recog 2.3.18 → 2.3.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/cpe-remap.yaml +11 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +6 -0
- data/identifiers/hw_product.txt +59 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +1 -0
- data/identifiers/os_product.txt +25 -0
- data/identifiers/service_family.txt +3 -0
- data/identifiers/service_product.txt +27 -0
- data/identifiers/vendor.txt +33 -0
- data/lib/recog/version.rb +1 -1
- data/update_cpes.py +3 -3
- data/xml/favicons.xml +108 -0
- data/xml/ftp_banners.xml +2 -1
- data/xml/html_title.xml +156 -1
- data/xml/http_cookies.xml +85 -0
- data/xml/http_servers.xml +120 -1
- data/xml/http_wwwauth.xml +8 -0
- data/xml/mdns_device-info_txt.xml +308 -10
- data/xml/ntp_banners.xml +9 -1
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +344 -8
- data/xml/sip_user_agents.xml +317 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +157 -33
- data/xml/snmp_sysdescr.xml +129 -1
- data/xml/ssh_banners.xml +118 -11
- data/xml/telnet_banners.xml +25 -1
- data/xml/tls_jarm.xml +139 -0
- data/xml/x509_issuers.xml +16 -0
- data/xml/x509_subjects.xml +72 -0
- metadata +4 -2
data/xml/ntp_banners.xml
CHANGED
|
@@ -133,7 +133,9 @@
|
|
|
133
133
|
<param pos="0" name="os.family" value="VMware ESX/ESXi"/>
|
|
134
134
|
<param pos="0" name="os.product" value="VMware ESX Server"/>
|
|
135
135
|
<param pos="2" name="os.arch"/>
|
|
136
|
+
<param pos="0" name="os.device" value="Hypervisor"/>
|
|
136
137
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
138
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
137
139
|
</fingerprint>
|
|
138
140
|
|
|
139
141
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
@@ -939,7 +941,9 @@
|
|
|
939
941
|
<param pos="0" name="os.product" value="VMware ESXi Server"/>
|
|
940
942
|
<param pos="2" name="os.arch"/>
|
|
941
943
|
<param pos="3" name="os.version"/>
|
|
944
|
+
<param pos="0" name="os.device" value="Hypervisor"/>
|
|
942
945
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
946
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
943
947
|
</fingerprint>
|
|
944
948
|
|
|
945
949
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
@@ -1027,9 +1031,13 @@
|
|
|
1027
1031
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
|
1028
1032
|
<param pos="0" name="os.family" value="Data ONTAP"/>
|
|
1029
1033
|
<param pos="0" name="os.product" value="Data ONTAP"/>
|
|
1030
|
-
<param pos="0" name="os.device" value="File Server"/>
|
|
1031
1034
|
<param pos="1" name="os.version"/>
|
|
1035
|
+
<param pos="0" name="ow.device" value="NAS"/>
|
|
1032
1036
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
1037
|
+
<param pos="0" name="hw.vendor" value="NetApp"/>
|
|
1038
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
|
1039
|
+
<param pos="0" name="hw.family" value="Data ONTAP"/>
|
|
1040
|
+
<param pos="0" name="hw.product" value="Data ONTAP"/>
|
|
1033
1041
|
</fingerprint>
|
|
1034
1042
|
|
|
1035
1043
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
data/xml/rtsp_servers.xml
CHANGED
|
@@ -93,4 +93,11 @@
|
|
|
93
93
|
<param pos="1" name="os.version"/>
|
|
94
94
|
</fingerprint>
|
|
95
95
|
|
|
96
|
+
<fingerprint pattern="^Linux/2\.6\.35\.14_nl-xarina\+ Ze-PRO$">
|
|
97
|
+
<description>Sony Network Camera</description>
|
|
98
|
+
<example>Linux/2.6.35.14_nl-xarina+ Ze-PRO</example>
|
|
99
|
+
<param pos="0" name="hw.vendor" value="Sony"/>
|
|
100
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
|
101
|
+
</fingerprint>
|
|
102
|
+
|
|
96
103
|
</fingerprints>
|
data/xml/sip_banners.xml
CHANGED
|
@@ -60,10 +60,53 @@
|
|
|
60
60
|
<param pos="2" name="hw.version"/>
|
|
61
61
|
</fingerprint>
|
|
62
62
|
|
|
63
|
+
<!-- The next few Linksys fingerprints could be merged but are split to enable CPEs -->
|
|
64
|
+
|
|
65
|
+
<fingerprint pattern="^(?:[\dA-F]+ )?Linksys/RT31P2-([\d.]+)\(\w+\)$">
|
|
66
|
+
<description>Linksys RT31P2</description>
|
|
67
|
+
<example os.version="3.1.9">Linksys/RT31P2-3.1.9(LId)</example>
|
|
68
|
+
<example os.version="3.1.6">Linksys/RT31P2-3.1.6(LI)</example>
|
|
69
|
+
<example os.version="3.1.6">001310E72B51 Linksys/RT31P2-3.1.6(LI)</example>
|
|
70
|
+
<param pos="0" name="os.vendor" value="Linksys"/>
|
|
71
|
+
<param pos="0" name="os.product" value="RT31P2 Firmware"/>
|
|
72
|
+
<param pos="1" name="os.version"/>
|
|
73
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
74
|
+
<param pos="0" name="hw.vendor" value="Linksys"/>
|
|
75
|
+
<param pos="0" name="hw.product" value="RT31P2"/>
|
|
76
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
77
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:linksys:rt31p2:-"/>
|
|
78
|
+
</fingerprint>
|
|
79
|
+
|
|
80
|
+
<fingerprint pattern="^Cisco/SPA122-([\d.]+)\(\w+\)[\w-]*$">
|
|
81
|
+
<description>Cisco SPA122</description>
|
|
82
|
+
<example os.version="1.3.5">Cisco/SPA122-1.3.5(004p)</example>
|
|
83
|
+
<example os.version="1.3.5">Cisco/SPA122-1.3.5(004p)_BestGo</example>
|
|
84
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
85
|
+
<param pos="0" name="os.product" value="SPA122 Firmware"/>
|
|
86
|
+
<param pos="1" name="os.version"/>
|
|
87
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
88
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:spa122_firmware:{os.version}"/>
|
|
89
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
90
|
+
<param pos="0" name="hw.product" value="SPA122"/>
|
|
91
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
92
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:cisco:spa122:-"/>
|
|
93
|
+
</fingerprint>
|
|
94
|
+
|
|
95
|
+
<fingerprint pattern="^Cisco/SPA112-([\d.SR]+)\(\w+\)[\w-]*$">
|
|
96
|
+
<description>Cisco SPA112</description>
|
|
97
|
+
