recog 2.3.17 → 2.3.21
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/bin/recog_standardize +6 -0
- data/cpe-remap.yaml +342 -200
- data/identifiers/README.md +24 -10
- data/identifiers/fields.txt +104 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +11 -0
- data/identifiers/hw_product.txt +71 -0
- data/identifiers/os_device.txt +2 -1
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +36 -8
- data/identifiers/service_family.txt +10 -1
- data/identifiers/service_product.txt +78 -2
- data/identifiers/vendor.txt +55 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +18 -5
- data/xml/apache_modules.xml +60 -0
- data/xml/apache_os.xml +1 -1
- data/xml/dns_versionbind.xml +11 -1
- data/xml/favicons.xml +122 -3
- data/xml/ftp_banners.xml +62 -51
- data/xml/html_title.xml +553 -41
- data/xml/http_cookies.xml +262 -61
- data/xml/http_servers.xml +478 -108
- data/xml/http_wwwauth.xml +36 -9
- data/xml/imap_banners.xml +5 -5
- data/xml/ldap_searchresult.xml +1 -0
- data/xml/mdns_device-info_txt.xml +340 -10
- data/xml/mysql_banners.xml +2 -1
- data/xml/nntp_banners.xml +1 -1
- data/xml/ntp_banners.xml +16 -2
- data/xml/operating_system.xml +4 -4
- data/xml/pop_banners.xml +4 -4
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +347 -9
- data/xml/sip_user_agents.xml +323 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +160 -33
- data/xml/smtp_banners.xml +167 -128
- data/xml/smtp_expn.xml +1 -0
- data/xml/smtp_vrfy.xml +1 -0
- data/xml/snmp_sysdescr.xml +205 -36
- data/xml/ssh_banners.xml +139 -25
- data/xml/telnet_banners.xml +92 -48
- data/xml/tls_jarm.xml +140 -0
- data/xml/x509_issuers.xml +201 -2
- data/xml/x509_subjects.xml +251 -32
- metadata +5 -2
data/identifiers/vendor.txt
CHANGED
@@ -1,10 +1,13 @@
|
|
1
|
+
3CX
|
1
2
|
3Com
|
2
3
|
8x8 Inc.
|
3
4
|
A.K.I Software
|
4
5
|
ACME
|
6
|
+
ACT Security
|
5
7
|
ADB
|
6
8
|
ADC
|
7
9
|
ADTRAN
|
10
|
+
AIOHTTP Project
|
8
11
|
ALCATEL
|
9
12
|
ALT
|
10
13
|
ALU
|
@@ -22,12 +25,14 @@ AT&T Worldworx
|
|
22
25
|
ATEN
|
23
26
|
ATG
|
24
27
|
ATL Telecom Limited
|
28
|
+
ATT
|
25
29
|
AVM
|
26
30
|
AVT
|
27
31
|
AVTECH
|
28
32
|
AXIS
|
29
33
|
Aastra
|
30
34
|
Accelerated Technology
|
35
|
+
AdGuard
|
31
36
|
Adaptec
|
32
37
|
Adobe
|
33
38
|
Adtran
|
@@ -77,6 +82,7 @@ AudioCodes
|
|
77
82
|
Avaya
|
78
83
|
Avery Dennison
|
79
84
|
Avigilon
|
85
|
+
Avleen Vig
|
80
86
|
Avocent
|
81
87
|
Axis
|
82
88
|
Axonius
|
@@ -87,6 +93,7 @@ BT
|
|
87
93
|
Bandura Labs
|
88
94
|
Bangteng
|
89
95
|
Barco
|
96
|
+
Barracuda
|
90
97
|
Berkeley Software Design Inc.
