recog 2.3.18 → 2.3.19
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/cpe-remap.yaml +11 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +6 -0
- data/identifiers/hw_product.txt +59 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +1 -0
- data/identifiers/os_product.txt +25 -0
- data/identifiers/service_family.txt +3 -0
- data/identifiers/service_product.txt +27 -0
- data/identifiers/vendor.txt +33 -0
- data/lib/recog/version.rb +1 -1
- data/update_cpes.py +3 -3
- data/xml/favicons.xml +108 -0
- data/xml/ftp_banners.xml +2 -1
- data/xml/html_title.xml +156 -1
- data/xml/http_cookies.xml +85 -0
- data/xml/http_servers.xml +120 -1
- data/xml/http_wwwauth.xml +8 -0
- data/xml/mdns_device-info_txt.xml +308 -10
- data/xml/ntp_banners.xml +9 -1
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +344 -8
- data/xml/sip_user_agents.xml +317 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +157 -33
- data/xml/snmp_sysdescr.xml +129 -1
- data/xml/ssh_banners.xml +118 -11
- data/xml/telnet_banners.xml +25 -1
- data/xml/tls_jarm.xml +139 -0
- data/xml/x509_issuers.xml +16 -0
- data/xml/x509_subjects.xml +72 -0
- metadata +4 -2
data/xml/ntp_banners.xml
CHANGED
|
@@ -133,7 +133,9 @@
|
|
|
133
133
|
<param pos="0" name="os.family" value="VMware ESX/ESXi"/>
|
|
134
134
|
<param pos="0" name="os.product" value="VMware ESX Server"/>
|
|
135
135
|
<param pos="2" name="os.arch"/>
|
|
136
|
+
<param pos="0" name="os.device" value="Hypervisor"/>
|
|
136
137
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
138
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
137
139
|
</fingerprint>
|
|
138
140
|
|
|
139
141
|
<fingerprint pattern="^.*version="ntpd ([^ ]+)[^"]+",.*processor="([^ ]+)",.*system="Linux/?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
@@ -939,7 +941,9 @@
|
|
|
939
941
|
<param pos="0" name="os.product" value="VMware ESXi Server"/>
|
|
940
942
|
<param pos="2" name="os.arch"/>
|
|
941
943
|
<param pos="3" name="os.version"/>
|
|
944
|
+
<param pos="0" name="os.device" value="Hypervisor"/>
|
|
942
945
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esxi:{os.version}"/>
|
|
946
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
943
947
|
</fingerprint>
|
|
944
948
|
|
|
945
949
|
<fingerprint pattern=".*processor="([^ ]+)",.*system="OSF1[/V]?([^ ]+)"" flags="REG_DOT_NEWLINE,REG_ICASE">
|
|
@@ -1027,9 +1031,13 @@
|
|
|
1027
1031
|
<param pos="0" name="os.vendor" value="NetApp"/>
|
|
1028
1032
|
<param pos="0" name="os.family" value="Data ONTAP"/>
|
|
1029
1033
|
<param pos="0" name="os.product" value="Data ONTAP"/>
|
|
1030
|
-
<param pos="0" name="os.device" value="File Server"/>
|
|
1031
1034
|
<param pos="1" name="os.version"/>
|
|
1035
|
+
<param pos="0" name="ow.device" value="NAS"/>
|
|
1032
1036
|
<param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:{os.version}"/>
|
|
1037
|
+
<param pos="0" name="hw.vendor" value="NetApp"/>
|
|
1038
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
|
1039
|
+
<param pos="0" name="hw.family" value="Data ONTAP"/>
|
|
1040
|
+
<param pos="0" name="hw.product" value="Data ONTAP"/>
|
|
1033
1041
|
</fingerprint>
|
|
1034
1042
|
|
|
1035
1043
|
<fingerprint pattern="system="UNIX/HPUX"" flags="REG_ICASE">
|
data/xml/rtsp_servers.xml
CHANGED
|
@@ -93,4 +93,11 @@
|
|
|
93
93
|
<param pos="1" name="os.version"/>
|
|
94
94
|
</fingerprint>
|
|
95
95
|
|
|
96
|
+
<fingerprint pattern="^Linux/2\.6\.35\.14_nl-xarina\+ Ze-PRO$">
|
|
97
|
+
<description>Sony Network Camera</description>
|
|
98
|
+
<example>Linux/2.6.35.14_nl-xarina+ Ze-PRO</example>
|
|
99
|
+
<param pos="0" name="hw.vendor" value="Sony"/>
|
|
100
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
|
101
|
+
</fingerprint>
|
|
102
|
+
|
|
96
103
|
</fingerprints>
|
data/xml/sip_banners.xml
CHANGED
|
@@ -60,10 +60,53 @@
|
|
|
60
60
|
<param pos="2" name="hw.version"/>
|
|
61
61
|
</fingerprint>
|
|
62
62
|
|
|
63
|
+
<!-- The next few Linksys fingerprints could be merged but are split to enable CPEs -->
|
|
64
|
+
|
|
65
|
+
<fingerprint pattern="^(?:[\dA-F]+ )?Linksys/RT31P2-([\d.]+)\(\w+\)$">
|
|
66
|
+
<description>Linksys RT31P2</description>
|
|
67
|
+
<example os.version="3.1.9">Linksys/RT31P2-3.1.9(LId)</example>
|
|
68
|
+
<example os.version="3.1.6">Linksys/RT31P2-3.1.6(LI)</example>
|
|
69
|
+
<example os.version="3.1.6">001310E72B51 Linksys/RT31P2-3.1.6(LI)</example>
|
|
70
|
+
<param pos="0" name="os.vendor" value="Linksys"/>
|
|
71
|
+
<param pos="0" name="os.product" value="RT31P2 Firmware"/>
|
|
72
|
+
<param pos="1" name="os.version"/>
|
|
73
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
74
|
+
<param pos="0" name="hw.vendor" value="Linksys"/>
|
|
75
|
+
<param pos="0" name="hw.product" value="RT31P2"/>
|
|
76
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
77
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:linksys:rt31p2:-"/>
|
|
78
|
+
</fingerprint>
|
|
79
|
+
|
|
80
|
+
<fingerprint pattern="^Cisco/SPA122-([\d.]+)\(\w+\)[\w-]*$">
|
|
81
|
+
<description>Cisco SPA122</description>
|
|
82
|
+
<example os.version="1.3.5">Cisco/SPA122-1.3.5(004p)</example>
|
|
83
|
+
<example os.version="1.3.5">Cisco/SPA122-1.3.5(004p)_BestGo</example>
|
|
84
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
85
|
+
<param pos="0" name="os.product" value="SPA122 Firmware"/>
|
|
86
|
+
<param pos="1" name="os.version"/>
|
|
87
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
88
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:spa122_firmware:{os.version}"/>
|
|
89
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
90
|
+
<param pos="0" name="hw.product" value="SPA122"/>
|
|
91
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
92
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:cisco:spa122:-"/>
|
|
93
|
+
</fingerprint>
|