<example os.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
|
|
98
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
99
|
+
<param pos="0" name="os.product" value="SPA112 Firmware"/>
|
|
100
|
+
<param pos="1" name="os.version"/>
|
|
101
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
102
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:spa112_firmware:{os.version}"/>
|
|
103
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
104
|
+
<param pos="0" name="hw.product" value="SPA112"/>
|
|
105
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
106
|
+
</fingerprint>
|
|
107
|
+
|
|
63
108
|
<fingerprint pattern="(?:Cisco|Linksys)/(SPA\d+[DG]?\d?)-([\d\.a-zA-Z]+)">
|
|
64
109
|
<description>Cisco/Linksys SPA VoIP Phone</description>
|
|
65
|
-
<example hw.model="SPA112" hw.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
|
|
66
|
-
<example hw.model="SPA122" hw.version="1.3.3">Cisco/SPA122-1.3.3(004)</example>
|
|
67
110
|
<example hw.model="SPA922" hw.version="6.1.5">PhoneSystems.net aabbccddeeff Linksys/SPA922-6.1.5(a)</example>
|
|
68
111
|
<example hw.model="SPA232D" hw.version="1.4.1">Cisco/SPA232D-1.4.1(002_282)</example>
|
|
69
112
|
<example hw.model="SPA504G" hw.version="7.5.2">Cisco/SPA504G-7.5.2</example>
|
|
@@ -155,6 +198,130 @@
|
|
|
155
198
|
<param pos="1" name="hw.product"/>
|
|
156
199
|
</fingerprint>
|
|
157
200
|
|
|
201
|
+
<!-- NEC -->
|
|
202
|
+
|
|
203
|
+
<fingerprint pattern="^NEC SL2100/([\d.]+)$">
|
|
204
|
+
<description>NEC SL2100 Communications Server</description>
|
|
205
|
+
<example os.version="2.1">NEC SL2100/2.1</example>
|
|
206
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
207
|
+
<param pos="0" name="os.product" value="SL2100 Firmware"/>
|
|
208
|
+
<param pos="1" name="os.version"/>
|
|
209
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
210
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sl2100_firmware:{os.version}"/>
|
|
211
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
212
|
+
<param pos="0" name="hw.family" value="SL2100"/>
|
|
213
|
+
<param pos="0" name="hw.product" value="SL2100"/>
|
|
214
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
215
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sl2100:-"/>
|
|
216
|
+
</fingerprint>
|
|
217
|
+
|
|
218
|
+
<fingerprint pattern="^NEC (Aspire [WU]X) ([\d.]+)(?:/\d\.\d)?$">
|
|
219
|
+
<description>NEC UNIVERGE Aspire WX or UX SIP Gateway</description>
|
|
220
|
+
<example hw.product="Aspire WX" os.version="02.00.00">NEC Aspire WX 02.00.00</example>
|
|
221
|
+
<example hw.product="Aspire UX" os.version="08.00.00">NEC Aspire UX 08.00.00/2.1</example>
|
|
222
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
223
|
+
<param pos="2" name="os.version"/>
|
|
224
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
225
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
226
|
+
<param pos="1" name="hw.product"/>
|
|
227
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
228
|
+
</fingerprint>
|
|
229
|
+
|
|
230
|
+
<!-- The next few NEC fingerprints could be merged but are split to enable CPEs -->
|
|
231
|
+
|
|
232
|
+
<fingerprint pattern="^NEC(?:-i)? SV9100-(?:NA|GE) ([\d.]+)(?:/\d\.\d)?$">
|
|
233
|
+
<description>NEC UNIVERGE 9100 SIP Gateway</description>
|
|
234
|
+
<example os.version="08.00.65">NEC SV9100-NA 08.00.65/2.1</example>
|
|
235
|
+
<example os.version="09.00.60">NEC SV9100-GE 09.00.60/2.1</example>
|
|
236
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
237
|
+
<param pos="0" name="os.product" value="SV9100 Firmware"/>
|
|
238
|
+
<param pos="1" name="os.version"/>
|
|
239
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sv9100_firmware:{os.version}"/>
|
|
240
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
241
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
242
|
+
<param pos="0" name="hw.product" value="SV9100"/>
|
|
243
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
244
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sv9100:-"/>
|
|
245
|
+
</fingerprint>
|
|
246
|
+
|
|
247
|
+
<fingerprint pattern="^NEC(?:-i)? SV8100-(?:NA|GE) ([\d.]+)(?:/\d\.\d)?$">
|
|
248
|
+
<description>NEC UNIVERGE 8100 SIP Gateway</description>
|
|
249
|
+
<example os.version="08.00.65">NEC SV8100-GE 08.00.65/2.1</example>
|
|
250
|
+
<example os.version="09.50">NEC-i SV8100-NA 09.50/2.1</example>
|
|
251
|
+
<example os.version="10.12">NEC SV8100-NA 10.12/2.1</example>
|
|
252
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
253
|
+
<param pos="0" name="os.product" value="SV8100 Firmware"/>
|
|
254
|
+
<param pos="1" name="os.version"/>
|
|
255
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sv8100_firmware:{os.version}"/>
|
|
256
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
257
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
258
|
+
<param pos="0" name="hw.product" value="SV8100"/>
|
|
259
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
260
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sv8100:-"/>
|
|
261
|
+
</fingerprint>
|
|
262
|
+
|
|
263
|
+
<!-- Grandstream -->
|
|
264
|
+
|
|
265
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
266
|
+
|
|
267
|
+
<fingerprint pattern="^Grandstream UCM6208V(\d\.\d\w) ([\d.]+)$">
|
|
268
|
+
<description>Grandstream UCM 6208</description>
|
|
269
|
+
<example hw.version="1.4A" os.version="1.0.16.20">Grandstream UCM6208V1.4A 1.0.16.20</example>
|
|
270
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
271
|
+
<param pos="0" name="os.product" value="UCM6208 Firmware"/>
|
|
272
|
+
<param pos="2" name="os.version"/>
|
|
273
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
274
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6208_firmware:{os.version}"/>
|
|
275
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
