recog 2.3.17 → 2.3.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/bin/recog_standardize +6 -0
- data/cpe-remap.yaml +342 -200
- data/identifiers/README.md +24 -10
- data/identifiers/fields.txt +104 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +11 -0
- data/identifiers/hw_product.txt +71 -0
- data/identifiers/os_device.txt +2 -1
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +36 -8
- data/identifiers/service_family.txt +10 -1
- data/identifiers/service_product.txt +78 -2
- data/identifiers/vendor.txt +55 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +18 -5
- data/xml/apache_modules.xml +60 -0
- data/xml/apache_os.xml +1 -1
- data/xml/dns_versionbind.xml +11 -1
- data/xml/favicons.xml +122 -3
- data/xml/ftp_banners.xml +62 -51
- data/xml/html_title.xml +553 -41
- data/xml/http_cookies.xml +262 -61
- data/xml/http_servers.xml +478 -108
- data/xml/http_wwwauth.xml +36 -9
- data/xml/imap_banners.xml +5 -5
- data/xml/ldap_searchresult.xml +1 -0
- data/xml/mdns_device-info_txt.xml +340 -10
- data/xml/mysql_banners.xml +2 -1
- data/xml/nntp_banners.xml +1 -1
- data/xml/ntp_banners.xml +16 -2
- data/xml/operating_system.xml +4 -4
- data/xml/pop_banners.xml +4 -4
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +347 -9
- data/xml/sip_user_agents.xml +323 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +160 -33
- data/xml/smtp_banners.xml +167 -128
- data/xml/smtp_expn.xml +1 -0
- data/xml/smtp_vrfy.xml +1 -0
- data/xml/snmp_sysdescr.xml +205 -36
- data/xml/ssh_banners.xml +139 -25
- data/xml/telnet_banners.xml +92 -48
- data/xml/tls_jarm.xml +140 -0
- data/xml/x509_issuers.xml +201 -2
- data/xml/x509_subjects.xml +251 -32
- metadata +5 -2
data/xml/sip_user_agents.xml
CHANGED
@@ -4,6 +4,95 @@
|
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
5
5
|
-->
|
6
6
|
|
7
|
+
<!-- Generic high volume matches -->
|
8
|
+
|
9
|
+
<fingerprint pattern="^SIP/2.0$">
|
10
|
+
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
11
|
+
<example>SIP/2.0</example>
|
12
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
13
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
14
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
15
|
+
</fingerprint>
|
16
|
+
|
17
|
+
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
18
|
+
<description>TP-Link SIP enabled device</description>
|
19
|
+
<example>TP-Link SIP Stack V1.0.0</example>
|
20
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
21
|
+
</fingerprint>
|
22
|
+
|
23
|
+
<fingerprint pattern="^DLink VoIP Stack$">
|
24
|
+
<description>DLink SIP enabled device</description>
|
25
|
+
<example>DLink VoIP Stack</example>
|
26
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
27
|
+
</fingerprint>
|
28
|
+
|
29
|
+
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
30
|
+
<description>Zyxel home routers</description>
|
31
|
+
<example>Home&Life HUB/1.1.26.00</example>
|
32
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
33
|
+
<param pos="1" name="os.version"/>
|
34
|
+
<param pos="0" name="os.device" value="Router"/>
|
35
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
36
|
+
<param pos="0" name="hw.device" value="Router"/>
|
37
|
+
</fingerprint>
|
38
|
+
|
39
|
+
<!-- Technicolor devices -->
|
40
|
+
|
41
|
+
<fingerprint pattern="^Technicolor / VANT-6 / AGTOT_([\d.]+) / AGTOT_[\d.]+$">
|
42
|
+
<description>Technicolor TG789vac Router</description>
|
43
|
+
<example os.version="2.1.4">Technicolor / VANT-6 / AGTOT_2.1.4 / AGTOT_2.1.4</example>
|
44
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
45
|
+
<param pos="0" name="os.device" value="Router"/>
|
46
|
+
<param pos="1" name="os.version"/>
|
47
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
48
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
49
|
+
<param pos="0" name="hw.device" value="Router"/>
|
50
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
51
|
+
</fingerprint>
|
52
|
+
|
53
|
+
<fingerprint pattern="^Technicolor / VANT-6$">
|
54
|
+
<description>Technicolor TG789vac Router w/o version string</description>
|
55
|
+
<example>Technicolor / VANT-6</example>
|
56
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
57
|
+
<param pos="0" name="os.device" value="Router"/>
|
58
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
59
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
60
|
+
<param pos="0" name="hw.device" value="Router"/>
|
61
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
62
|
+
</fingerprint>
|
63
|
+
|
64
|
+
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
65
|
+
<description>Technicolor TGxxx Router with build info</description>
|
66
|
+
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
67
|
+
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
68
|
+
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
69
|
+
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
70
|
+
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
71
|
+
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
72
|
+
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
73
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