|
94
|
+
|
|
95
|
+
<fingerprint pattern="^Cisco/SPA112-([\d.SR]+)\(\w+\)[\w-]*$">
|
|
96
|
+
<description>Cisco SPA112</description>
|
|
97
|
+
<example os.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
|
|
98
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
99
|
+
<param pos="0" name="os.product" value="SPA112 Firmware"/>
|
|
100
|
+
<param pos="1" name="os.version"/>
|
|
101
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
|
102
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:spa112_firmware:{os.version}"/>
|
|
103
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
104
|
+
<param pos="0" name="hw.product" value="SPA112"/>
|
|
105
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
106
|
+
</fingerprint>
|
|
107
|
+
|
|
63
108
|
<fingerprint pattern="(?:Cisco|Linksys)/(SPA\d+[DG]?\d?)-([\d\.a-zA-Z]+)">
|
|
64
109
|
<description>Cisco/Linksys SPA VoIP Phone</description>
|
|
65
|
-
<example hw.model="SPA112" hw.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
|
|
66
|
-
<example hw.model="SPA122" hw.version="1.3.3">Cisco/SPA122-1.3.3(004)</example>
|
|
67
110
|
<example hw.model="SPA922" hw.version="6.1.5">PhoneSystems.net aabbccddeeff Linksys/SPA922-6.1.5(a)</example>
|
|
68
111
|
<example hw.model="SPA232D" hw.version="1.4.1">Cisco/SPA232D-1.4.1(002_282)</example>
|
|
69
112
|
<example hw.model="SPA504G" hw.version="7.5.2">Cisco/SPA504G-7.5.2</example>
|
|
@@ -155,6 +198,130 @@
|
|
|
155
198
|
<param pos="1" name="hw.product"/>
|
|
156
199
|
</fingerprint>
|
|
157
200
|
|
|
201
|
+
<!-- NEC -->
|
|
202
|
+
|
|
203
|
+
<fingerprint pattern="^NEC SL2100/([\d.]+)$">
|
|
204
|
+
<description>NEC SL2100 Communications Server</description>
|
|
205
|
+
<example os.version="2.1">NEC SL2100/2.1</example>
|
|
206
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
207
|
+
<param pos="0" name="os.product" value="SL2100 Firmware"/>
|
|
208
|
+
<param pos="1" name="os.version"/>
|
|
209
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
210
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sl2100_firmware:{os.version}"/>
|
|
211
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
212
|
+
<param pos="0" name="hw.family" value="SL2100"/>
|
|
213
|
+
<param pos="0" name="hw.product" value="SL2100"/>
|
|
214
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
215
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sl2100:-"/>
|
|
216
|
+
</fingerprint>
|
|
217
|
+
|
|
218
|
+
<fingerprint pattern="^NEC (Aspire [WU]X) ([\d.]+)(?:/\d\.\d)?$">
|
|
219
|
+
<description>NEC UNIVERGE Aspire WX or UX SIP Gateway</description>
|
|
220
|
+
<example hw.product="Aspire WX" os.version="02.00.00">NEC Aspire WX 02.00.00</example>
|
|
221
|
+
<example hw.product="Aspire UX" os.version="08.00.00">NEC Aspire UX 08.00.00/2.1</example>
|
|
222
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
223
|
+
<param pos="2" name="os.version"/>
|
|
224
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
225
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
226
|
+
<param pos="1" name="hw.product"/>
|
|
227
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
228
|
+
</fingerprint>
|
|
229
|
+
|
|
230
|
+
<!-- The next few NEC fingerprints could be merged but are split to enable CPEs -->
|
|
231
|
+
|
|
232
|
+
<fingerprint pattern="^NEC(?:-i)? SV9100-(?:NA|GE) ([\d.]+)(?:/\d\.\d)?$">
|
|
233
|
+
<description>NEC UNIVERGE 9100 SIP Gateway</description>
|
|
234
|
+
<example os.version="08.00.65">NEC SV9100-NA 08.00.65/2.1</example>
|
|
235
|
+
<example os.version="09.00.60">NEC SV9100-GE 09.00.60/2.1</example>
|
|
236
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
237
|
+
<param pos="0" name="os.product" value="SV9100 Firmware"/>
|
|
238
|
+
<param pos="1" name="os.version"/>
|
|
239
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sv9100_firmware:{os.version}"/>
|
|
240
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
241
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
242
|
+
<param pos="0" name="hw.product" value="SV9100"/>
|
|
243
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
244
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sv9100:-"/>
|
|
245
|
+
</fingerprint>
|
|
246
|
+
|
|
247
|
+
<fingerprint pattern="^NEC(?:-i)? SV8100-(?:NA|GE) ([\d.]+)(?:/\d\.\d)?$">
|
|
248
|
+
<description>NEC UNIVERGE 8100 SIP Gateway</description>
|
|
249
|
+
<example os.version="08.00.65">NEC SV8100-GE 08.00.65/2.1</example>
|
|
250
|
+
<example os.version="09.50">NEC-i SV8100-NA 09.50/2.1</example>
|
|
251
|
+
<example os.version="10.12">NEC SV8100-NA 10.12/2.1</example>
|
|
252
|
+
<param pos="0" name="os.vendor" value="NEC"/>
|
|
253
|
+
<param pos="0" name="os.product" value="SV8100 Firmware"/>
|
|
254
|
+
<param pos="1" name="os.version"/>
|
|
255
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:nec:sv8100_firmware:{os.version}"/>
|
|
256
|
+
<param pos="0" name="hw.vendor" value="NEC"/>
|
|
257
|
+
<param pos="0" name="hw.family" value="UNIVERGE"/>
|
|
258
|
+
<param pos="0" name="hw.product" value="SV8100"/>
|
|
259
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
260
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:nec:sv8100:-"/>
|
|
261
|
+
</fingerprint>
|
|
262
|
+
|
|
263
|
+
<!-- Grandstream -->
|
|
264
|
+
|
|
265
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
266
|
+
|
|
267
|
+
<fingerprint pattern="^Grandstream UCM6208V(\d\.\d\w) ([\d.]+)$">
|
|
268
|
+
<description>Grandstream UCM 6208</description>
|
|
269
|
+
<example hw.version="1.4A" os.version="1.0.16.20">Grandstream UCM6208V1.4A 1.0.16.20</example>
|
|
270
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
271
|
+
<param pos="0" name="os.product" value="UCM6208 Firmware"/>
|
|
272
|
+
<param pos="2" name="os.version"/>
|
|
273
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