276
|
+
<param pos="0" name="hw.product" value="UCM6208"/>
|
|
277
|
+
<param pos="1" name="hw.version"/>
|
|
278
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
279
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ucm6208:{hw.version}"/>
|
|
280
|
+
</fingerprint>
|
|
281
|
+
|
|
282
|
+
<fingerprint pattern="^Grandstream UCM6204V(\d\.\d\w) ([\d.]+)$">
|
|
283
|
+
<description>Grandstream UCM 6204</description>
|
|
284
|
+
<example hw.version="1.4A" os.version="1.0.15.16">Grandstream UCM6204V1.4A 1.0.15.16</example>
|
|
285
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
286
|
+
<param pos="0" name="os.product" value="UCM6204 Firmware"/>
|
|
287
|
+
<param pos="2" name="os.version"/>
|
|
288
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
289
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6204_firmware:{os.version}"/>
|
|
290
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
291
|
+
<param pos="0" name="hw.product" value="UCM6204"/>
|
|
292
|
+
<param pos="1" name="hw.version"/>
|
|
293
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
294
|
+
</fingerprint>
|
|
295
|
+
|
|
296
|
+
<fingerprint pattern="^Grandstream UCM6202V(\d\.\d\w) ([\d.]+)$">
|
|
297
|
+
<description>Grandstream UCM 6202</description>
|
|
298
|
+
<example hw.version="1.4A" os.version="1.0.15.16">Grandstream UCM6202V1.4A 1.0.15.16</example>
|
|
299
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
300
|
+
<param pos="0" name="os.product" value="UCM6202 Firmware"/>
|
|
301
|
+
<param pos="2" name="os.version"/>
|
|
302
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
303
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6202_firmware:{os.version}"/>
|
|
304
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
305
|
+
<param pos="0" name="hw.product" value="UCM6202"/>
|
|
306
|
+
<param pos="1" name="hw.version"/>
|
|
307
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
308
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ucm6202:{hw.version}"/>
|
|
309
|
+
</fingerprint>
|
|
310
|
+
|
|
311
|
+
<fingerprint pattern="^Grandstream (UCM6\d\d\d)V(\d\.\d\w) ([\d.]+)$">
|
|
312
|
+
<description>Grandstream UCM 6xxx series generic</description>
|
|
313
|
+
<example hw.product="UCM6102" os.version="1.0.6.10">Grandstream UCM6102V1.5A 1.0.6.10</example>
|
|
314
|
+
<example hw.product="UCM6302" hw.version="1.2B">Grandstream UCM6302V1.2B 1.0.3.10</example>
|
|
315
|
+
<example hw.product="UCM6510">Grandstream UCM6510V1.4B 1.0.14.23</example>
|
|
316
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
317
|
+
<param pos="3" name="os.version"/>
|
|
318
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
319
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
320
|
+
<param pos="1" name="hw.product"/>
|
|
321
|
+
<param pos="2" name="hw.version"/>
|
|
322
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
323
|
+
</fingerprint>
|
|
324
|
+
|
|
158
325
|
<!-- Various -->
|
|
159
326
|
|
|
160
327
|
<fingerprint pattern="EnGenius_Router$">
|
|
@@ -275,6 +442,18 @@
|
|
|
275
442
|
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
276
443
|
</fingerprint>
|
|
277
444
|
|
|
445
|
+
<fingerprint pattern="^Wildix GW ([\d.~a-h]+)$">
|
|
446
|
+
<description>Wildix SIP Gateway - timestamp/build variant</description>
|
|
447
|
+
<example os.version="20201008.1~a2e84be1">Wildix GW 20201008.1~a2e84be1</example>
|
|
448
|
+
<param pos="0" name="os.vendor" value="Wildix"/>
|
|
449
|
+
<param pos="0" name="os.family" value="SIP Gateway"/>
|
|
450
|
+
<param pos="1" name="os.version"/>
|
|
451
|
+
<param pos="0" name="hw.vendor" value="Wildix"/>
|
|
452
|
+
<param pos="0" name="hw.family" value="SIP Gateway"/>
|
|
453
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
454
|
+
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
455
|
+
</fingerprint>
|
|
456
|
+
|
|
278
457
|
<fingerprint pattern="^Wildix GW$">
|
|
279
458
|
<description>Wildix SIP Gateway w/o Version</description>
|
|
280
459
|
<example>Wildix GW</example>
|
|
@@ -286,6 +465,18 @@
|
|
|
286
465
|
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
287
466
|
</fingerprint>
|
|
288
467
|
|
|
468
|
+
<fingerprint pattern="^PBX-IP Media Gateway/([\d.]+)$">
|
|
469
|
+
<description>Dialogic Media Gateway w Version</description>
|
|
470
|
+
<example os.version="2.1">PBX-IP Media Gateway/2.1</example>
|
|
471
|
+
<param pos="0" name="os.vendor" value="Dialogic"/>
|
|
472
|
+
<param pos="0" name="os.family" value="SIP Gateway"/>
|
|
473
|
+
<param pos="1" name="os.version"/>
|
|
474
|
+
<param pos="0" name="hw.vendor" value="Dialogic"/>
|
|
475
|
+
<param pos="0" name="hw.family" value="SIP Gateway"/>
|
|
476
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
477
|
+
<param pos="0" name="hw.product" value="Media Gateway"/>
|
|
478
|
+
</fingerprint>
|
|
479
|
+
|
|
289
480
|
<fingerprint pattern="^Asterisk PBX (\S+)$">
|
|
290
481
|
<description>Asterisk PBX w/ Version</description>
|
|
291
482
|
<example service.version="13.18.0-6.7.1.1.rl.1538157944.1c65507">Asterisk PBX 13.18.0-6.7.1.1.rl.1538157944.1c65507</example>
|
|
@@ -314,14 +505,115 @@
|
|
|
314
505
|
<param pos="1" name="service.version"/>
|
|
315
506
|
</fingerprint>
|
|
316
507
|
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
508
|
+
<!-- Kamailio seems to be a successor to OpenSER and perhaps OpenSIPS? -->
|
|
509
|
+
|
|
510
|
+
<fingerprint pattern="^[Kk]amailio \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
511
|
+
<description>Kamailio Kamailio - Linux on x86_64</description>
|
|
512
|
+
<example service.version="4.4.4">kamailio (4.4.4 (x86_64/linux))</example>
|
|
320
513
|
<param pos="0" name="service.vendor" value="Kamailio"/>
|
|
321
|
-
<param pos="0" name="service.