|
91
98
|
Bftpd Project
|
92
99
|
Bigfoot
|
@@ -110,6 +117,7 @@ CDVI
|
|
110
117
|
CSM
|
111
118
|
Cabletron
|
112
119
|
CaddyServer
|
120
|
+
Calibre-Web Project
|
113
121
|
Calient
|
114
122
|
Calnex
|
115
123
|
Cambium Networks
|
@@ -126,6 +134,7 @@ Cesanta
|
|
126
134
|
Chainpoint
|
127
135
|
Check Point
|
128
136
|
Checkpoint
|
137
|
+
Cherokee Project
|
129
138
|
CherryPy
|
130
139
|
Ciena
|
131
140
|
Cintech Tele-Management
|
@@ -153,12 +162,14 @@ Compuware
|
|
153
162
|
Conectiva
|
154
163
|
Conexant
|
155
164
|
Congruency, Inc.
|
165
|
+
ConnectWise
|
156
166
|
Couchbase
|
157
167
|
Cradlepoint
|
158
168
|
Crestron
|
159
169
|
Critical Path
|
160
170
|
CrushFTP
|
161
171
|
CrystalVoice Communications
|
172
|
+
Cumulus
|
162
173
|
Cyberoam
|
163
174
|
D J Bernstein
|
164
175
|
D-Link
|
@@ -176,11 +187,13 @@ Debian
|
|
176
187
|
Dell
|
177
188
|
Deutsche Telekom
|
178
189
|
Device42
|
190
|
+
Dialogic
|
179
191
|
Digi
|
180
192
|
Digitronic Computersysteme GmbH
|
181
193
|
Digium
|
182
194
|
DirectLOGIC
|
183
195
|
DocuWiki
|
196
|
+
Dokuwiki
|
184
197
|
Double Precision
|
185
198
|
Dovecot
|
186
199
|
Dr. Neuhaus Mikroelektronik
|
@@ -206,7 +219,9 @@ Embedthis
|
|
206
219
|
Emby
|
207
220
|
Emerson
|
208
221
|
Emulex
|
222
|
+
Encode
|
209
223
|
Enterasys
|
224
|
+
Envoy Proxy
|
210
225
|
Epson
|
211
226
|
EqualLogic
|
212
227
|
Equivalence (OpenH323)
|
@@ -231,6 +246,7 @@ Firefly
|
|
231
246
|
Floosietek
|
232
247
|
FlowPoint
|
233
248
|
Flussonic
|
249
|
+
Flyspray
|
234
250
|
Folding@home
|
235
251
|
Fortinet
|
236
252
|
Foscam
|
@@ -238,6 +254,7 @@ Foundry
|
|
238
254
|
Foundry Networks
|
239
255
|
FreeBSD
|
240
256
|
FreePBX
|
257
|
+
FreeSWITCH
|
241
258
|
Fuji Xerox
|
242
259
|
Fujitsu
|
243
260
|
Fujitsu Siemens
|
@@ -261,6 +278,7 @@ GitLab
|
|
261
278
|
Gitea
|
262
279
|
Global Technology Associates
|
263
280
|
GlobalScape
|
281
|
+
Gogs
|
264
282
|
Google
|
265
283
|
Gordano
|
266
284
|
Grafana
|
@@ -277,6 +295,7 @@ HP
|
|
277
295
|
HPE
|
278
296
|
Hadoop
|
279
297
|
Haivision
|
298
|
+
Hak5
|
280
299
|
Hanwha Techwin
|
281
300
|
HashiCorp
|
282
301
|
Hauni Elektronik
|
@@ -298,6 +317,7 @@ ISC
|
|
298
317
|
ISDN Communications
|
299
318
|
ITO Communications
|
300
319
|
Idea
|
320
|
+
Ignite Realtime
|
301
321
|
ImageCom
|
302
322
|
Imagistics
|
303
323
|
Inari Inc.