74
|
+
<param pos="0" name="os.device" value="Router"/>
|
75
|
+
<param pos="2" name="os.version"/>
|
76
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
77
|
+
<param pos="1" name="hw.product"/>
|
78
|
+
<param pos="0" name="hw.device" value="Router"/>
|
79
|
+
</fingerprint>
|
80
|
+
|
81
|
+
<!-- Thomson was an older name for Technicolor-->
|
82
|
+
|
83
|
+
<fingerprint pattern="^Thomson (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
84
|
+
<description>Thomson TGxxx Router with build info</description>
|
85
|
+
<example hw.product="TG784" os.version="8.4.2.Q">Thomson TG784 Build 8.4.2.Q</example>
|
86
|
+
<example hw.product="TG784n" os.version="8.4.H.F">Thomson TG784n Build 8.4.H.F</example>
|
87
|
+
<example hw.product="TG797n" os.version="8.C.D.9">Thomson TG797n v2 Build 8.C.D.9</example>
|
88
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
89
|
+
<param pos="0" name="os.device" value="Router"/>
|
90
|
+
<param pos="2" name="os.version"/>
|
91
|
+
<param pos="0" name="hw.vendor" value="Thomson"/>
|
92
|
+
<param pos="1" name="hw.product"/>
|
93
|
+
<param pos="0" name="hw.device" value="Router"/>
|
94
|
+
</fingerprint>
|
95
|
+
|
7
96
|
<!-- Axis devices -->
|
8
97
|
|
9
98
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
@@ -43,10 +132,12 @@
|
|
43
132
|
<!-- AVM.DE Devices -->
|
44
133
|
|
45
134
|
<fingerprint pattern="^FRITZ!OS$">
|
46
|
-
<description>AVM
|
135
|
+
<description>AVM Fritz!OS Device</description>
|
47
136
|
<example>FRITZ!OS</example>
|
48
137
|
<param pos="0" name="os.vendor" value="AVM"/>
|
49
|
-
<param pos="0" name="os.product" value="FRITZ!
|
138
|
+
<param pos="0" name="os.product" value="FRITZ!OS"/>
|
139
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:avm:fritz\!os:-"/>
|
140
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
50
141
|
</fingerprint>
|
51
142
|
|
52
143
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
@@ -67,6 +158,8 @@
|
|
67
158
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
68
159
|
<param pos="1" name="os.product"/>
|
69
160
|
<param pos="2" name="os.version"/>
|
161
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
162
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
70
163
|
</fingerprint>
|
71
164
|
|
72
165
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
@@ -77,15 +170,19 @@
|
|
77
170
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
78
171
|
<param pos="1" name="os.product"/>
|
79
172
|
<param pos="2" name="os.version"/>
|
173
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
174
|
+
<param pos="0" name="hw.family" value="FRITZ!Fon"/>
|
80
175
|
</fingerprint>
|
81
176
|
|
82
177
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
83
|
-
<description>AVM Multibox</description>
|
178
|
+
<description>AVM Multibox - Generic</description>
|
84
179
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
85
180
|
<param pos="0" name="os.vendor" value="AVM"/>
|
86
181
|
<param pos="0" name="os.family" value="Multibox"/>
|
87
182
|
<param pos="1" name="os.product"/>
|
88
183
|
<param pos="2" name="os.version"/>
|
184
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
185
|
+
<param pos="1" name="hw.product"/>
|
89
186
|
</fingerprint>
|
90
187
|
|
91
188
|
<!-- Huawei devices -->
|
@@ -196,7 +293,7 @@
|
|
196
293
|
<param pos="2" name="hw.version"/>
|
197
294
|
</fingerprint>
|
198
295
|
|
199
|
-
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)
|
296
|
+
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)$">
|
200
297
|
<description>Nero SIPPS IP Phone</description>
|
201
298
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
202
299
|
<param pos="0" name="service.vendor" value="Nero"/>
|
@@ -245,4 +342,226 @@
|
|
245
342
|
<param pos="1" name="hw.product"/>
|
246
343
|
</fingerprint>
|
247
344
|
|
345
|
+
<!-- Grandstream -->
|
346
|
+
|
347
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
348
|
+
|
349
|
+
<fingerprint pattern="^Grandstream HT818 ([\d.]+)$">
|
350
|
+
<description>Grandstream Handy Tone HT818</description>
|
351
|
+
<example os.version="1.0.8.7">Grandstream HT818 1.0.8.7</example>
|
352
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
353
|
+
<param pos="0" name="os.product" value="HT818 Firmware"/>
|
354
|
+
<param pos="1" name="os.version"/>
|
355
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
356
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht818_firmware:{os.version}"/>
|
357
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
358
|
+
<param pos="0" name="hw.product" value="HT818"/>
|
359
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
360
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht818:-"/>
|
361
|
+
</fingerprint>
|
362
|
+
|
363
|
+
<fingerprint pattern="^Grandstream HT814 ([\d.]+)$">
|
364
|
+
<description>Grandstream Handy Tone HT814</description>
|
365
|
+
<example os.version="1.0.9.3">Grandstream HT814 1.0.9.3</example>
|
366
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
367
|
+
<param pos="0" name="os.product" value="HT814 Firmware"/>
|
368
|
+
<param pos="1" name="os.version"/>
|
369