274
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6208_firmware:{os.version}"/>
|
|
275
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
276
|
+
<param pos="0" name="hw.product" value="UCM6208"/>
|
|
277
|
+
<param pos="1" name="hw.version"/>
|
|
278
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
279
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ucm6208:{hw.version}"/>
|
|
280
|
+
</fingerprint>
|
|
281
|
+
|
|
282
|
+
<fingerprint pattern="^Grandstream UCM6204V(\d\.\d\w) ([\d.]+)$">
|
|
283
|
+
<description>Grandstream UCM 6204</description>
|
|
284
|
+
<example hw.version="1.4A" os.version="1.0.15.16">Grandstream UCM6204V1.4A 1.0.15.16</example>
|
|
285
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
286
|
+
<param pos="0" name="os.product" value="UCM6204 Firmware"/>
|
|
287
|
+
<param pos="2" name="os.version"/>
|
|
288
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
289
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6204_firmware:{os.version}"/>
|
|
290
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
291
|
+
<param pos="0" name="hw.product" value="UCM6204"/>
|
|
292
|
+
<param pos="1" name="hw.version"/>
|
|
293
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
294
|
+
</fingerprint>
|
|
295
|
+
|
|
296
|
+
<fingerprint pattern="^Grandstream UCM6202V(\d\.\d\w) ([\d.]+)$">
|
|
297
|
+
<description>Grandstream UCM 6202</description>
|
|
298
|
+
<example hw.version="1.4A" os.version="1.0.15.16">Grandstream UCM6202V1.4A 1.0.15.16</example>
|
|
299
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
300
|
+
<param pos="0" name="os.product" value="UCM6202 Firmware"/>
|
|
301
|
+
<param pos="2" name="os.version"/>
|
|
302
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
303
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ucm6202_firmware:{os.version}"/>
|
|
304
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
305
|
+
<param pos="0" name="hw.product" value="UCM6202"/>
|
|
306
|
+
<param pos="1" name="hw.version"/>
|
|
307
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
308
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ucm6202:{hw.version}"/>
|
|
309
|
+
</fingerprint>
|
|
310
|
+
|
|
311
|
+
<fingerprint pattern="^Grandstream (UCM6\d\d\d)V(\d\.\d\w) ([\d.]+)$">
|
|
312
|
+
<description>Grandstream UCM 6xxx series generic</description>
|
|
313
|
+
<example hw.product="UCM6102" os.version="1.0.6.10">Grandstream UCM6102V1.5A 1.0.6.10</example>
|
|
314
|
+
<example hw.product="UCM6302" hw.version="1.2B">Grandstream UCM6302V1.2B 1.0.3.10</example>
|
|
315
|
+
<example hw.product="UCM6510">Grandstream UCM6510V1.4B 1.0.14.23</example>
|
|
316
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
317
|
+
<param pos="3" name="os.version"/>
|
|
318
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
319
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
320
|
+
<param pos="1" name="hw.product"/>
|
|
321
|
+
<param pos="2" name="hw.version"/>
|
|
322
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
323
|
+
</fingerprint>
|
|
324
|
+
|
|
158
325
|
<!-- Various -->
|
|
159
326
|
|
|
160
327
|
<fingerprint pattern="EnGenius_Router$">
|
|
@@ -275,6 +442,18 @@
|
|
|
275
442
|
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
276
443
|
</fingerprint>
|
|
277
444
|
|
|
445
|
+
<fingerprint pattern="^Wildix GW ([\d.~a-h]+)$">
|
|
446
|
+
<description>Wildix SIP Gateway - timestamp/build variant</description>
|
|
447
|
+
<example os.version="20201008.1~a2e84be1">Wildix GW 20201008.1~a2e84be1</example>
|
|
448
|
+
<param pos="0" name="os.vendor" value="Wildix"/>
|
|
449
|
+
<param pos="0" name="os.family" value="SIP Gateway"/>
|
|
450
|
+
<param pos="1" name="os.version"/>
|
|
451
|
+
<param pos="0" name="hw.vendor" value="Wildix"/>
|
|
452
|
+
<param pos="0" name="hw.family" value="SIP Gateway"/>
|
|
453
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
454
|
+
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
455
|
+
</fingerprint>
|
|
456
|
+
|
|
278
457
|
<fingerprint pattern="^Wildix GW$">
|
|
279
458
|
<description>Wildix SIP Gateway w/o Version</description>
|
|
280
459
|
<example>Wildix GW</example>
|
|
@@ -286,6 +465,18 @@
|
|
|
286
465
|
<param pos="0" name="hw.product" value="SIP Gateway"/>
|
|
287
466
|
</fingerprint>
|
|
288
467
|
|
|
468
|
+
<fingerprint pattern="^PBX-IP Media Gateway/([\d.]+)$">
|
|
469
|
+
<description>Dialogic Media Gateway w Version</description>
|
|
470
|
+
<example os.version="2.1">PBX-IP Media Gateway/2.1</example>
|
|
471
|
+
<param pos="0" name="os.vendor" value="Dialogic"/>
|
|
472
|
+
<param pos="0" name="os.family" value="SIP Gateway"/>
|
|
473
|
+
<param pos="1" name="os.version"/>
|
|
474
|
+
<param pos="0" name="hw.vendor" value="Dialogic"/>
|
|
475
|
+
<param pos="0" name="hw.family" value="SIP Gateway"/>
|
|
476
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
477
|
+
<param pos="0" name="hw.product" value="Media Gateway"/>
|
|
478
|
+
</fingerprint>
|
|
479
|
+
|
|
289
480
|
<fingerprint pattern="^Asterisk PBX (\S+)$">
|
|
290
481
|
<description>Asterisk PBX w/ Version</description>
|
|
291
482
|
<example service.version="13.18.0-6.7.1.1.rl.1538157944.1c65507">Asterisk PBX 13.18.0-6.7.1.1.rl.1538157944.1c65507</example>
|
|
@@ -314,14 +505,115 @@
|
|
|
314
505
|
<param pos="1" name="service.version"/>
|
|
315
506
|
</fingerprint>
|
|
316
507
|
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
508
|
+
<!-- Kamailio seems to be a successor to OpenSER and perhaps OpenSIPS? -->
|
|
509
|
+
|
|
510
|
+
<fingerprint pattern="^[Kk]amailio \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
511
|
+
<description>Kamailio Kamailio - Linux on x86_64</description>
|
|
512
|
+
<example service.version="4.4.4">kamailio (4.4.4 (x86_64/linux))</example>
|
|