|
@@ -313,7 +333,10 @@ Internet Archive
|
|
313
333
|
Inveo
|
314
334
|
Ipswitch
|
315
335
|
Isilon
|
336
|
+
Istio
|
337
|
+
JFrog
|
316
338
|
Jamf
|
339
|
+
Jellyfin
|
317
340
|
Jenkins
|
318
341
|
JetBrains
|
319
342
|
Juniper
|
@@ -352,10 +375,12 @@ LibreNMS
|
|
352
375
|
Liebert
|
353
376
|
Lifesize
|
354
377
|
LigoWave
|
378
|
+
Ligowave
|
355
379
|
Linksys
|
356
380
|
Linux
|
357
381
|
LiteSpeed Technologies
|
358
382
|
LiveWorks Limited
|
383
|
+
Logitech
|
359
384
|
Lotus
|
360
385
|
Loxone
|
361
386
|
Lucent
|
@@ -385,8 +410,10 @@ Mercury Security
|
|
385
410
|
Merit LILIN
|
386
411
|
Mersive
|
387
412
|
MetaInfo
|
413
|
+
Metabase
|
388
414
|
MiBridge Inc.
|
389
415
|
Michael Tokarev
|
416
|
+
MicroStrategy
|
390
417
|
Microplex
|
391
418
|
Microsoft
|
392
419
|
MikroTik
|
@@ -396,11 +423,13 @@ Mitel
|
|
396
423
|
Mobatek
|
397
424
|
Mobotix
|
398
425
|
Mocana
|
426
|
+
MoinMoin
|
399
427
|
Moodle
|
400
428
|
Mort Bay
|
401
429
|
Motion Media Technology
|
402
430
|
Motorola
|
403
431
|
Moxa
|
432
|
+
Mozilla
|
404
433
|
MultiTech
|
405
434
|
Multicraft
|
406
435
|
Munin
|
@@ -435,6 +464,7 @@ Netwave
|
|
435
464
|
Network Alchemy Limited
|
436
465
|
Network Equipment Technologies
|
437
466
|
Neustar
|
467
|
+
Nextcloud
|
438
468
|
Nokia
|
439
469
|
Nokia-Siemens
|
440
470
|
Nominum
|
@@ -443,6 +473,7 @@ Norton
|
|
443
473
|
Novell
|
444
474
|
OPNsense
|
445
475
|
Objective Communications
|
476
|
+
Observium
|
446
477
|
Oce
|
447
478
|
Octopus
|
448
479
|
Oki
|
@@ -453,6 +484,8 @@ OpenLDAP
|
|
453
484
|
OpenMediaVault
|
454
485
|
OpenNAC
|
455
486
|
OpenResty
|
487
|
+
OpenSER
|
488
|
+
OpenSIPS
|
456
489
|
OpenSUSE
|
457
490
|
OpenStack
|
458
491
|
OpenVMS
|
@@ -464,6 +497,7 @@ Oracle
|
|
464
497
|
Overland
|
465
498
|
Oversee
|
466
499
|
PHP
|
500
|
+
PIAF
|
467
501
|
PLD
|
468
502
|
PRTG
|
469
503
|
Pagoo, Inc.
|
@@ -476,7 +510,10 @@ Paradyne
|
|
476
510
|
Parallels
|
477
511
|
Paramiko
|
478
512
|
Paul Smith Computer Services
|
513
|
+
Pelco
|
479
514
|
Percona
|
515
|
+
Perl
|
516
|
+
Phacility
|
480
517
|
Philips
|
481
518
|
Philips Video Conferencing Systems
|
482
519
|
Pi-hole
|
@@ -498,6 +535,7 @@ Process Software
|
|
498
535
|
Progress
|
499
536
|
Prometheus
|
500
537
|
Pronet
|
538
|
+
Proxmox
|
501
539
|
Pulse Secure
|
502
540
|
Pure Storage
|
503
541
|
PureFTPd
|
@@ -527,6 +565,7 @@ Rhino Software
|
|
527
565
|
Ricoh
|
528
566
|
Ridgeway Systems and Software
|
529
567
|
Rifatron
|
568
|
+
Riverbed
|
530
569
|
Riverstone
|
531
570
|
Rockliffe
|
532
571
|
Rockwell Automation
|
@@ -550,8 +589,10 @@ SMA Solar Technology Ag
|
|
550
589
|
SMC Networks
|
551
590
|
SPIP
|
552
591
|
SSH Communications Security
|
592
|
+
STARFACE GmhH
|
553
593
|
SUSE
|
554
594
|
SafeNet
|
595
|
+
Sage
|
555
596
|
Samba
|
556
597
|
Samsung
|
557
598
|
Sangoma
|
@@ -585,6 +626,7 @@ Silver Peak
|
|
585
626
|
Siqura
|
586
627
|
Slackware
|
587
628
|
SmoothWall
|
629
|
+
SnapServer
|
588
630
|
Sofrel
|
589
631
|
Softing
|
590
632
|
SolarWinds
|
@@ -605,6 +647,7 @@ StarNet Communications Corp.
