recog 2.3.17 → 2.3.21
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/bin/recog_standardize +6 -0
- data/cpe-remap.yaml +342 -200
- data/identifiers/README.md +24 -10
- data/identifiers/fields.txt +104 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +11 -0
- data/identifiers/hw_product.txt +71 -0
- data/identifiers/os_device.txt +2 -1
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +36 -8
- data/identifiers/service_family.txt +10 -1
- data/identifiers/service_product.txt +78 -2
- data/identifiers/vendor.txt +55 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +18 -5
- data/xml/apache_modules.xml +60 -0
- data/xml/apache_os.xml +1 -1
- data/xml/dns_versionbind.xml +11 -1
- data/xml/favicons.xml +122 -3
- data/xml/ftp_banners.xml +62 -51
- data/xml/html_title.xml +553 -41
- data/xml/http_cookies.xml +262 -61
- data/xml/http_servers.xml +478 -108
- data/xml/http_wwwauth.xml +36 -9
- data/xml/imap_banners.xml +5 -5
- data/xml/ldap_searchresult.xml +1 -0
- data/xml/mdns_device-info_txt.xml +340 -10
- data/xml/mysql_banners.xml +2 -1
- data/xml/nntp_banners.xml +1 -1
- data/xml/ntp_banners.xml +16 -2
- data/xml/operating_system.xml +4 -4
- data/xml/pop_banners.xml +4 -4
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +347 -9
- data/xml/sip_user_agents.xml +323 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +160 -33
- data/xml/smtp_banners.xml +167 -128
- data/xml/smtp_expn.xml +1 -0
- data/xml/smtp_vrfy.xml +1 -0
- data/xml/snmp_sysdescr.xml +205 -36
- data/xml/ssh_banners.xml +139 -25
- data/xml/telnet_banners.xml +92 -48
- data/xml/tls_jarm.xml +140 -0
- data/xml/x509_issuers.xml +201 -2
- data/xml/x509_subjects.xml +251 -32
- metadata +5 -2
data/identifiers/vendor.txt
CHANGED
@@ -1,10 +1,13 @@
|
|
1
|
+
3CX
|
1
2
|
3Com
|
2
3
|
8x8 Inc.
|
3
4
|
A.K.I Software
|
4
5
|
ACME
|
6
|
+
ACT Security
|
5
7
|
ADB
|
6
8
|
ADC
|
7
9
|
ADTRAN
|
10
|
+
AIOHTTP Project
|
8
11
|
ALCATEL
|
9
12
|
ALT
|
10
13
|
ALU
|
@@ -22,12 +25,14 @@ AT&T Worldworx
|
|
22
25
|
ATEN
|
23
26
|
ATG
|
24
27
|
ATL Telecom Limited
|
28
|
+
ATT
|
25
29
|
AVM
|
26
30
|
AVT
|
27
31
|
AVTECH
|
28
32
|
AXIS
|
29
33
|
Aastra
|
30
34
|
Accelerated Technology
|
35
|
+
AdGuard
|
31
36
|
Adaptec
|
32
37
|
Adobe
|
33
38
|
Adtran
|
@@ -77,6 +82,7 @@ AudioCodes
|
|
77
82
|
Avaya
|
78
83
|
Avery Dennison
|
79
84
|
Avigilon
|
85
|
+
Avleen Vig
|
80
86
|
Avocent
|
81
87
|
Axis
|
82
88
|
Axonius
|
@@ -87,6 +93,7 @@ BT
|
|
87
93
|
Bandura Labs
|
88
94
|
Bangteng
|
89
95
|
Barco
|
96
|
+
Barracuda
|
90
97
|
Berkeley Software Design Inc.