|
|
322
|
-
<param pos="
|
|
514
|
+
<param pos="0" name="service.product" value="Kamailio"/>
|
|
515
|
+
<param pos="1" name="service.version"/>
|
|
516
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
|
|
517
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
518
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
519
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
520
|
+
</fingerprint>
|
|
521
|
+
|
|
522
|
+
<fingerprint pattern="^[Kk]amailio \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
523
|
+
<description>Kamailio Kamailio - Linux on x86</description>
|
|
524
|
+
<example service.version="1.5.2">Kamailio (1.5.2-notls (i386/linux))</example>
|
|
525
|
+
<param pos="0" name="service.vendor" value="Kamailio"/>
|
|
526
|
+
<param pos="0" name="service.product" value="Kamailio"/>
|
|
527
|
+
<param pos="1" name="service.version"/>
|
|
528
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
|
|
529
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
530
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
531
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
532
|
+
</fingerprint>
|
|
533
|
+
|
|
534
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
535
|
+
<description>OpenSIPS OpenSIPS - Linux on x86_64</description>
|
|
536
|
+
<example service.version="1.7.2">OpenSIPS (1.7.2-notls (x86_64/linux))</example>
|
|
537
|
+
<example service.version="1.11.11">OpenSIPS (1.11.11-tls (x86_64/linux))</example>
|
|
538
|
+
<example service.version="2.2.7">OpenSIPS (2.2.7 (x86_64/linux))</example>
|
|
539
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
540
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
541
|
+
<param pos="1" name="service.version"/>
|
|
542
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
543
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
544
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
545
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
546
|
+
</fingerprint>
|
|
547
|
+
|
|
548
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
549
|
+
<description>OpenSIPS OpenSIPS - Linux on x86</description>
|
|
550
|
+
<example service.version="1.8.2">OpenSIPS (1.8.2-notls (i386/linux))</example>
|
|
551
|
+
<example service.version="1.11.3">OpenSIPS (1.11.3-tls (i386/linux))</example>
|
|
552
|
+
<example service.version="2.3.3">OpenSIPS (2.3.3 (i386/linux))</example>
|
|
553
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
554
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
555
|
+
<param pos="1" name="service.version"/>
|
|
556
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
557
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
558
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
559
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
560
|
+
</fingerprint>
|
|
561
|
+
|
|
562
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(arm(?:v4tl|v7l)?/linux\)\)$">
|
|
563
|
+
<description>OpenSIPS OpenSIPS - Linux on ARM</description>
|
|
564
|
+
<example service.version="2.2.2">OpenSIPS (2.2.2 (arm/linux))</example>
|
|
565
|
+
<example service.version="1.6.0">OpenSIPS (1.6.0-notls (armv4tl/linux))</example>
|
|
566
|
+
<example service.version="1.11.5">OpenSIPS (1.11.5-tls (armv7l/linux))</example>
|
|
567
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
568
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
569
|
+
<param pos="1" name="service.version"/>
|
|
570
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
571
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
572
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
573
|
+
<param pos="0" name="os.arch" value="ARM"/>
|
|
574
|
+
</fingerprint>
|
|
575
|
+
|
|
576
|
+
<fingerprint pattern="^(?i)OpenSER \(([\d.]+)(?:-tls|-notls)? \(sh4/linux\)\)$">
|
|
577
|
+
<description>OpenSER OpenSER - Linux on Renesas SH4</description>
|
|
578
|
+
<example service.version="1.3.2">OpenSER (1.3.2-notls (sh4/linux))</example>
|
|
579
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
580
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
323
581
|
<param pos="1" name="service.version"/>
|
|
324
|
-
<param pos="
|
|
582
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
583
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
584
|
+
</fingerprint>
|
|
585
|
+
|
|
586
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
587
|
+
<description>OpenSER OpenSER - Linux on x86_64</description>
|
|
588
|
+
<example service.version="1.1.0">OpenSer (1.1.0-notls (x86_64/linux))</example>
|
|
589
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
590
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
591
|
+
<param pos="1" name="service.version"/>
|
|
592
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
593
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
594
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
595
|
+
</fingerprint>
|
|
596
|
+
|
|
597
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
598
|
+
<description>OpenSER OpenSER - Linux on x86</description>
|
|
599
|
+
<example service.version="1.3.0">OpenSER (1.3.0-notls (i386/linux))</example>
|
|
600
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
601
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
602
|
+
<param pos="1" name="service.version"/>
|
|
603
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
604
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
605
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
606
|
+
</fingerprint>
|
|
607
|
+
|
|
608
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(arm/linux\)\)$">
|
|
609
|
+
<description>OpenSER OpenSER - Linux on ARM</description>
|
|
610
|
+
<example service.version="1.3.2">OpenSER (1.3.2-tls (arm/linux))</example>