|
|
605
647
|
StarVox, Inc.
|
606
648
|
StartCom
|
607
649
|
Steinsvik
|
650
|
+
Strategic Cyber LLC
|
608
651
|
StreamComm
|
609
652
|
SuSE
|
610
653
|
Sun
|
@@ -616,6 +659,7 @@ Symantec
|
|
616
659
|
Symbol
|
617
660
|
Symbol Technologies Inc.
|
618
661
|
Symplified
|
662
|
+
Synacor
|
619
663
|
Syndeo Corp.
|
620
664
|
Synology
|
621
665
|
SysMaster Corporation
|
@@ -626,9 +670,11 @@ TP-LINK
|
|
626
670
|
TRENDnet
|
627
671
|
TVersity
|
628
672
|
TYPO3
|
673
|
+
Tableau
|
629
674
|
Tandberg
|
630
675
|
Taobao
|
631
676
|
Tasman Networks
|
677
|
+
Technicolor
|
632
678
|
Tektronix
|
633
679
|
Teldat H. Kruszynski, M. Cichocki Sp. J.
|
634
680
|
TeleStream Technologies, Inc.
|
@@ -641,14 +687,17 @@ Thekelleys
|
|
641
687
|
Thomson
|
642
688
|
TigerVNC
|
643
689
|
TightVNC
|
690
|
+
Tildeslash
|
644
691
|
Tilgin
|
645
692
|
Tintro
|
646
693
|
Tinyproxy Project
|
647
694
|
Tivo
|
648
695
|
Tobit Software
|
649
696
|
Tokutek
|
697
|
+
Tor Project
|
650
698
|
TornadoWeb
|
651
699
|
Toshiba
|
700
|
+
Traefik Labs
|
652
701
|
Treck
|
653
702
|
Tridium
|
654
703
|
Troy
|
@@ -679,6 +728,7 @@ VideoServer
|
|
679
728
|
Vignette
|
680
729
|
Vine
|
681
730
|
Vircom
|
731
|
+
Visuality Systems
|
682
732
|
Vizio
|
683
733
|
VocalTec Communications, Inc.
|
684
734
|
Västgöta-Data AB
|
@@ -688,12 +738,14 @@ Washington University
|
|
688
738
|
WatchGuard
|
689
739
|
WeOnlyDo
|
690
740
|
WebTrends
|
741
|
+
Webmin
|
691
742
|
Westbay Engineers
|
692
743
|
Westell
|
693
744
|
Western Digital
|
694
745
|
White Box
|
695
746
|
Wildix
|
696
747
|
Wind River
|
748
|
+
Wowza
|
697
749
|
Wowza Media Systems
|
698
750
|
X.Org
|
699
751
|
XAMPP
|
@@ -707,6 +759,7 @@ Xitami
|
|
707
759
|
Xlight
|
708
760
|
Xubuntu
|
709
761
|
Xyplex
|
762
|
+
Xytronix
|
710
763
|
Yamaha
|
711
764
|
Yealink
|
712
765
|
Yocto
|
@@ -723,6 +776,7 @@ cPanel
|
|
723
776
|
cz.nic
|
724
777
|
enGenius
|
725
778
|
estos
|
779
|
+
etherpad
|
726
780
|
exim
|
727
781
|
gdnsd
|
728
782
|
home.pl
|
@@ -734,6 +788,7 @@ lighttpd
|
|
734
788
|
mod_ssl
|
735
789
|
mod_wsgi
|
736
790
|
nginx
|
791
|
+
ninenines
|
737
792
|
noVNC
|
738
793
|
ownCloud
|
739
794
|
pfSense
|
data/lib/recog/nizer.rb
CHANGED
@@ -8,13 +8,13 @@ class Nizer
|
|
8
8
|
# Non-weighted host attributes that can be extracted from fingerprint matches
|
9
9
|
HOST_ATTRIBUTES = %W{
|
10
10
|
host.domain
|
11
|
-
host.id
|
12
11
|
host.ip
|
13
12
|
host.mac
|
14
13
|
host.name
|
15
14
|