|
91
98
|
Bftpd Project
|
92
99
|
Bigfoot
|
@@ -110,6 +117,7 @@ CDVI
|
|
110
117
|
CSM
|
111
118
|
Cabletron
|
112
119
|
CaddyServer
|
120
|
+
Calibre-Web Project
|
113
121
|
Calient
|
114
122
|
Calnex
|
115
123
|
Cambium Networks
|
@@ -126,6 +134,7 @@ Cesanta
|
|
126
134
|
Chainpoint
|
127
135
|
Check Point
|
128
136
|
Checkpoint
|
137
|
+
Cherokee Project
|
129
138
|
CherryPy
|
130
139
|
Ciena
|
131
140
|
Cintech Tele-Management
|
@@ -153,12 +162,14 @@ Compuware
|
|
153
162
|
Conectiva
|
154
163
|
Conexant
|
155
164
|
Congruency, Inc.
|
165
|
+
ConnectWise
|
156
166
|
Couchbase
|
157
167
|
Cradlepoint
|
158
168
|
Crestron
|
159
169
|
Critical Path
|
160
170
|
CrushFTP
|
161
171
|
CrystalVoice Communications
|
172
|
+
Cumulus
|
162
173
|
Cyberoam
|
163
174
|
D J Bernstein
|
164
175
|
D-Link
|
@@ -176,11 +187,13 @@ Debian
|
|
176
187
|
Dell
|
177
188
|
Deutsche Telekom
|
178
189
|
Device42
|
190
|
+
Dialogic
|
179
191
|
Digi
|
180
192
|
Digitronic Computersysteme GmbH
|
181
193
|
Digium
|
182
194
|
DirectLOGIC
|
183
195
|
DocuWiki
|
196
|
+
Dokuwiki
|
184
197
|
Double Precision
|
185
198
|
Dovecot
|
186
199
|
Dr. Neuhaus Mikroelektronik
|
@@ -206,7 +219,9 @@ Embedthis
|
|
206
219
|
Emby
|
207
220
|
Emerson
|
208
221
|
Emulex
|
222
|
+
Encode
|
209
223
|
Enterasys
|
224
|
+
Envoy Proxy
|
210
225
|
Epson
|
211
226
|
EqualLogic
|
212
227
|
Equivalence (OpenH323)
|
@@ -231,6 +246,7 @@ Firefly
|
|
231
246
|
Floosietek
|
232
247
|
FlowPoint
|
233
248
|
Flussonic
|
249
|
+
Flyspray
|
234
250
|
Folding@home
|
235
251
|
Fortinet
|
236
252
|
Foscam
|
@@ -238,6 +254,7 @@ Foundry
|
|
238
254
|
Foundry Networks
|
239
255
|
FreeBSD
|
240
256
|
FreePBX
|
257
|
+
FreeSWITCH
|
241
258
|
Fuji Xerox
|
242
259
|
Fujitsu
|
243
260
|
Fujitsu Siemens
|
@@ -261,6 +278,7 @@ GitLab
|
|
261
278
|
Gitea
|
262
279
|
Global Technology Associates
|
263
280
|
GlobalScape
|
281
|
+
Gogs
|
264
282
|
Google
|
265
283
|
Gordano
|
266
284
|
Grafana
|
@@ -277,6 +295,7 @@ HP
|
|
277
295
|
HPE
|
278
296
|
Hadoop
|
279
297
|
Haivision
|
298
|
+
Hak5
|
280
299
|
Hanwha Techwin
|
281
300
|
HashiCorp
|
282
301
|
Hauni Elektronik
|
@@ -298,6 +317,7 @@ ISC
|
|
298
317
|
ISDN Communications
|
299
318
|
ITO Communications
|
300
319
|
Idea
|
320
|
+
Ignite Realtime
|
301
321
|
ImageCom
|
302
322
|
Imagistics
|
303
323
|
Inari Inc.