320
513
|
<param pos="0" name="service.vendor" value="Kamailio"/>
|
|
321
|
-
<param pos="0" name="service.
|
|
322
|
-
<param pos="
|
|
514
|
+
<param pos="0" name="service.product" value="Kamailio"/>
|
|
515
|
+
<param pos="1" name="service.version"/>
|
|
516
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
|
|
517
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
518
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
519
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
520
|
+
</fingerprint>
|
|
521
|
+
|
|
522
|
+
<fingerprint pattern="^[Kk]amailio \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
523
|
+
<description>Kamailio Kamailio - Linux on x86</description>
|
|
524
|
+
<example service.version="1.5.2">Kamailio (1.5.2-notls (i386/linux))</example>
|
|
525
|
+
<param pos="0" name="service.vendor" value="Kamailio"/>
|
|
526
|
+
<param pos="0" name="service.product" value="Kamailio"/>
|
|
527
|
+
<param pos="1" name="service.version"/>
|
|
528
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
|
|
529
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
530
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
531
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
532
|
+
</fingerprint>
|
|
533
|
+
|
|
534
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
535
|
+
<description>OpenSIPS OpenSIPS - Linux on x86_64</description>
|
|
536
|
+
<example service.version="1.7.2">OpenSIPS (1.7.2-notls (x86_64/linux))</example>
|
|
537
|
+
<example service.version="1.11.11">OpenSIPS (1.11.11-tls (x86_64/linux))</example>
|
|
538
|
+
<example service.version="2.2.7">OpenSIPS (2.2.7 (x86_64/linux))</example>
|
|
539
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
540
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
541
|
+
<param pos="1" name="service.version"/>
|
|
542
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
543
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
544
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
545
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
546
|
+
</fingerprint>
|
|
547
|
+
|
|
548
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
549
|
+
<description>OpenSIPS OpenSIPS - Linux on x86</description>
|
|
550
|
+
<example service.version="1.8.2">OpenSIPS (1.8.2-notls (i386/linux))</example>
|
|
551
|
+
<example service.version="1.11.3">OpenSIPS (1.11.3-tls (i386/linux))</example>
|
|
552
|
+
<example service.version="2.3.3">OpenSIPS (2.3.3 (i386/linux))</example>
|
|
553
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
554
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
555
|
+
<param pos="1" name="service.version"/>
|
|
556
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
557
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
558
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
559
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
560
|
+
</fingerprint>
|
|
561
|
+
|
|
562
|
+
<fingerprint pattern="^OpenSIPS \(([\d.]+)(?:-tls|-notls)? \(arm(?:v4tl|v7l)?/linux\)\)$">
|
|
563
|
+
<description>OpenSIPS OpenSIPS - Linux on ARM</description>
|
|
564
|
+
<example service.version="2.2.2">OpenSIPS (2.2.2 (arm/linux))</example>
|
|
565
|
+
<example service.version="1.6.0">OpenSIPS (1.6.0-notls (armv4tl/linux))</example>
|
|
566
|
+
<example service.version="1.11.5">OpenSIPS (1.11.5-tls (armv7l/linux))</example>
|
|
567
|
+
<param pos="0" name="service.vendor" value="OpenSIPS"/>
|
|
568
|
+
<param pos="0" name="service.product" value="OpenSIPS"/>
|
|
569
|
+
<param pos="1" name="service.version"/>
|
|
570
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opensips:opensips:{service.version}"/>
|
|
571
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
572
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
573
|
+
<param pos="0" name="os.arch" value="ARM"/>
|
|
574
|
+
</fingerprint>
|
|
575
|
+
|
|
576
|
+
<fingerprint pattern="^(?i)OpenSER \(([\d.]+)(?:-tls|-notls)? \(sh4/linux\)\)$">
|
|
577
|
+
<description>OpenSER OpenSER - Linux on Renesas SH4</description>
|
|
578
|
+
<example service.version="1.3.2">OpenSER (1.3.2-notls (sh4/linux))</example>
|
|
579
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
580
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
323
581
|
<param pos="1" name="service.version"/>
|
|
324
|
-
<param pos="
|
|
582
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
583
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
584
|
+
</fingerprint>
|
|
585
|
+
|
|
586
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(x86_64/linux\)\)$">
|
|
587
|
+
<description>OpenSER OpenSER - Linux on x86_64</description>
|
|
588
|
+
<example service.version="1.1.0">OpenSer (1.1.0-notls (x86_64/linux))</example>
|
|
589
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
590
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
591
|
+
<param pos="1" name="service.version"/>
|
|
592
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
593
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
594
|
+
<param pos="0" name="os.arch" value="x86_64"/>
|
|
595
|
+
</fingerprint>
|
|
596
|
+
|
|
597
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(i386/linux\)\)$">
|
|
598
|
+
<description>OpenSER OpenSER - Linux on x86</description>
|
|
599
|
+
<example service.version="1.3.0">OpenSER (1.3.0-notls (i386/linux))</example>
|
|
600
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
601
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
602
|
+
<param pos="1" name="service.version"/>
|
|
603
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
604
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
605
|
+
<param pos="0" name="os.arch" value="x86"/>
|
|
606
|
+
</fingerprint>
|
|
607
|
+
|
|
608
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(arm/linux\)\)$">
