDog
2093
+ </example>
2094
+ <param pos="0" name="hw.vendor" value="ACT Security"/>
2095
+ <param pos="0" name="hw.device" value="IP Camera"/>
2096
+ </fingerprint>
2097
+
2068
2098
  </fingerprints>