|
@@ -313,7 +333,10 @@ Internet Archive
|
|
313
333
|
Inveo
|
314
334
|
Ipswitch
|
315
335
|
Isilon
|
336
|
+
Istio
|
337
|
+
JFrog
|
316
338
|
Jamf
|
339
|
+
Jellyfin
|
317
340
|
Jenkins
|
318
341
|
JetBrains
|
319
342
|
Juniper
|
@@ -352,10 +375,12 @@ LibreNMS
|
|
352
375
|
Liebert
|
353
376
|
Lifesize
|
354
377
|
LigoWave
|
378
|
+
Ligowave
|
355
379
|
Linksys
|
356
380
|
Linux
|
357
381
|
LiteSpeed Technologies
|
358
382
|
LiveWorks Limited
|
383
|
+
Logitech
|
359
384
|
Lotus
|
360
385
|
Loxone
|
361
386
|
Lucent
|
@@ -385,8 +410,10 @@ Mercury Security
|
|
385
410
|
Merit LILIN
|
386
411
|
Mersive
|
387
412
|
MetaInfo
|
413
|
+
Metabase
|
388
414
|
MiBridge Inc.
|
389
415
|
Michael Tokarev
|
416
|
+
MicroStrategy
|
390
417
|
Microplex
|
391
418
|
Microsoft
|
392
419
|
MikroTik
|
@@ -396,11 +423,13 @@ Mitel
|
|
396
423
|
Mobatek
|
397
424
|
Mobotix
|
398
425
|
Mocana
|
426
|
+
MoinMoin
|
399
427
|
Moodle
|
400
428
|
Mort Bay
|
401
429
|
Motion Media Technology
|
402
430
|
Motorola
|
403
431
|
Moxa
|
432
|
+
Mozilla
|
404
433
|
MultiTech
|
405
434
|
Multicraft
|
406
435
|
Munin
|
@@ -435,6 +464,7 @@ Netwave
|
|
435
464
|
Network Alchemy Limited
|
436
465
|
Network Equipment Technologies
|
437
466
|
Neustar
|
467
|
+
Nextcloud
|
438
468
|
Nokia
|
439
469
|
Nokia-Siemens
|
440
470
|
Nominum
|
@@ -443,6 +473,7 @@ Norton
|
|
443
473
|
Novell
|
444
474
|
OPNsense
|
445
475
|
Objective Communications
|
476
|
+
Observium
|
446
477
|
Oce
|
447
478
|
Octopus
|
448
479
|
Oki
|
@@ -453,6 +484,8 @@ OpenLDAP
|
|
453
484
|
OpenMediaVault
|
454
485
|
OpenNAC
|
455
486
|
OpenResty
|
487
|
+
OpenSER
|
488
|
+
OpenSIPS
|
456
489
|
OpenSUSE
|
457
490
|
OpenStack
|
458
491
|
OpenVMS
|
@@ -464,6 +497,7 @@ Oracle
|
|
464
497
|
Overland
|
465
498
|
Oversee
|
466
499
|
PHP
|
500
|
+
PIAF
|
467
501
|
PLD
|
468
502
|
PRTG
|
469
503
|
Pagoo, Inc.
|
@@ -476,7 +510,10 @@ Paradyne
|
|
476
510
|
Parallels
|
477
511
|
Paramiko
|
478
512
|
Paul Smith Computer Services
|
513
|
+
Pelco
|
479
514
|
Percona
|
515
|
+
Perl
|
516
|
+
Phacility
|
480
517
|
Philips
|
481
518
|
Philips Video Conferencing Systems
|
482
519
|
Pi-hole
|
@@ -498,6 +535,7 @@ Process Software
|
|
498
535
|
Progress
|
499
536
|
Prometheus
|
500
537
|
Pronet
|
538
|
+
Proxmox
|
501
539
|
Pulse Secure
|
502
540
|
Pure Storage
|
503
541
|
PureFTPd
|
@@ -527,6 +565,7 @@ Rhino Software
|
|
527
565
|
Ricoh
|
528
566
|
Ridgeway Systems and Software
|
529
567
|
Rifatron
|
568
|
+
Riverbed
|
530
569
|
Riverstone
|
531
570
|
Rockliffe
|
532
571
|
Rockwell Automation
|
@@ -550,8 +589,10 @@ SMA Solar Technology Ag
|
|
550
589
|
SMC Networks
|
551
590
|
SPIP
|
552
591
|
SSH Communications Security
|
592
|
+
STARFACE GmhH
|
553
593
|
SUSE
|
554
594
|
SafeNet
|
595
|
+
Sage
|
555
596
|
Samba
|
556
597
|
Samsung
|
557
598
|
Sangoma
|
@@ -585,6 +626,7 @@ Silver Peak
|
|
585
626
|
Siqura
|
586
627
|
Slackware
|
587
628
|
SmoothWall
|
629
|
+
SnapServer
|
588
630
|
Sofrel
|
589
631
|
Softing
|
590
632
|
SolarWinds
|
@@ -605,6 +647,7 @@ StarNet Communications Corp.