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
370
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht814_firmware:{os.version}"/>
|
371
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
372
|
+
<param pos="0" name="hw.product" value="HT814"/>
|
373
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
374
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht814:-"/>
|
375
|
+
</fingerprint>
|
376
|
+
|
377
|
+
<fingerprint pattern="^Grandstream HT813 ([\d.]+)$">
|
378
|
+
<description>Grandstream Handy Tone HT813</description>
|
379
|
+
<example os.version="1.0.1.2">Grandstream HT813 1.0.1.2</example>
|
380
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
381
|
+
<param pos="0" name="os.product" value="HT813 Firmware"/>
|
382
|
+
<param pos="1" name="os.version"/>
|
383
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
384
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht813_firmware:{os.version}"/>
|
385
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
386
|
+
<param pos="0" name="hw.product" value="HT813"/>
|
387
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
388
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht813:-"/>
|
389
|
+
</fingerprint>
|
390
|
+
|
391
|
+
<fingerprint pattern="^Grandstream HT812 ([\d.]+)$">
|
392
|
+
<description>Grandstream Handy Tone HT812</description>
|
393
|
+
<example os.version="1.0.3.5">Grandstream HT812 1.0.3.5</example>
|
394
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
395
|
+
<param pos="0" name="os.product" value="HT812 Firmware"/>
|
396
|
+
<param pos="1" name="os.version"/>
|
397
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
398
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht812_firmware:{os.version}"/>
|
399
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
400
|
+
<param pos="0" name="hw.product" value="HT812"/>
|
401
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
402
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht812:-"/>
|
403
|
+
</fingerprint>
|
404
|
+
|
405
|
+
<fingerprint pattern="^Grandstream HT802 ([\d.]+)$">
|
406
|
+
<description>Grandstream Handy Tone HT802</description>
|
407
|
+
<example os.version="1.0.3.2">Grandstream HT802 1.0.3.2</example>
|
408
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
409
|
+
<param pos="0" name="os.product" value="HT802 Firmware"/>
|
410
|
+
<param pos="1" name="os.version"/>
|
411
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
412
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht802_firmware:{os.version}"/>
|
413
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
414
|
+
<param pos="0" name="hw.product" value="HT802"/>
|
415
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
416
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht802:-"/>
|
417
|
+
</fingerprint>
|
418
|
+
|
419
|
+
<fingerprint pattern="^Grandstream HT801 ([\d.]+)$">
|
420
|
+
<description>Grandstream Handy Tone HT801</description>
|
421
|
+
<example os.version="1.0.3.2">Grandstream HT801 1.0.3.2</example>
|
422
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
423
|
+
<param pos="0" name="os.product" value="HT801 Firmware"/>
|
424
|
+
<param pos="1" name="os.version"/>
|
425
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
426
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht801_firmware:{os.version}"/>
|
427
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
428
|
+
<param pos="0" name="hw.product" value="HT801"/>
|
429
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
430
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht801:-"/>
|
431
|
+
</fingerprint>
|
432
|
+
|
433
|
+
<!-- Grandstream Handy Tone catchall for when CPEs aren't required for vuln mapping-->
|
434
|
+
|
435
|
+
<fingerprint pattern="^Grandstream (HT7\d\d) ([\d.]+)$">
|
436
|
+
<description>Grandstream Handy Tone HT7xx</description>
|
437
|
+
<example hw.product="HT701" os.version="1.0.8.2">Grandstream HT701 1.0.8.2</example>
|
438
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
439
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
440
|
+
<param pos="2" name="os.version"/>
|
441
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
442
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
443
|
+
<param pos="1" name="hw.product"/>
|
444
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
445
|
+
</fingerprint>
|
446
|
+
|
447
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
448
|
+
|
449
|
+
<fingerprint pattern="^Grandstream GXP2200 ([\d.]+)$">
|
450
|
+
<description>Grandstream GXP SIP Phone GXP2200</description>
|
451
|
+
<example os.version="1.0.3.27">Grandstream GXP2200 1.0.3.27</example>
|
452
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
453
|
+
<param pos="0" name="os.product" value="GXP2200 Firmware"/>
|
454
|
+
<param pos="1" name="os.version"/>
|
455
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
456
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp2200_firmware:{os.version}"/>
|
457
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
458
|
+
<param pos="0" name="hw.product" value="GXP2200"/>