|
|
609
|
+
<description>OpenSER OpenSER - Linux on ARM</description>
|
|
610
|
+
<example service.version="1.3.2">OpenSER (1.3.2-tls (arm/linux))</example>
|
|
611
|
+
<param pos="0" name="service.vendor" value="OpenSER"/>
|
|
612
|
+
<param pos="0" name="service.product" value="OpenSER"/>
|
|
613
|
+
<param pos="1" name="service.version"/>
|
|
614
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
615
|
+
<param pos="0" name="os.product" value="Linux"/>
|
|
616
|
+
<param pos="0" name="os.arch" value="ARM"/>
|
|
325
617
|
</fingerprint>
|
|
326
618
|
|
|
327
619
|
<!-- This match covers multiple product families and should be split up further -->
|
|
@@ -351,4 +643,48 @@
|
|
|
351
643
|
<param pos="0" name="hw.product" value="SIParator Firewall"/>
|
|
352
644
|
</fingerprint>
|
|
353
645
|
|
|
646
|
+
<fingerprint pattern="^CommuniGatePro/(\d\.[\w.]+)$">
|
|
647
|
+
<description>Communigate Pro</description>
|
|
648
|
+
<example service.version="6.2.14">CommuniGatePro/6.2.14</example>
|
|
649
|
+
<example service.version="6.3c1m">CommuniGatePro/6.3c1m</example>
|
|
650
|
+
<param pos="0" name="service.vendor" value="Communigate"/>
|
|
651
|
+
<param pos="0" name="service.family" value="Pro"/>
|
|
652
|
+
<param pos="0" name="service.product" value="Communigate Pro"/>
|
|
653
|
+
<param pos="1" name="service.version"/>
|
|
654
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:communigate:communigate_pro:{service.version}"/>
|
|
655
|
+
</fingerprint>
|
|
656
|
+
|
|
657
|
+
<fingerprint pattern="^STARFACE PBX$">
|
|
658
|
+
<description>STARFACE GmhH STARFACE PBX</description>
|
|
659
|
+
<example>STARFACE PBX</example>
|
|
660
|
+
<param pos="0" name="service.vendor" value="STARFACE GmhH"/>
|
|
661
|
+
<param pos="0" name="service.family" value="SIP Server"/>
|
|
662
|
+
<param pos="0" name="service.product" value="STARFACE PBX"/>
|
|
663
|
+
</fingerprint>
|
|
664
|
+
|
|
665
|
+
<fingerprint pattern="^FortiVoice-([\w-]+)$">
|
|
666
|
+
<description>Fortinet FortiVoice</description>
|
|
667
|
+
<example hw.product="200D">FortiVoice-200D</example>
|
|
668
|
+
<example hw.product="VM-Azure">FortiVoice-VM-Azure</example>
|
|
669
|
+
<example>FortiVoice-1000E</example>
|
|
670
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
|
671
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
|
672
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
673
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:-"/>
|
|
674
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
|
675
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
|
676
|
+
<param pos="1" name="hw.product"/>
|
|
677
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
678
|
+
</fingerprint>
|
|
679
|
+
|
|
680
|
+
<fingerprint pattern="^Freeswitch ([\d.]+)$">
|
|
681
|
+
<description>FreeSWITCH FreeSWITCH</description>
|
|
682
|
+
<example service.version="2.0.0">Freeswitch 2.0.0</example>
|
|
683
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
684
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
685
|
+
<param pos="1" name="service.version"/>
|
|
686
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
687
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
|
688
|
+
</fingerprint>
|
|
689
|
+
|
|
354
690
|
</fingerprints>
|
data/xml/sip_user_agents.xml
CHANGED
|
@@ -4,6 +4,90 @@
|
|
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
|
5
5
|
-->
|
|
6
6
|
|
|
7
|
+
<!-- Generic high volume matches -->
|
|
8
|
+
|
|
9
|
+
<fingerprint pattern="^SIP/2.0$">
|
|
10
|
+
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
|
11
|
+
<example>SIP/2.0</example>
|
|
12
|
+
</fingerprint>
|
|
13
|
+
|
|
14
|
+
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
|
15
|
+
<description>TP-Link SIP enabled device</description>
|
|
16
|
+
<example>TP-Link SIP Stack V1.0.0</example>
|
|
17
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
|
18
|
+
</fingerprint>
|
|
19
|
+
|
|
20
|
+
<fingerprint pattern="^DLink VoIP Stack$">
|
|
21
|
+
<description>DLink SIP enabled device</description>
|
|
22
|
+
<example>DLink VoIP Stack</example>
|
|
23
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
|
24
|
+
</fingerprint>
|
|
25
|
+
|
|
26
|
+
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
|
27
|
+
<description>Zyxel home routers</description>
|
|
28
|
+
<example>Home&Life HUB/1.1.26.00</example>
|
|
29
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
|
30
|
+
<param pos="1" name="os.version"/>
|
|
31
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
32
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
|
33
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
34
|
+
</fingerprint>
|
|
35
|
+
|
|
36
|
+
<!-- Technicolor devices -->
|
|
37
|
+
|
|
38
|
+
<fingerprint pattern="^Technicolor / VANT-6 / AGTOT_([\d.]+) / AGTOT_[\d.]+$">
|
|
39
|
+
<description>Technicolor TG789vac Router</description>
|
|
40
|
+
<example os.version="2.1.4">Technicolor / VANT-6 / AGTOT_2.1.4 / AGTOT_2.1.4</example>
|
|
41
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
42
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
43
|
+
<param pos="1" name="os.version"/>
|
|
44
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
45
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
46
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
47
|
+
</fingerprint>
|
|
48
|
+
|
|
49
|
+
<fingerprint pattern="^Technicolor / VANT-6$">
|
|
50
|
+
<description>Technicolor TG789vac Router w/o version string</description>
|
|
51
|
+
<example>Technicolor / VANT-6</example>
|
|
52
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
53
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
54
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
55
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
56