|
|
611
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
612
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
613
|
+
<param pos="1" name="service.version"/>
|
|
614
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
615
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
616
|
+
<param pos="0" name="os.arch" value="ARM"/>
|
|
325
617
|
</fingerprint>
|
|
326
618
|
|
|
327
619
|
<!-- This match covers multiple product families and should be split up further -->
|
|
@@ -351,4 +643,48 @@
|
|
|
351
643
|
<param pos="0" name="hw.product" value="SIParator Firewall"/>
|
|
352
644
|
</fingerprint>
|
|
353
645
|
|
|
646
|
+
<fingerprint pattern="^CommuniGatePro/(\d\.[\w.]+)$">
|
|
647
|
+
<description>Communigate Pro</description>
|
|
648
|
+
<example service.version="6.2.14">CommuniGatePro/6.2.14</example>
|
|
649
|
+
<example service.version="6.3c1m">CommuniGatePro/6.3c1m</example>
|
|
650
|
+
<param pos="0" name="service.vendor" value="Communigate"/>
|
|
651
|
+
<param pos="0" name="service.family" value="Pro"/>
|
|
652
|
+
<param pos="0" name="service.product" value="Communigate Pro"/>
|
|
653
|
+
<param pos="1" name="service.version"/>
|
|
654
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:communigate:communigate_pro:{service.version}"/>
|
|
655
|
+
</fingerprint>
|
|
656
|
+
|
|
657
|
+
<fingerprint pattern="^STARFACE PBX$">
|
|
658
|
+
<description>STARFACE GmhH STARFACE PBX</description>
|
|
659
|
+
<example>STARFACE PBX</example>
|
|
660
|
+
<param pos="0" name="service.vendor" value="STARFACE GmhH"/>
|
|
661
|
+
<param pos="0" name="service.family" value="SIP Server"/>
|
|
662
|
+
<param pos="0" name="service.product" value="STARFACE PBX"/>
|
|
663
|
+
</fingerprint>
|
|
664
|
+
|
|
665
|
+
<fingerprint pattern="^FortiVoice-([\w-]+)$">
|
|
666
|
+
<description>Fortinet FortiVoice</description>
|
|
667
|
+
<example hw.product="200D">FortiVoice-200D</example>
|
|
668
|
+
<example hw.product="VM-Azure">FortiVoice-VM-Azure</example>
|
|
669
|
+
<example>FortiVoice-1000E</example>
|
|
670
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
|
671
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
|
672
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
673
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:-"/>
|
|
674
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
|
675
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
|
676
|
+
<param pos="1" name="hw.product"/>
|
|
677
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
678
|
+
</fingerprint>
|
|
679
|
+
|
|
680
|
+
<fingerprint pattern="^Freeswitch ([\d.]+)$">
|
|
681
|
+
<description>FreeSWITCH FreeSWITCH</description>
|
|
682
|
+
<example service.version="2.0.0">Freeswitch 2.0.0</example>
|
|
683
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
684
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
685
|
+
<param pos="1" name="service.version"/>
|
|
686
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
687
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
|
688
|
+
</fingerprint>
|
|
689
|
+
|
|
354
690
|
</fingerprints>
|
data/xml/sip_user_agents.xml
CHANGED
|
@@ -4,6 +4,90 @@
|
|
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
|
5
5
|
-->
|
|
6
6
|
|
|
7
|
+
<!-- Generic high volume matches -->
|
|
8
|
+
|
|
9
|
+
<fingerprint pattern="^SIP/2.0$">
|
|
10
|
+
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
|
11
|
+
<example>SIP/2.0</example>
|
|
12
|
+
</fingerprint>
|
|
13
|
+
|
|
14
|
+
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
|
15
|
+
<description>TP-Link SIP enabled device</description>
|
|
16
|
+
<example>TP-Link SIP Stack V1.0.0</example>
|
|
17
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
|
18
|
+
</fingerprint>
|
|
19
|
+
|
|
20
|
+
<fingerprint pattern="^DLink VoIP Stack$">
|
|
21
|
+
<description>DLink SIP enabled device</description>
|
|
22
|
+
<example>DLink VoIP Stack</example>
|
|
23
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
|
24
|
+
</fingerprint>
|
|
25
|
+
|
|
26
|
+
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
|
27
|
+
<description>Zyxel home routers</description>
|
|
28
|
+
<example>Home&Life HUB/1.1.26.00</example>
|
|
29
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
|
30
|
+
<param pos="1" name="os.version"/>
|
|
31
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
32
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
|
33
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
34
|
+
</fingerprint>
|
|
35
|
+
|
|
36
|
+
<!-- Technicolor devices -->
|
|
37
|
+
|
|
38
|
+
<fingerprint pattern="^Technicolor / VANT-6 / AGTOT_([\d.]+) / AGTOT_[\d.]+$">
|
|
39
|
+
<description>Technicolor TG789vac Router</description>
|
|
40
|
+
<example os.version="2.1.4">Technicolor / VANT-6 / AGTOT_2.1.4 / AGTOT_2.1.4</example>
|
|
41
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
42
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
43
|
+
<param pos="1" name="os.version"/>
|
|
44
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
45
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
46
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
47
|
+
</fingerprint>
|
|
48
|
+
|
|
49
|
+
<fingerprint pattern="^Technicolor / VANT-6$">
|
|
50
|
+
<description>Technicolor TG789vac Router w/o version string</description>
|
|
51
|
+
<example>Technicolor / VANT-6</example>
|
|
52
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
53
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
54
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
55
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
56
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
57
|
+
</fingerprint>
|
|
58
|
+
|
|
59
|
+
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
60
|
+