|
459
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
460
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp2200:-"/>
|
461
|
+
</fingerprint>
|
462
|
+
|
463
|
+
<fingerprint pattern="^Grandstream GXP1628 ([\d.]+)$">
|
464
|
+
<description>Grandstream GXP SIP Phone GXP1628</description>
|
465
|
+
<example os.version="1.0.7.6">Grandstream GXP1628 1.0.7.6</example>
|
466
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
467
|
+
<param pos="0" name="os.product" value="GXP1628 Firmware"/>
|
468
|
+
<param pos="1" name="os.version"/>
|
469
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
470
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1628_firmware:{os.version}"/>
|
471
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
472
|
+
<param pos="0" name="hw.product" value="GXP1628"/>
|
473
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
474
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1628:-"/>
|
475
|
+
</fingerprint>
|
476
|
+
|
477
|
+
<fingerprint pattern="^Grandstream GXP1625 ([\d.]+)$">
|
478
|
+
<description>Grandstream GXP SIP Phone GXP1625</description>
|
479
|
+
<example os.version="1.0.4.128">Grandstream GXP1625 1.0.4.128</example>
|
480
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
481
|
+
<param pos="0" name="os.product" value="GXP1625 Firmware"/>
|
482
|
+
<param pos="1" name="os.version"/>
|
483
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
484
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1625_firmware:{os.version}"/>
|
485
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
486
|
+
<param pos="0" name="hw.product" value="GXP1625"/>
|
487
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
488
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1625:-"/>
|
489
|
+
</fingerprint>
|
490
|
+
|
491
|
+
<fingerprint pattern="^Grandstream GXP1615 ([\d.]+)$">
|
492
|
+
<description>Grandstream GXP SIP Phone GXP1615</description>
|
493
|
+
<example os.version="1.0.4.128">Grandstream GXP1615 1.0.4.128</example>
|
494
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
495
|
+
<param pos="0" name="os.product" value="GXP1615 Firmware"/>
|
496
|
+
<param pos="1" name="os.version"/>
|
497
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
498
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1615_firmware:{os.version}"/>
|
499
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
500
|
+
<param pos="0" name="hw.product" value="GXP1615"/>
|
501
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
502
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1615:-"/>
|
503
|
+
</fingerprint>
|
504
|
+
|
505
|
+
<fingerprint pattern="^Grandstream GXP1610 ([\d.]+)$">
|
506
|
+
<description>Grandstream GXP SIP Phone GXP1610</description>
|
507
|
+
<example os.version="1.0.4.138">Grandstream GXP1610 1.0.4.138</example>
|
508
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
509
|
+
<param pos="0" name="os.product" value="GXP1610 Firmware"/>
|
510
|
+
<param pos="1" name="os.version"/>
|
511
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
512
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1610_firmware:{os.version}"/>
|
513
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
514
|
+
<param pos="0" name="hw.product" value="GXP1610"/>
|
515
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
516
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1610:-"/>
|
517
|
+
</fingerprint>
|
518
|
+
|
519
|
+
<!-- Grandstream GXP catchall for when CPEs aren't required for vuln mapping-->
|
520
|
+
|
521
|
+
<fingerprint pattern="^Grandstream (GXP\d\d\d\d) ([\d.]+)$">
|
522
|
+
<description>Grandstream GXP SIP Phone</description>
|
523
|
+
<example hw.product="GXP2135" os.version="1.0.9.108">Grandstream GXP2135 1.0.9.108</example>
|
524
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
525
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
526
|
+
<param pos="2" name="os.version"/>
|
527
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
528
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
529
|
+
<param pos="1" name="hw.product"/>
|
530
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
531
|
+
</fingerprint>
|
532
|
+
|
533
|
+
<fingerprint pattern="^FortiVoice/([\w.-]+)$">
|
534
|
+
<description>Fortinet FortiVoice</description>
|
535
|
+
<example service.version="7.31b00">FortiVoice/7.31b00</example>
|
536
|
+
<example service.version="5.2.95-5">FortiVoice/5.2.95-5</example>
|
537
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
538
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
539
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
540
|
+
<param pos="1" name="service.version"/>
|
541
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:{service.version}"/>
|
542
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
543
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
544
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
545
|
+
</fingerprint>
|
546
|
+
|
547
|
+
<fingerprint pattern="^FreeSWITCH$">
|
548
|
+
<description>FreeSWITCH FreeSWITCH without version</description>
|
549
|
+