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
57
|
+
</fingerprint>
|
|
58
|
+
|
|
59
|
+
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
60
|
+
<description>Technicolor TGxxx Router with build info</description>
|
|
61
|
+
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
|
62
|
+
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
|
63
|
+
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
|
64
|
+
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
|
65
|
+
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
|
66
|
+
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
|
67
|
+
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
|
68
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
69
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
70
|
+
<param pos="2" name="os.version"/>
|
|
71
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
72
|
+
<param pos="1" name="hw.product"/>
|
|
73
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
74
|
+
</fingerprint>
|
|
75
|
+
|
|
76
|
+
<!-- Thomson was an older name for Technicolor-->
|
|
77
|
+
|
|
78
|
+
<fingerprint pattern="^Thomson (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
79
|
+
<description>Thomson TGxxx Router with build info</description>
|
|
80
|
+
<example hw.product="TG784" os.version="8.4.2.Q">Thomson TG784 Build 8.4.2.Q</example>
|
|
81
|
+
<example hw.product="TG784n" os.version="8.4.H.F">Thomson TG784n Build 8.4.H.F</example>
|
|
82
|
+
<example hw.product="TG797n" os.version="8.C.D.9">Thomson TG797n v2 Build 8.C.D.9</example>
|
|
83
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
|
84
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
85
|
+
<param pos="2" name="os.version"/>
|
|
86
|
+
<param pos="0" name="hw.vendor" value="Thomson"/>
|
|
87
|
+
<param pos="1" name="hw.product"/>
|
|
88
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
89
|
+
</fingerprint>
|
|
90
|
+
|
|
7
91
|
<!-- Axis devices -->
|
|
8
92
|
|
|
9
93
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
|
@@ -43,10 +127,12 @@
|
|
|
43
127
|
<!-- AVM.DE Devices -->
|
|
44
128
|
|
|
45
129
|
<fingerprint pattern="^FRITZ!OS$">
|
|
46
|
-
<description>AVM
|
|
130
|
+
<description>AVM Fritz!OS Device</description>
|
|
47
131
|
<example>FRITZ!OS</example>
|
|
48
132
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
49
|
-
<param pos="0" name="os.product" value="FRITZ!
|
|
133
|
+
<param pos="0" name="os.product" value="FRITZ!OS"/>
|
|
134
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:avm:fritz\!os:-"/>
|
|
135
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
50
136
|
</fingerprint>
|
|
51
137
|
|
|
52
138
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
|
@@ -67,6 +153,8 @@
|
|
|
67
153
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
|
68
154
|
<param pos="1" name="os.product"/>
|
|
69
155
|
<param pos="2" name="os.version"/>
|
|
156
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
157
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
|
70
158
|
</fingerprint>
|
|
71
159
|
|
|
72
160
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
|
@@ -77,15 +165,19 @@
|
|
|
77
165
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
|
78
166
|
<param pos="1" name="os.product"/>
|
|
79
167
|
<param pos="2" name="os.version"/>
|
|
168
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
169
|
+
<param pos="0" name="hw.family" value="FRITZ!Fon"/>
|
|
80
170
|
</fingerprint>
|
|
81
171
|
|
|
82
172
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
|
83
|
-
<description>AVM Multibox</description>
|
|
173
|
+
<description>AVM Multibox - Generic</description>
|
|
84
174
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
|
85
175
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
86
176
|
<param pos="0" name="os.family" value="Multibox"/>
|
|
87
177
|
<param pos="1" name="os.product"/>
|
|
88
178
|
<param pos="2" name="os.version"/>
|
|
179
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
180
|
+
<param pos="1" name="hw.product"/>
|
|
89
181
|
</fingerprint>
|
|
90
182
|
|
|
91
183
|
<!-- Huawei devices -->
|
|
@@ -196,7 +288,7 @@
|
|
|
196
288
|
<param pos="2" name="hw.version"/>
|
|
197
289
|
</fingerprint>
|
|
198
290
|
|
|
199
|
-
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)
|
|
291
|
+
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)$">
|
|
200
292
|
<description>Nero SIPPS IP Phone</description>
|
|
201
293
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
|
202
294
|
<param pos="0" name="service.vendor" value="Nero"/>
|
|
@@ -245,4 +337,225 @@
|
|
|
245
337
|
<param pos="1" name="hw.product"/>
|
|
246
338
|
</fingerprint>
|
|
247
339
|
|
|
340
|
+
<!-- Grandstream -->
|
|
341
|
+
|
|
342
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
343
|
+
|
|
344
|
+
<fingerprint pattern="^Grandstream HT818 ([\d.]+)$">
|
|
345
|
+
<description>Grandstream Handy Tone HT818</description>
|
|
346
|
+
<example os.version="1.0.8.7">Grandstream HT818 1.0.8.7</example>
|
|
347
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
348
|
+
<param pos="0" name="os.product" value="HT818 Firmware"/>
|
|
349
|
+
<param pos="1" name="os.version"/>
|
|
350
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
351
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht818_firmware:{os.version}"/>
|
|
352
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
353
|
+
<param pos="0" name="hw.product" value="HT818"/>
|
|
354
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
355
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht818:-"/>
|
|
356
|
+
</fingerprint>
|
|
357
|
+
|
|
358
|
+
<fingerprint pattern="^Grandstream HT814 ([\d.]+)$">
|
|
359
|
+
<description>Grandstream Handy Tone HT814</description>
|
|
360
|
+
<example os.version="1.0.9.3">Grandstream HT814 1.0.9.3</example>