|
|
605
647
|
StarVox, Inc.
|
606
648
|
StartCom
|
607
649
|
Steinsvik
|
650
|
+
Strategic Cyber LLC
|
608
651
|
StreamComm
|
609
652
|
SuSE
|
610
653
|
Sun
|
@@ -616,6 +659,7 @@ Symantec
|
|
616
659
|
Symbol
|
617
660
|
Symbol Technologies Inc.
|
618
661
|
Symplified
|
662
|
+
Synacor
|
619
663
|
Syndeo Corp.
|
620
664
|
Synology
|
621
665
|
SysMaster Corporation
|
@@ -626,9 +670,11 @@ TP-LINK
|
|
626
670
|
TRENDnet
|
627
671
|
TVersity
|
628
672
|
TYPO3
|
673
|
+
Tableau
|
629
674
|
Tandberg
|
630
675
|
Taobao
|
631
676
|
Tasman Networks
|
677
|
+
Technicolor
|
632
678
|
Tektronix
|
633
679
|
Teldat H. Kruszynski, M. Cichocki Sp. J.
|
634
680
|
TeleStream Technologies, Inc.
|
@@ -641,14 +687,17 @@ Thekelleys
|
|
641
687
|
Thomson
|
642
688
|
TigerVNC
|
643
689
|
TightVNC
|
690
|
+
Tildeslash
|
644
691
|
Tilgin
|
645
692
|
Tintro
|
646
693
|
Tinyproxy Project
|
647
694
|
Tivo
|
648
695
|
Tobit Software
|
649
696
|
Tokutek
|
697
|
+
Tor Project
|
650
698
|
TornadoWeb
|
651
699
|
Toshiba
|
700
|
+
Traefik Labs
|
652
701
|
Treck
|
653
702
|
Tridium
|
654
703
|
Troy
|
@@ -679,6 +728,7 @@ VideoServer
|
|
679
728
|
Vignette
|
680
729
|
Vine
|
681
730
|
Vircom
|
731
|
+
Visuality Systems
|
682
732
|
Vizio
|
683
733
|
VocalTec Communications, Inc.
|
684
734
|
Västgöta-Data AB
|
@@ -688,12 +738,14 @@ Washington University
|
|
688
738
|
WatchGuard
|
689
739
|
WeOnlyDo
|
690
740
|
WebTrends
|
741
|
+
Webmin
|
691
742
|
Westbay Engineers
|
692
743
|
Westell
|
693
744
|
Western Digital
|
694
745
|
White Box
|
695
746
|
Wildix
|
696
747
|
Wind River
|
748
|
+
Wowza
|
697
749
|
Wowza Media Systems
|
698
750
|
X.Org
|
699
751
|
XAMPP
|
@@ -707,6 +759,7 @@ Xitami
|
|
707
759
|
Xlight
|
708
760
|
Xubuntu
|
709
761
|
Xyplex
|
762
|
+
Xytronix
|
710
763
|
Yamaha
|
711
764
|
Yealink
|
712
765
|
Yocto
|
@@ -723,6 +776,7 @@ cPanel
|
|
723
776
|
cz.nic
|
724
777
|
enGenius
|
725
778
|
estos
|
779
|
+
etherpad
|
726
780
|
exim
|
727
781
|
gdnsd
|
728
782
|
home.pl
|
@@ -734,6 +788,7 @@ lighttpd
|
|
734
788
|
mod_ssl
|
735
789
|
mod_wsgi
|
736
790
|
nginx
|
791
|
+
ninenines
|
737
792
|
noVNC
|
738
793
|
ownCloud
|
739
794
|
pfSense
|
data/lib/recog/nizer.rb
CHANGED
@@ -8,13 +8,13 @@ class Nizer
|
|
8
8
|
# Non-weighted host attributes that can be extracted from fingerprint matches
|
9
9
|
HOST_ATTRIBUTES = %W{
|
10
10
|
host.domain
|
11
|
-
host.id
|
12
11
|
host.ip
|
13
12
|
host.mac
|
14
13
|
host.name