<example>FreeSWITCH</example>
|
550
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
551
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
552
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
553
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
554
|
+
</fingerprint>
|
555
|
+
|
556
|
+
<fingerprint pattern="^FreeSWITCH-mod_sofia/([\d.]+)">
|
557
|
+
<description>FreeSWITCH FreeSWITCH with version, mod_sofia</description>
|
558
|
+
<example service.version="1.10.4">FreeSWITCH-mod_sofia/1.10.4-release+git~20200805T110119Z~133fc2c870~64bit</example>
|
559
|
+
<example service.version="1.6.20">FreeSWITCH-mod_sofia/1.6.20~64bit</example>
|
560
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
561
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
562
|
+
<param pos="1" name="service.version"/>
|
563
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
564
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
565
|
+
</fingerprint>
|
566
|
+
|
248
567
|
</fingerprints>
|
data/xml/smb_native_lm.xml
CHANGED
@@ -40,7 +40,7 @@
|
|
40
40
|
<fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
|
41
41
|
<description>Samba</description>
|
42
42
|
<example>Samba 3.0.24</example>
|
43
|
-
<example>Samba 3.0.28a</example>
|
43
|
+
<example service.version="3.0.28a">Samba 3.0.28a</example>
|
44
44
|
<example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
|
45
45
|
<example>Samba 3.6.3</example>
|
46
46
|
<example>Samba 3.6.6</example>
|
@@ -51,6 +51,20 @@
|
|
51
51
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
52
52
|
</fingerprint>
|
53
53
|
|
54
|
+
<fingerprint pattern="^Samba (?:Samba )?for GuardianOS v\.?(\d\.[\d.]+)$">
|
55
|
+
<description>Samba on a SnapServer appliance</description>
|
56
|
+
<example os.version="4.3.007.200609131215">Samba Samba for GuardianOS v4.3.007.200609131215</example>
|
57
|
+
<example os.version="5.0.133.200807301131">Samba Samba for GuardianOS v5.0.133.200807301131</example>
|
58
|
+
<example os.version="7.7.220">Samba for GuardianOS v.7.7.220</example>
|
59
|
+
<param pos="0" name="service.vendor" value="Samba"/>
|
60
|
+
<param pos="0" name="service.product" value="Samba"/>
|
61
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:-"/>
|
62
|
+
<param pos="0" name="os.vendor" value="SnapServer"/>
|
63
|
+
<param pos="0" name="os.family" value="Linux"/>
|
64
|
+
<param pos="0" name="os.product" value="GuardianOS"/>
|
65
|
+
<param pos="1" name="os.version"/>
|
66
|
+
</fingerprint>
|
67
|
+
|
54
68
|
<fingerprint pattern="^Netreon LANMAN 1.0$">
|
55
69
|
<description>Netreon SAN software</description>
|
56
70
|
<example>Netreon LANMAN 1.0</example>
|
@@ -67,4 +81,21 @@
|
|
67
81
|
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
|
68
82
|
</fingerprint>
|
69
83
|
|
84
|
+
<fingerprint pattern="^NQ (\d\.\d+)$">
|
85
|
+
<description>Visuality Systems NQ Enterprise Storage SMB stack</description>
|
86
|
+
<example service.version="7.3">NQ 7.3</example>
|
87
|
+
<example service.version="4.32">NQ 4.32</example>
|
88
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
89
|
+
<param pos="0" name="service.product" value="NQ"/>
|
90
|
+
<param pos="1" name="service.version"/>
|
91
|
+
</fingerprint>
|
92
|
+
|
93
|
+
<fingerprint pattern="^YNQ (\d\.[\d.]+)$">
|
94
|
+
<description>Visuality Systems YNQ Storage SMB stack</description>
|
95
|
+
<example service.version="1.2.1">YNQ 1.2.1</example>
|
96
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
97
|
+
<param pos="0" name="service.product" value="YNQ"/>
|
98
|
+
<param pos="1" name="service.version"/>
|
99
|
+
</fingerprint>
|
100
|
+
|
70
101
|
</fingerprints>
|
data/xml/smb_native_os.xml
CHANGED
@@ -2,6 +2,9 @@
|
|
2
2
|
<fingerprints matches="smb.native_os" protocol="smb" database_type="util.os">
|
3
3
|
<!--
|
4
4
|
SMB fingerprints obtained from the Native OS field of SMB negotations
|
5
|
+
NOTE: os.version is used to capture Service Pack for Microsoft Windows.
|
6
|
+
This is inconsistent with other OSs and CPE generation and should
|
7
|
+
be reviewed for correction.
|
5
8
|
-->
|
6
9
|
|
7
10
|
<fingerprint pattern="^(Windows NT \d\.\d+)$">
|
@@ -39,6 +42,14 @@
|
|
39
42
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_xp:-"/>
|
40
43
|
</fingerprint>
|
41
44
|
|
45
|
+
<fingerprint pattern="^Windows 6.1$">
|
46
|
+
<description>Spoofed value often used by Samba -- assert nothing.</description>
|
47
|
+
<example>Windows 6.1</example>
|
48
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
49
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
50
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
51
|
+
</fingerprint>
|
52
|
+
|
42
53
|
<fingerprint pattern="^Windows XP (\d+) (Service Pack \d+)$">
|
43
54
|
<description>Windows XP with Service Pack</description>
|
44
55
|
<example os.build="2600" os.version="Service Pack 1">Windows XP 2600 Service Pack 1</example>
|
@@ -195,7 +206,7 @@
|
|
195
206
|
<!-- TODO: Need an example string -->
|
196
207
|
|
197
208
|
<fingerprint pattern="^Windows \(R\) Storage Server 2008 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
198
|
-