|
|
361
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
362
|
+
<param pos="0" name="os.product" value="HT814 Firmware"/>
|
|
363
|
+
<param pos="1" name="os.version"/>
|
|
364
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
365
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht814_firmware:{os.version}"/>
|
|
366
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
367
|
+
<param pos="0" name="hw.product" value="HT814"/>
|
|
368
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
369
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht814:-"/>
|
|
370
|
+
</fingerprint>
|
|
371
|
+
|
|
372
|
+
<fingerprint pattern="^Grandstream HT813 ([\d.]+)$">
|
|
373
|
+
<description>Grandstream Handy Tone HT813</description>
|
|
374
|
+
<example os.version="1.0.1.2">Grandstream HT813 1.0.1.2</example>
|
|
375
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
376
|
+
<param pos="0" name="os.product" value="HT813 Firmware"/>
|
|
377
|
+
<param pos="1" name="os.version"/>
|
|
378
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
379
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht813_firmware:{os.version}"/>
|
|
380
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
381
|
+
<param pos="0" name="hw.product" value="HT813"/>
|
|
382
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
383
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht813:-"/>
|
|
384
|
+
</fingerprint>
|
|
385
|
+
|
|
386
|
+
<fingerprint pattern="^Grandstream HT812 ([\d.]+)$">
|
|
387
|
+
<description>Grandstream Handy Tone HT812</description>
|
|
388
|
+
<example os.version="1.0.3.5">Grandstream HT812 1.0.3.5</example>
|
|
389
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
390
|
+
<param pos="0" name="os.product" value="HT812 Firmware"/>
|
|
391
|
+
<param pos="1" name="os.version"/>
|
|
392
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
393
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht812_firmware:{os.version}"/>
|
|
394
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
395
|
+
<param pos="0" name="hw.product" value="HT812"/>
|
|
396
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
397
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht812:-"/>
|
|
398
|
+
</fingerprint>
|
|
399
|
+
|
|
400
|
+
<fingerprint pattern="^Grandstream HT802 ([\d.]+)$">
|
|
401
|
+
<description>Grandstream Handy Tone HT802</description>
|
|
402
|
+
<example os.version="1.0.3.2">Grandstream HT802 1.0.3.2</example>
|
|
403
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
404
|
+
<param pos="0" name="os.product" value="HT802 Firmware"/>
|
|
405
|
+
<param pos="1" name="os.version"/>
|
|
406
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
407
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht802_firmware:{os.version}"/>
|
|
408
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
409
|
+
<param pos="0" name="hw.product" value="HT802"/>
|
|
410
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
411
|
+
</fingerprint>
|
|
412
|
+
|
|
413
|
+
<fingerprint pattern="^Grandstream HT801 ([\d.]+)$">
|
|
414
|
+
<description>Grandstream Handy Tone HT801</description>
|
|
415
|
+
<example os.version="1.0.3.2">Grandstream HT801 1.0.3.2</example>
|
|
416
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
417
|
+
<param pos="0" name="os.product" value="HT801 Firmware"/>
|
|
418
|
+
<param pos="1" name="os.version"/>
|
|
419
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
420
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht801_firmware:{os.version}"/>
|
|
421
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
422
|
+
<param pos="0" name="hw.product" value="HT801"/>
|
|
423
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
424
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht801:-"/>
|
|
425
|
+
</fingerprint>
|
|
426
|
+
|
|
427
|
+
<!-- Grandstream Handy Tone catchall for when CPEs aren't required for vuln mapping-->
|
|
428
|
+
|
|
429
|
+
<fingerprint pattern="^Grandstream (HT7\d\d) ([\d.]+)$">
|
|
430
|
+
<description>Grandstream Handy Tone HT7xx</description>
|
|
431
|
+
<example hw.product="HT701" os.version="1.0.8.2">Grandstream HT701 1.0.8.2</example>
|
|
432
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
433
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
434
|
+
<param pos="2" name="os.version"/>
|
|
435
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
436
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
437
|
+
<param pos="1" name="hw.product"/>
|
|
438
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
439
|
+
</fingerprint>
|
|
440
|
+
|
|
441
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
442
|
+
|
|
443
|
+
<fingerprint pattern="^Grandstream GXP2200 ([\d.]+)$">
|
|
444
|
+
<description>Grandstream GXP SIP Phone GXP2200</description>
|
|
445
|
+
<example os.version="1.0.3.27">Grandstream GXP2200 1.0.3.27</example>
|
|
446
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
447
|
+
<param pos="0" name="os.product" value="GXP2200 Firmware"/>
|
|
448
|
+
<param pos="1" name="os.version"/>
|
|
449
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
450
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp2200_firmware:{os.version}"/>
|
|
451
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
452
|
+
<param pos="0" name="hw.product" value="GXP2200"/>
|
|
453
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
454
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp2200:-"/>
|
|
455
|
+
</fingerprint>
|
|
456
|
+
|
|
457
|
+
<fingerprint pattern="^Grandstream GXP1628 ([\d.]+)$">
|
|
458
|
+
<description>Grandstream GXP SIP Phone GXP1628</description>
|
|
459
|
+
<example os.version="1.0.7.6">Grandstream GXP1628 1.0.7.6</example>
|
|
460
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
461