<description>Technicolor TGxxx Router with build info</description>
|
|
61
|
+
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
|
62
|
+
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
|
63
|
+
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
|
64
|
+
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
|
65
|
+
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
|
66
|
+
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
|
67
|
+
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
|
68
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
69
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
70
|
+
<param pos="2" name="os.version"/>
|
|
71
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
72
|
+
<param pos="1" name="hw.product"/>
|
|
73
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
74
|
+
</fingerprint>
|
|
75
|
+
|
|
76
|
+
<!-- Thomson was an older name for Technicolor-->
|
|
77
|
+
|
|
78
|
+
<fingerprint pattern="^Thomson (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
79
|
+
<description>Thomson TGxxx Router with build info</description>
|
|
80
|
+
<example hw.product="TG784" os.version="8.4.2.Q">Thomson TG784 Build 8.4.2.Q</example>
|
|
81
|
+
<example hw.product="TG784n" os.version="8.4.H.F">Thomson TG784n Build 8.4.H.F</example>
|
|
82
|
+
<example hw.product="TG797n" os.version="8.C.D.9">Thomson TG797n v2 Build 8.C.D.9</example>
|
|
83
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
|
84
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
85
|
+
<param pos="2" name="os.version"/>
|
|
86
|
+
<param pos="0" name="hw.vendor" value="Thomson"/>
|
|
87
|
+
<param pos="1" name="hw.product"/>
|
|
88
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
89
|
+
</fingerprint>
|
|
90
|
+
|
|
7
91
|
<!-- Axis devices -->
|
|
8
92
|
|
|
9
93
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
|
@@ -43,10 +127,12 @@
|
|
|
43
127
|
<!-- AVM.DE Devices -->
|
|
44
128
|
|
|
45
129
|
<fingerprint pattern="^FRITZ!OS$">
|
|
46
|
-
<description>AVM
|
|
130
|
+
<description>AVM Fritz!OS Device</description>
|
|
47
131
|
<example>FRITZ!OS</example>
|
|
48
132
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
49
|
-
<param pos="0" name="os.product" value="FRITZ!
|
|
133
|
+
<param pos="0" name="os.product" value="FRITZ!OS"/>
|
|
134
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:avm:fritz\!os:-"/>
|
|
135
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
50
136
|
</fingerprint>
|
|
51
137
|
|
|
52
138
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
|
@@ -67,6 +153,8 @@
|
|
|
67
153
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
|
68
154
|
<param pos="1" name="os.product"/>
|
|
69
155
|
<param pos="2" name="os.version"/>
|
|
156
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
157
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
|
70
158
|
</fingerprint>
|
|
71
159
|
|
|
72
160
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
|
@@ -77,15 +165,19 @@
|
|
|
77
165
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
|
78
166
|
<param pos="1" name="os.product"/>
|
|
79
167
|
<param pos="2" name="os.version"/>
|
|
168
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
169
|
+
<param pos="0" name="hw.family" value="FRITZ!Fon"/>
|
|
80
170
|
</fingerprint>
|
|
81
171
|
|
|
82
172
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
|
83
|
-
<description>AVM Multibox</description>
|
|
173
|
+
<description>AVM Multibox - Generic</description>
|
|
84
174
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
|
85
175
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
86
176
|
<param pos="0" name="os.family" value="Multibox"/>
|
|
87
177
|
<param pos="1" name="os.product"/>
|
|
88
178
|
<param pos="2" name="os.version"/>
|
|
179
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
180
|
+
<param pos="1" name="hw.product"/>
|
|
89
181
|
</fingerprint>
|
|
90
182
|
|
|
91
183
|
<!-- Huawei devices -->
|
|
@@ -196,7 +288,7 @@
|
|
|
196
288
|
<param pos="2" name="hw.version"/>
|
|
197
289
|
</fingerprint>
|
|
198
290
|
|
|
199
|
-
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)
|
|
291
|
+
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)$">
|
|
200
292
|
<description>Nero SIPPS IP Phone</description>
|
|
201
293
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
|
202
294
|
<param pos="0" name="service.vendor" value="Nero"/>
|
|
@@ -245,4 +337,225 @@
|
|
|
245
337
|
<param pos="1" name="hw.product"/>
|
|
246
338
|
</fingerprint>
|
|
247
339
|
|
|
340
|
+
<!-- Grandstream -->
|
|
341
|
+
|
|
342
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
343
|
+
|
|
344
|
+
<fingerprint pattern="^Grandstream HT818 ([\d.]+)$">
|
|
345
|
+
<description>Grandstream Handy Tone HT818</description>
|
|
346
|
+
<example os.version="1.0.8.7">Grandstream HT818 1.0.8.7</example>
|
|
347
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
348
|
+
<param pos="0" name="os.product" value="HT818 Firmware"/>
|
|
349
|
+
<param pos="1" name="os.version"/>
|
|
350
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
351
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht818_firmware:{os.version}"/>
|
|
352
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
353
|
+
<param pos="0" name="hw.product" value="HT818"/>
|
|
354
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
355
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht818:-"/>
|
|
356
|
+
</fingerprint>
|
|
357
|
+
|
|
358
|
+
<fingerprint pattern="^Grandstream HT814 ([\d.]+)$">
|
|
359
|
+
<description>Grandstream Handy Tone HT814</description>
|
|
360
|
+
<example os.version="1.0.9.3">Grandstream HT814 1.0.9.3</example>
|
|
361
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
362
|
+