<description>Windows
|
209
|
+
<description>Windows Server 2008 Storage</description>
|
199
210
|
<param pos="0" name="os.certainty" value="1.0"/>
|
200
211
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
201
212
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -216,8 +227,6 @@
|
|
216
227
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
217
228
|
</fingerprint>
|
218
229
|
|
219
|
-
<!-- TODO: Need an example string -->
|
220
|
-
|
221
230
|
<fingerprint pattern="^Windows Server 2008 HPC Edition (\d+)$">
|
222
231
|
<description>Windows Web Server 2008 HPC</description>
|
223
232
|
<example>Windows Server 2008 HPC Edition 7600</example>
|
@@ -257,30 +266,6 @@
|
|
257
266
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
258
267
|
</fingerprint>
|
259
268
|
|
260
|
-
<fingerprint pattern="^Windows Server 2016(?: Technical Preview \d+)? (\w+|\w+ \w+|\w+ \w+ \w+)(?: Evaluation)? (\d+)$">
|
261
|
-
<description>Windows Server 2016 with a build, without service pack</description>
|
262
|
-
<example os.edition="Datacenter" os.build="14393">Windows Server 2016 Datacenter 14393</example>
|
263
|
-
<example os.edition="Standard" os.build="14393">Windows Server 2016 Standard Evaluation 14393</example>
|
264
|
-
<example os.edition="Essentials" os.build="10586">Windows Server 2016 Technical Preview 4 Essentials 10586</example>
|
265
|
-
<param pos="0" name="os.certainty" value="1.0"/>
|
266
|
-
<param pos="0" name="os.vendor" value="Microsoft"/>
|
267
|
-
<param pos="0" name="os.product" value="Windows Server 2016"/>
|
268
|
-
<param pos="1" name="os.edition"/>
|
269
|
-
<param pos="2" name="os.build"/>
|
270
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
271
|
-
</fingerprint>
|
272
|
-
|
273
|
-
<fingerprint pattern="^Windows Storage Server 2016 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
274
|
-
<description>Windows Server 2016 Storage</description>
|
275
|
-
<example os.build="14393">Windows Storage Server 2016 Standard 14393</example>
|
276
|
-
<param pos="0" name="os.certainty" value="1.0"/>
|
277
|
-
<param pos="0" name="os.vendor" value="Microsoft"/>
|
278
|
-
<param pos="0" name="os.product" value="Windows Server 2016"/>
|
279
|
-
<param pos="0" name="os.edition" value="Storage"/>
|
280
|
-
<param pos="1" name="os.build"/>
|
281
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
282
|
-
</fingerprint>
|
283
|
-
|
284
269
|
<fingerprint pattern="^Windows Web Server 2008 R2 (\d+) (Service Pack \d+)$">
|
285
270
|
<description>Windows Server 2008 R2 Web</description>
|
286
271
|
<example os.version="Service Pack 1">Windows Web Server 2008 R2 7601 Service Pack 1</example>
|
@@ -316,6 +301,81 @@
|
|
316
301
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
317
302
|
</fingerprint>
|
318
303
|
|
304
|
+
<fingerprint pattern="^Hyper-V Server 7601 Service Pack 1$">
|
305
|
+
<description>Windows Server 2008 R2 Hyper-V</description>
|
306
|
+
<example>Hyper-V Server 7601 Service Pack 1</example>
|
307
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
308
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
309
|
+
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
310
|
+
<param pos="0" name="os.edition" value="Hyper-V"/>
|
311
|
+
<param pos="0" name="os.build" value="7601"/>
|
312
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
313
|
+
</fingerprint>
|
314
|
+
|
315
|
+
<!-- Windows 2019 -->
|
316
|
+
|
317
|
+
<fingerprint pattern="^Windows Server 2019 (\w+|\w+ \w+|\w+ \w+ \w+)(?: Evaluation)? (\d+)$">
|
318
|
+
<description>Windows Server 2019 with a build, without service pack</description>
|
319
|
+
<example os.build="17763" os.edition="Standard">Windows Server 2019 Standard 17763</example>
|
320
|
+
<example os.build="17763" os.edition="Standard">Windows Server 2019 Standard Evaluation 17763</example>
|
321
|
+
<example os.build="17763" os.edition="Datacenter">Windows Server 2019 Datacenter 17763</example>
|
322
|
+
<example os.build="17763" os.edition="Essentials">Windows Server 2019 Essentials 17763</example>
|
323
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
324
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
325
|
+
<param pos="0" name="os.product" value="Windows Server 2019"/>
|
326
|
+
<param pos="1" name="os.edition"/>
|
327
|
+
<param pos="2" name="os.build"/>
|
328
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2019:-"/>
|
329
|
+
</fingerprint>
|
330
|
+
|
331
|
+
<fingerprint pattern="^Hyper-V Server 2019 (\d+)$">
|
332
|
+
<description>Windows Server 2019 Hyper-V</description>
|
333
|
+
<example os.build="17763">Hyper-V Server 2019 17763</example>
|
334
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
335
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
336
|
+
<param pos="0" name="os.product" value="Windows Server 2019"/>
|
337
|
+
<param pos="0" name="os.edition" value="Hyper-V"/>
|
338
|
+
<param pos="1" name="os.build"/>
|
339
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2019:-"/>
|
340
|
+
</fingerprint>
|
341
|
+
|
342
|
+
<!-- Windows 2016 -->
|
343
|
+
|
344
|
+