host.time
|
16
15
|
hw.device
|
17
16
|
hw.family
|
17
|
+
hw.serial_number
|
18
18
|
hw.product
|
19
19
|
hw.vendor
|
20
20
|
}
|
@@ -264,84 +264,3 @@ class Nizer
|
|
264
264
|
|
265
265
|
end
|
266
266
|
end
|
267
|
-
|
268
|
-
=begin
|
269
|
-
|
270
|
-
Current key names:
|
271
|
-
|
272
|
-
apache.info
|
273
|
-
apache.variant
|
274
|
-
apache.variant.version
|
275
|
-
cookie
|
276
|
-
host.domain
|
277
|
-
host.id
|
278
|
-
host.ip
|
279
|
-
host.mac
|
280
|
-
host.name
|
281
|
-
host.time
|
282
|
-
hw.device
|
283
|
-
hw.family
|
284
|
-
hw.product
|
285
|
-
hw.vendor
|
286
|
-
imail.eval
|
287
|
-
jetty.info
|
288
|
-
junction.cookie
|
289
|
-
junction.name
|
290
|
-
linux.kernel.version
|
291
|
-
loadbalancer.poolname
|
292
|
-
mdaemon.unregistered
|
293
|
-
mercur.os.info
|
294
|
-
metainfo.version
|
295
|
-
metainfo.version.version
|
296
|
-
ms.nttp.version
|
297
|
-
notes.build.version
|
298
|
-
notes.intl
|
299
|
-
ntmail.id
|
300
|
-
openssh.comment
|
301
|
-
openssh.cvepatch
|
302
|
-
os.arch
|
303
|
-
os.build
|
304
|
-
os.certainty
|
305
|
-
os.device
|
306
|
-
os.edition
|
307
|
-
os.family
|
308
|
-
os.product
|
309
|
-
os.vendor
|
310
|
-
os.version
|
311
|
-
os.version.version
|
312
|
-
os.version.version.version
|
313
|
-
postfix.os.info
|
314
|
-
postoffice.build
|
315
|
-
postoffice.id
|
316
|
-
proftpd.server.name
|
317
|
-
pureftpd.config
|
318
|
-
qpopper.version
|
319
|
-
sendmail.config.version
|
320
|
-
sendmail.hpux.phne.version
|
321
|
-
sendmail.vendor.version
|
322
|
-
service.certainty
|
323
|
-
service.component.family
|
324
|
-
service.component.product
|
325
|
-
service.component.vendor
|
326
|
-
service.component.version
|
327
|
-
service.family
|
328
|
-
service.product
|
329
|
-
service.vendor
|
330
|
-
service.version
|
331
|
-
service.version.version
|
332
|
-
service.version.version.version
|
333
|
-
service.version.version.version.version
|
334
|
-
service.version.version.version.version.version
|
335
|
-
siemens.model
|
336
|
-
snmp.fpmib.oid.1
|
337
|
-
snmp.fpmib.oid.2
|
338
|
-
system.time
|
339
|
-
system.time.format
|
340
|
-
system.time.micros
|
341
|
-
system.time.millis
|
342
|
-
thttpd.mx-patch
|
343
|
-
timeout
|
344
|
-
tomcat.info
|
345
|
-
zmailer.ident
|
346
|
-
|
347
|
-
=end
|
data/lib/recog/version.rb
CHANGED
data/requirements.txt
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
lxml==4.6.
|
1
|
+
lxml==4.6.3
|
2
2
|
pyyaml
|