<param pos="0" name="os.product" value="HT814 Firmware"/>
|
|
363
|
+
<param pos="1" name="os.version"/>
|
|
364
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
365
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht814_firmware:{os.version}"/>
|
|
366
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
367
|
+
<param pos="0" name="hw.product" value="HT814"/>
|
|
368
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
369
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht814:-"/>
|
|
370
|
+
</fingerprint>
|
|
371
|
+
|
|
372
|
+
<fingerprint pattern="^Grandstream HT813 ([\d.]+)$">
|
|
373
|
+
<description>Grandstream Handy Tone HT813</description>
|
|
374
|
+
<example os.version="1.0.1.2">Grandstream HT813 1.0.1.2</example>
|
|
375
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
376
|
+
<param pos="0" name="os.product" value="HT813 Firmware"/>
|
|
377
|
+
<param pos="1" name="os.version"/>
|
|
378
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
379
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht813_firmware:{os.version}"/>
|
|
380
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
381
|
+
<param pos="0" name="hw.product" value="HT813"/>
|
|
382
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
383
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht813:-"/>
|
|
384
|
+
</fingerprint>
|
|
385
|
+
|
|
386
|
+
<fingerprint pattern="^Grandstream HT812 ([\d.]+)$">
|
|
387
|
+
<description>Grandstream Handy Tone HT812</description>
|
|
388
|
+
<example os.version="1.0.3.5">Grandstream HT812 1.0.3.5</example>
|
|
389
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
390
|
+
<param pos="0" name="os.product" value="HT812 Firmware"/>
|
|
391
|
+
<param pos="1" name="os.version"/>
|
|
392
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
393
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht812_firmware:{os.version}"/>
|
|
394
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
395
|
+
<param pos="0" name="hw.product" value="HT812"/>
|
|
396
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
397
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht812:-"/>
|
|
398
|
+
</fingerprint>
|
|
399
|
+
|
|
400
|
+
<fingerprint pattern="^Grandstream HT802 ([\d.]+)$">
|
|
401
|
+
<description>Grandstream Handy Tone HT802</description>
|
|
402
|
+
<example os.version="1.0.3.2">Grandstream HT802 1.0.3.2</example>
|
|
403
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
404
|
+
<param pos="0" name="os.product" value="HT802 Firmware"/>
|
|
405
|
+
<param pos="1" name="os.version"/>
|
|
406
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
407
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht802_firmware:{os.version}"/>
|
|
408
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
409
|
+
<param pos="0" name="hw.product" value="HT802"/>
|
|
410
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
411
|
+
</fingerprint>
|
|
412
|
+
|
|
413
|
+
<fingerprint pattern="^Grandstream HT801 ([\d.]+)$">
|
|
414
|
+
<description>Grandstream Handy Tone HT801</description>
|
|
415
|
+
<example os.version="1.0.3.2">Grandstream HT801 1.0.3.2</example>
|
|
416
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
417
|
+
<param pos="0" name="os.product" value="HT801 Firmware"/>
|
|
418
|
+
<param pos="1" name="os.version"/>
|
|
419
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
420
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht801_firmware:{os.version}"/>
|
|
421
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
422
|
+
<param pos="0" name="hw.product" value="HT801"/>
|
|
423
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
424
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht801:-"/>
|
|
425
|
+
</fingerprint>
|
|
426
|
+
|
|
427
|
+
<!-- Grandstream Handy Tone catchall for when CPEs aren't required for vuln mapping-->
|
|
428
|
+
|
|
429
|
+
<fingerprint pattern="^Grandstream (HT7\d\d) ([\d.]+)$">
|
|
430
|
+
<description>Grandstream Handy Tone HT7xx</description>
|
|
431
|
+
<example hw.product="HT701" os.version="1.0.8.2">Grandstream HT701 1.0.8.2</example>
|
|
432
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
433
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
434
|
+
<param pos="2" name="os.version"/>
|
|
435
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
436
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
437
|
+
<param pos="1" name="hw.product"/>
|
|
438
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
439
|
+
</fingerprint>
|
|
440
|
+
|
|
441
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
442
|
+
|
|
443
|
+
<fingerprint pattern="^Grandstream GXP2200 ([\d.]+)$">
|
|
444
|
+
<description>Grandstream GXP SIP Phone GXP2200</description>
|
|
445
|
+
<example os.version="1.0.3.27">Grandstream GXP2200 1.0.3.27</example>
|
|
446
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
447
|
+
<param pos="0" name="os.product" value="GXP2200 Firmware"/>
|
|
448
|
+
<param pos="1" name="os.version"/>
|
|
449
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
450
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp2200_firmware:{os.version}"/>
|
|
451
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
452
|
+
<param pos="0" name="hw.product" value="GXP2200"/>
|
|
453
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
454
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp2200:-"/>
|
|
455
|
+
</fingerprint>
|
|
456
|
+
|
|
457
|
+
<fingerprint pattern="^Grandstream GXP1628 ([\d.]+)$">
|
|
458
|
+
<description>Grandstream GXP SIP Phone GXP1628</description>
|
|
459
|
+
<example os.version="1.0.7.6">Grandstream GXP1628 1.0.7.6</example>
|
|
460
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
461
|
+
<param pos="0" name="os.product" value="GXP1628 Firmware"/>