<fingerprint pattern="^Windows Server 2016(?: Technical Preview \d+)? (\w+|\w+ \w+|\w+ \w+ \w+)(?: Evaluation)? (\d+)$">
|
345
|
+
<description>Windows Server 2016 with a build, without service pack</description>
|
346
|
+
<example os.edition="Datacenter" os.build="14393">Windows Server 2016 Datacenter 14393</example>
|
347
|
+
<example os.edition="Standard" os.build="14393">Windows Server 2016 Standard Evaluation 14393</example>
|
348
|
+
<example os.edition="Essentials" os.build="10586">Windows Server 2016 Technical Preview 4 Essentials 10586</example>
|
349
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
350
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
351
|
+
<param pos="0" name="os.product" value="Windows Server 2016"/>
|
352
|
+
<param pos="1" name="os.edition"/>
|
353
|
+
<param pos="2" name="os.build"/>
|
354
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
355
|
+
</fingerprint>
|
356
|
+
|
357
|
+
<fingerprint pattern="^Windows Storage Server 2016 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
358
|
+
<description>Windows Server 2016 Storage</description>
|
359
|
+
<example os.build="14393">Windows Storage Server 2016 Standard 14393</example>
|
360
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
361
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
362
|
+
<param pos="0" name="os.product" value="Windows Server 2016"/>
|
363
|
+
<param pos="0" name="os.edition" value="Storage"/>
|
364
|
+
<param pos="1" name="os.build"/>
|
365
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
366
|
+
</fingerprint>
|
367
|
+
|
368
|
+
<fingerprint pattern="^Hyper-V Server 2016 (\d+)$">
|
369
|
+
<description>Windows Server 2016 Hyper-V</description>
|
370
|
+
<example os.build="14393">Hyper-V Server 2016 14393</example>
|
371
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
372
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
373
|
+
<param pos="0" name="os.product" value="Windows Server 2016"/>
|
374
|
+
<param pos="0" name="os.edition" value="Hyper-V"/>
|
375
|
+
<param pos="1" name="os.build"/>
|
376
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
377
|
+
</fingerprint>
|
378
|
+
|
319
379
|
<fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
320
380
|
<description>Windows Vista (SP)</description>
|
321
381
|
<example os.edition="Home Premium" os.version="Service Pack 2">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
|
@@ -385,10 +445,9 @@
|
|
385
445
|
|
386
446
|
<!-- Windows 2012 R2 matches go first to simplify the regular expressions -->
|
387
447
|
|
388
|
-
<!-- TODO: Need an example string -->
|
389
|
-
|
390
448
|
<fingerprint pattern="^Windows Server 2012 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
391
449
|
<description>Windows Server 2012 R2 (SP)</description>
|
450
|
+
<example os.build="9600" os.edition="Standard" os.version="Service Pack 1">Windows Server 2012 R2 Standard 9600 Service Pack 1</example>
|
392
451
|
<param pos="0" name="os.certainty" value="1.0"/>
|
393
452
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
394
453
|
<param pos="0" name="os.product" value="Windows Server 2012 R2"/>
|
@@ -400,7 +459,7 @@
|
|
400
459
|
|
401
460
|
<fingerprint pattern="^Windows Server 2012 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
402
461
|
<description>Windows Server 2012 R2</description>
|
403
|
-
<example os.edition="Standard">Windows Server 2012 R2 Standard 9600</example>
|
462
|
+
<example os.build="9600" os.edition="Standard">Windows Server 2012 R2 Standard 9600</example>
|
404
463
|
<param pos="0" name="os.certainty" value="1.0"/>
|
405
464
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
406
465
|
<param pos="0" name="os.product" value="Windows Server 2012 R2"/>
|
@@ -409,10 +468,35 @@
|
|
409
468
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
410
469
|
</fingerprint>
|
411
470
|
|
412
|
-
|
471
|
+
<fingerprint pattern="^Windows Storage Server 2012 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
472
|
+
<description>Windows Server 2012 R2 Storage</description>
|
473
|
+
<example os.build="9600" os.edition="Standard">Windows Storage Server 2012 R2 Standard 9600</example>
|
474
|
+
<example os.build="9600" os.edition="Workgroup">Windows Storage Server 2012 R2 Workgroup 9600</example>
|
475
|
+
<example os.build="9600" os.edition="Essentials">Windows Storage Server 2012 R2 Essentials 9600</example>
|
476
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
477
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
478
|
+
<param pos="0" name="os.product" value="Windows Server 2012 R2"/>
|
479
|
+
<param pos="1" name="os.edition"/>
|
480
|
+
<param pos="2" name="os.build"/>
|
481
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
482
|
+
</fingerprint>
|
483
|
+
|
484
|
+
<fingerprint pattern="^Hyper-V Server 2012 R2 (\d+)$">
|
485
|
+
<description>Windows Server 2012 R2 Hyper-V</description>
|
486
|
+
<example os.build="9600">Hyper-V Server 2012 R2 9600</example>
|
487
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
488
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
489
|
+
<param pos="0" name="os.product" value="Windows Server 2012 R2"/>