|
15
14
|
host.time
|
16
15
|
hw.device
|
17
16
|
hw.family
|
17
|
+
hw.serial_number
|
18
18
|
hw.product
|
19
19
|
hw.vendor
|
20
20
|
}
|
@@ -264,84 +264,3 @@ class Nizer
|
|
264
264
|
|
265
265
|
end
|
266
266
|
end
|
267
|
-
|
268
|
-
=begin
|
269
|
-
|
270
|
-
Current key names:
|
271
|
-
|
272
|
-
apache.info
|
273
|
-
apache.variant
|
274
|
-
apache.variant.version
|
275
|
-
cookie
|
276
|
-
host.domain
|
277
|
-
host.id
|
278
|
-
host.ip
|
279
|
-
host.mac
|
280
|
-
host.name
|
281
|
-
host.time
|
282
|
-
hw.device
|
283
|
-
hw.family
|
284
|
-
hw.product
|
285
|
-
hw.vendor
|
286
|
-
imail.eval
|
287
|
-
jetty.info
|
288
|
-
junction.cookie
|
289
|
-
junction.name
|
290
|
-
linux.kernel.version
|
291
|
-
loadbalancer.poolname
|
292
|
-
mdaemon.unregistered
|
293
|
-
mercur.os.info
|
294
|
-
metainfo.version
|
295
|
-
metainfo.version.version
|
296
|
-
ms.nttp.version
|
297
|
-
notes.build.version
|
298
|
-
notes.intl
|
299
|
-
ntmail.id
|
300
|
-
openssh.comment
|
301
|
-
openssh.cvepatch
|
302
|
-
os.arch
|
303
|
-
os.build
|
304
|
-
os.certainty
|
305
|
-
os.device
|
306
|
-
os.edition
|
307
|
-
os.family
|
308
|
-
os.product
|
309
|
-
os.vendor
|
310
|
-
os.version
|
311
|
-
os.version.version
|
312
|
-
os.version.version.version
|
313
|
-
postfix.os.info
|
314
|
-
postoffice.build
|
315
|
-
postoffice.id
|
316
|
-
proftpd.server.name
|
317
|
-
pureftpd.config
|
318
|
-
qpopper.version
|
319
|
-
sendmail.config.version
|
320
|
-
sendmail.hpux.phne.version
|
321
|
-
sendmail.vendor.version
|
322
|
-
service.certainty
|
323
|
-
service.component.family
|
324
|
-
service.component.product
|
325
|
-
service.component.vendor
|
326
|
-
service.component.version
|
327
|
-
service.family
|
328
|
-
service.product
|
329
|
-
service.vendor
|
330
|
-
service.version
|
331
|
-
service.version.version
|
332
|
-
service.version.version.version
|
333
|
-
service.version.version.version.version
|
334
|
-
service.version.version.version.version.version
|
335
|
-
siemens.model
|
336
|
-
snmp.fpmib.oid.1
|
337
|
-
snmp.fpmib.oid.2
|
338
|
-
system.time
|
339
|
-
system.time.format
|
340
|
-
system.time.micros
|
341
|
-
system.time.millis
|
342
|
-
thttpd.mx-patch
|
343
|
-
timeout
|
344
|
-
tomcat.info
|
345
|
-
zmailer.ident
|
346
|
-
|
347
|
-
=end
|
data/lib/recog/version.rb
CHANGED
data/requirements.txt
CHANGED
@@ -1,2 +1,2 @@
|
|
1
|
-
lxml==4.6.
|
1
|
+
lxml==4.6.3
|
2
2
|
pyyaml
|