|
|
462
|
+
<param pos="1" name="os.version"/>
|
|
463
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
464
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1628_firmware:{os.version}"/>
|
|
465
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
466
|
+
<param pos="0" name="hw.product" value="GXP1628"/>
|
|
467
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
468
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1628:-"/>
|
|
469
|
+
</fingerprint>
|
|
470
|
+
|
|
471
|
+
<fingerprint pattern="^Grandstream GXP1625 ([\d.]+)$">
|
|
472
|
+
<description>Grandstream GXP SIP Phone GXP1625</description>
|
|
473
|
+
<example os.version="1.0.4.128">Grandstream GXP1625 1.0.4.128</example>
|
|
474
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
475
|
+
<param pos="0" name="os.product" value="GXP1625 Firmware"/>
|
|
476
|
+
<param pos="1" name="os.version"/>
|
|
477
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
478
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1625_firmware:{os.version}"/>
|
|
479
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
480
|
+
<param pos="0" name="hw.product" value="GXP1625"/>
|
|
481
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
482
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1625:-"/>
|
|
483
|
+
</fingerprint>
|
|
484
|
+
|
|
485
|
+
<fingerprint pattern="^Grandstream GXP1615 ([\d.]+)$">
|
|
486
|
+
<description>Grandstream GXP SIP Phone GXP1615</description>
|
|
487
|
+
<example os.version="1.0.4.128">Grandstream GXP1615 1.0.4.128</example>
|
|
488
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
489
|
+
<param pos="0" name="os.product" value="GXP1615 Firmware"/>
|
|
490
|
+
<param pos="1" name="os.version"/>
|
|
491
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
492
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1615_firmware:{os.version}"/>
|
|
493
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
494
|
+
<param pos="0" name="hw.product" value="GXP1615"/>
|
|
495
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
496
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1615:-"/>
|
|
497
|
+
</fingerprint>
|
|
498
|
+
|
|
499
|
+
<fingerprint pattern="^Grandstream GXP1610 ([\d.]+)$">
|
|
500
|
+
<description>Grandstream GXP SIP Phone GXP1610</description>
|
|
501
|
+
<example os.version="1.0.4.138">Grandstream GXP1610 1.0.4.138</example>
|
|
502
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
503
|
+
<param pos="0" name="os.product" value="GXP1610 Firmware"/>
|
|
504
|
+
<param pos="1" name="os.version"/>
|
|
505
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
506
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1610_firmware:{os.version}"/>
|
|
507
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
508
|
+
<param pos="0" name="hw.product" value="GXP1610"/>
|
|
509
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
510
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1610:-"/>
|
|
511
|
+
</fingerprint>
|
|
512
|
+
|
|
513
|
+
<!-- Grandstream GXP catchall for when CPEs aren't required for vuln mapping-->
|
|
514
|
+
|
|
515
|
+
<fingerprint pattern="^Grandstream (GXP\d\d\d\d) ([\d.]+)$">
|
|
516
|
+
<description>Grandstream GXP SIP Phone</description>
|
|
517
|
+
<example hw.product="GXP2135" os.version="1.0.9.108">Grandstream GXP2135 1.0.9.108</example>
|
|
518
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
519
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
520
|
+
<param pos="2" name="os.version"/>
|
|
521
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
522
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
523
|
+
<param pos="1" name="hw.product"/>
|
|
524
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
525
|
+
</fingerprint>
|
|
526
|
+
|
|
527
|
+
<fingerprint pattern="^FortiVoice/([\w.-]+)$">
|
|
528
|
+
<description>Fortinet FortiVoice</description>
|
|
529
|
+
<example service.version="7.31b00">FortiVoice/7.31b00</example>
|
|
530
|
+
<example service.version="5.2.95-5">FortiVoice/5.2.95-5</example>
|
|
531
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
|
532
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
|
533
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
534
|
+
<param pos="1" name="service.version"/>
|
|
535
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:{service.version}"/>
|
|
536
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
|
537
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
|
538
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
539
|
+
</fingerprint>
|
|
540
|
+
|
|
541
|
+
<fingerprint pattern="^FreeSWITCH$">
|
|
542
|
+
<description>FreeSWITCH FreeSWITCH without version</description>
|
|
543
|
+
<example>FreeSWITCH</example>
|
|
544
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
545
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
546
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
547
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
|
548
|
+
</fingerprint>
|
|
549
|
+
|
|
550
|
+
<fingerprint pattern="^FreeSWITCH-mod_sofia/([\d.]+)">
|
|
551
|
+
<description>FreeSWITCH FreeSWITCH with version, mod_sofia</description>
|
|
552
|
+
<example service.version="1.10.4">FreeSWITCH-mod_sofia/1.10.4-release+git~20200805T110119Z~133fc2c870~64bit</example>
|
|
553
|
+
<example service.version="1.6.20">FreeSWITCH-mod_sofia/1.6.20~64bit</example>
|
|
554
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
555
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
556
|
+
<param pos="1" name="service.version"/>
|
|
557
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
558
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
|
559
|
+
</fingerprint>
|
|
560
|
+
|
|
248
561
|
</fingerprints>
|