|
+
<param pos="0" name="os.product" value="GXP1628 Firmware"/>
|
|
462
|
+
<param pos="1" name="os.version"/>
|
|
463
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
464
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1628_firmware:{os.version}"/>
|
|
465
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
466
|
+
<param pos="0" name="hw.product" value="GXP1628"/>
|
|
467
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
468
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1628:-"/>
|
|
469
|
+
</fingerprint>
|
|
470
|
+
|
|
471
|
+
<fingerprint pattern="^Grandstream GXP1625 ([\d.]+)$">
|
|
472
|
+
<description>Grandstream GXP SIP Phone GXP1625</description>
|
|
473
|
+
<example os.version="1.0.4.128">Grandstream GXP1625 1.0.4.128</example>
|
|
474
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
475
|
+
<param pos="0" name="os.product" value="GXP1625 Firmware"/>
|
|
476
|
+
<param pos="1" name="os.version"/>
|
|
477
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
478
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1625_firmware:{os.version}"/>
|
|
479
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
480
|
+
<param pos="0" name="hw.product" value="GXP1625"/>
|
|
481
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
482
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1625:-"/>
|
|
483
|
+
</fingerprint>
|
|
484
|
+
|
|
485
|
+
<fingerprint pattern="^Grandstream GXP1615 ([\d.]+)$">
|
|
486
|
+
<description>Grandstream GXP SIP Phone GXP1615</description>
|
|
487
|
+
<example os.version="1.0.4.128">Grandstream GXP1615 1.0.4.128</example>
|
|
488
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
489
|
+
<param pos="0" name="os.product" value="GXP1615 Firmware"/>
|
|
490
|
+
<param pos="1" name="os.version"/>
|
|
491
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
492
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1615_firmware:{os.version}"/>
|
|
493
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
494
|
+
<param pos="0" name="hw.product" value="GXP1615"/>
|
|
495
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
496
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1615:-"/>
|
|
497
|
+
</fingerprint>
|
|
498
|
+
|
|
499
|
+
<fingerprint pattern="^Grandstream GXP1610 ([\d.]+)$">
|
|
500
|
+
<description>Grandstream GXP SIP Phone GXP1610</description>
|
|
501
|
+
<example os.version="1.0.4.138">Grandstream GXP1610 1.0.4.138</example>
|
|
502
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
503
|
+
<param pos="0" name="os.product" value="GXP1610 Firmware"/>
|
|
504
|
+
<param pos="1" name="os.version"/>
|
|
505
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
506
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1610_firmware:{os.version}"/>
|
|
507
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
508
|
+
<param pos="0" name="hw.product" value="GXP1610"/>
|
|
509
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
510
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1610:-"/>
|
|
511
|
+
</fingerprint>
|
|
512
|
+
|
|
513
|
+
<!-- Grandstream GXP catchall for when CPEs aren't required for vuln mapping-->
|
|
514
|
+
|
|
515
|
+
<fingerprint pattern="^Grandstream (GXP\d\d\d\d) ([\d.]+)$">
|
|
516
|
+
<description>Grandstream GXP SIP Phone</description>
|
|
517
|
+
<example hw.product="GXP2135" os.version="1.0.9.108">Grandstream GXP2135 1.0.9.108</example>
|
|
518
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
519
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
520
|
+
<param pos="2" name="os.version"/>
|
|
521
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
522
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
523
|
+
<param pos="1" name="hw.product"/>
|
|
524
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
525
|
+
</fingerprint>
|
|
526
|
+
|
|
527
|
+
<fingerprint pattern="^FortiVoice/([\w.-]+)$">
|
|
528
|
+
<description>Fortinet FortiVoice</description>
|
|
529
|
+
<example service.version="7.31b00">FortiVoice/7.31b00</example>
|
|
530
|
+
<example service.version="5.2.95-5">FortiVoice/5.2.95-5</example>
|
|
531
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
|
532
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
|
533
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
534
|
+
<param pos="1" name="service.version"/>
|
|
535
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:{service.version}"/>
|
|
536
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
|
537
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
|
538
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
539
|
+
</fingerprint>
|
|
540
|
+
|
|
541
|
+
<fingerprint pattern="^FreeSWITCH$">
|
|
542
|
+
<description>FreeSWITCH FreeSWITCH without version</description>
|
|
543
|
+
<example>FreeSWITCH</example>
|
|
544
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
545
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
546
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
547
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
|
548
|
+
</fingerprint>
|
|
549
|
+
|
|
550
|
+
<fingerprint pattern="^FreeSWITCH-mod_sofia/([\d.]+)">
|
|
551
|
+
<description>FreeSWITCH FreeSWITCH with version, mod_sofia</description>
|
|
552
|
+
<example service.version="1.10.4">FreeSWITCH-mod_sofia/1.10.4-release+git~20200805T110119Z~133fc2c870~64bit</example>
|
|
553
|
+
<example service.version="1.6.20">FreeSWITCH-mod_sofia/1.6.20~64bit</example>
|
|
554
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
555
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
556
|
+
<param pos="1" name="service.version"/>
|
|
557
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
558
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
|
559
|
+
</fingerprint>
|
|
560
|
+
|
|
248
561
|
</fingerprints>
|