|
490
|
+
<param pos="0" name="os.edition" value="Hyper-V"/>
|
491
|
+
<param pos="1" name="os.build"/>
|
492
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
493
|
+
</fingerprint>
|
494
|
+
|
495
|
+
<!-- Windows 2012 -->
|
413
496
|
|
414
497
|
<fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
415
498
|
<description>Windows Server 2012 (SP)</description>
|
499
|
+
<example os.build="9200" os.edition="Standard" os.version="Service Pack 1">Windows Server 2012 Standard 9200 Service Pack 1</example>
|
416
500
|
<param pos="0" name="os.certainty" value="1.0"/>
|
417
501
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
418
502
|
<param pos="0" name="os.product" value="Windows Server 2012"/>
|
@@ -433,6 +517,29 @@
|
|
433
517
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
434
518
|
</fingerprint>
|
435
519
|
|
520
|
+
<fingerprint pattern="^Windows Storage Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
521
|
+
<description>Windows Server 2012 Storage</description>
|
522
|
+
<example os.build="9200" os.edition="Standard">Windows Storage Server 2012 Standard 9200</example>
|
523
|
+
<example os.build="9200" os.edition="Workgroup">Windows Storage Server 2012 Workgroup 9200</example>
|
524
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
525
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
526
|
+
<param pos="0" name="os.product" value="Windows Server 2012"/>
|
527
|
+
<param pos="1" name="os.edition"/>
|
528
|
+
<param pos="2" name="os.build"/>
|
529
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
530
|
+
</fingerprint>
|
531
|
+
|
532
|
+
<fingerprint pattern="^Hyper-V Server 2012 (\d+)$">
|
533
|
+
<description>Windows Server 2012 Hyper-V</description>
|
534
|
+
<example os.build="9200">Hyper-V Server 2012 9200</example>
|
535
|
+
<param pos="0" name="os.certainty" value="1.0"/>
|
536
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
537
|
+
<param pos="0" name="os.product" value="Windows Server 2012"/>
|
538
|
+
<param pos="0" name="os.edition" value="Hyper-V"/>
|
539
|
+
<param pos="1" name="os.build"/>
|
540
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
541
|
+
</fingerprint>
|
542
|
+
|
436
543
|
<fingerprint pattern="^Windows MultiPoint Server 2012 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
437
544
|
<description>Windows MultiPoint Server 2012 (SP)</description>
|
438
545
|
<example os.build="9201" os.version="Service Pack 1">Windows MultiPoint Server 2012 Premium 9201 Service Pack 1</example>
|
@@ -487,7 +594,7 @@
|
|
487
594
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
|
488
595
|
</fingerprint>
|
489
596
|
|
490
|
-
<fingerprint pattern="^VxWorks">
|
597
|
+
<fingerprint pattern="^VxWorks$">
|
491
598
|
<description>VxWorks</description>
|
492
599
|
<example>VxWorks</example>
|
493
600
|
<param pos="0" name="os.certainty" value="0.5"/>
|
@@ -498,9 +605,10 @@
|
|
498
605
|
<param pos="0" name="service.product" value="VxWorks CIFS"/>
|
499
606
|
</fingerprint>
|
500
607
|
|
501
|
-
<fingerprint pattern="^OS
|
608
|
+
<fingerprint pattern="^OS/?400 \D(\d+)\D(\d+)\D(\d+)$">
|
502
609
|
<description>OS/400</description>
|
503
610
|
<example os.version="4" os.version.version="5" os.version.version.version="0">OS/400 V4R5M0</example>
|
611
|
+
<example os.version="5" os.version.version="4" os.version.version.version="5">OS400 V5R4M5</example>
|
504
612
|
<param pos="0" name="os.vendor" value="IBM"/>
|
505
613
|
<param pos="0" name="os.product" value="OS/400"/>
|
506
614
|
<param pos="1" name="os.version"/>
|
@@ -509,6 +617,17 @@
|
|
509
617
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:{os.version}"/>
|
510
618
|
</fingerprint>
|
511
619
|
|
620
|
+
<fingerprint pattern="^I5OS \D(\d+)\D(\d+)\D(\d+)$">
|
621
|
+
<description>IBM i5/OS</description>
|
622
|
+
<example os.version="6" os.version.version="1" os.version.version.version="1">I5OS V6R1M1</example>
|
623
|
+
<param pos="0" name="os.vendor" value="IBM"/>
|
624
|
+
<param pos="0" name="os.product" value="i5/OS"/>
|
625
|
+
<param pos="1" name="os.version"/>
|
626
|
+
<param pos="2" name="os.version.version"/>
|
627
|
+
<param pos="3" name="os.version.version.version"/>
|
628
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:i5os:{os.version}"/>
|
629
|
+
</fingerprint>
|
630
|
+
|
512
631
|
<fingerprint pattern="^Apple Base Station$">
|
513
632
|
<description>SMB exposed via SMB shared USB disks on Apple devices</description>
|
514
633
|
<example>Apple Base Station</example>
|
@@ -538,6 +657,14 @@
|
|
538
657
|
<param pos="0" name="service.vendor" value="Netreon"/>
|
539
658
|
</fingerprint>
|
540
659
|
|
660
|
+
<fingerprint pattern="^QTS$">
|
661
|
+
<description>QNAP QTS</description>
|
662
|
+
<example>QTS</example>
|
663
|
+
<param pos="0" name="os.vendor" value="QNAP"/>
|
664
|
+
<param pos="0" name="os.product" value="QTS"/>
|
665
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:qnap:qts:-"/>
|
666
|
+
</fingerprint>
|
667
|
+
|
541
668
|
<!-- VisionFS -->
|
542
669
|
|
543
670
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)ai(\d{4})">
|