RubyGems - recog - Versions diffs - 2.3.18 → 2.3.19 - Mend

recog 2.3.18 → 2.3.19

Files changed (34) hide show

checksums.yaml +4 -4
data/.github/workflows/ci.yml +26 -0
data/cpe-remap.yaml +11 -0
data/identifiers/hw_device.txt +2 -0
data/identifiers/hw_family.txt +6 -0
data/identifiers/hw_product.txt +59 -0
data/identifiers/os_device.txt +2 -0
data/identifiers/os_family.txt +1 -0
data/identifiers/os_product.txt +25 -0
data/identifiers/service_family.txt +3 -0
data/identifiers/service_product.txt +27 -0
data/identifiers/vendor.txt +33 -0
data/lib/recog/version.rb +1 -1
data/update_cpes.py +3 -3
data/xml/favicons.xml +108 -0
data/xml/ftp_banners.xml +2 -1
data/xml/html_title.xml +156 -1
data/xml/http_cookies.xml +85 -0
data/xml/http_servers.xml +120 -1
data/xml/http_wwwauth.xml +8 -0
data/xml/mdns_device-info_txt.xml +308 -10
data/xml/ntp_banners.xml +9 -1
data/xml/rtsp_servers.xml +7 -0
data/xml/sip_banners.xml +344 -8
data/xml/sip_user_agents.xml +317 -4
data/xml/smb_native_lm.xml +32 -1
data/xml/smb_native_os.xml +157 -33
data/xml/snmp_sysdescr.xml +129 -1
data/xml/ssh_banners.xml +118 -11
data/xml/telnet_banners.xml +25 -1
data/xml/tls_jarm.xml +139 -0
data/xml/x509_issuers.xml +16 -0
data/xml/x509_subjects.xml +72 -0
metadata +4 -2

data/xml/x509_subjects.xml CHANGED Viewed

@@ -482,6 +482,7 @@
     <param pos="0" name="os.device" value="Hypervisor"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
     <param pos="1" name="host.name"/>
+    <param pos="0" name="hw.device" value="Hypervisor"/>
   </fingerprint>
   <fingerprint pattern="^CN.*,OU=SRM,O=VMware\\, Inc\.,L=Palo Alto,ST=California,C=US$">
@@ -513,10 +514,12 @@
     <example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
     <param pos="0" name="os.vendor" value="Google"/>
     <param pos="0" name="os.product" value="Chrome OS"/>
+    <param pos="0" name="os.certainty" value="0.5"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
     <param pos="0" name="hw.device" value="Media Server"/>
     <param pos="0" name="hw.vendor" value="Google"/>
     <param pos="0" name="hw.product" value="Chromecast"/>
+    <param pos="0" name="hw.certainty" value="0.5"/>
     <param pos="1" name="chromecast.serial_number"/>
     <!-- This is the hotspot-mode MAC address (clear bit 2) -->
@@ -562,6 +565,30 @@
     <param pos="0" name="os.device" value="Video Conferencing"/>
   </fingerprint>
+  <fingerprint pattern="^CN=a_lifesize_system,OU=lifesize,O=lifesize,L=Austin,ST=Texas,C=US$">
+    <description>Lifesize TelePresence (a_lifesize variant 1)</description>
+    <example>CN=a_lifesize_system,OU=lifesize,O=lifesize,L=Austin,ST=Texas,C=US</example>
+    <param pos="0" name="hw.vendor" value="Lifesize"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="0" name="hw.product" value="TelePresence"/>
+    <param pos="0" name="os.vendor" value="Lifesize"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="TelePresence"/>
+    <param pos="0" name="os.device" value="Video Conferencing"/>
+  </fingerprint>
+  <fingerprint pattern="^CN=A_LifeSize_System,OU=IT,O=LifeSize Communications\\, Inc\.,ST=Texas,C=US$">
+    <description>Lifesize TelePresence (a_lifesize variant 2)</description>
+    <example>CN=A_LifeSize_System,OU=IT,O=LifeSize Communications\, Inc.,ST=Texas,C=US</example>
+    <param pos="0" name="hw.vendor" value="Lifesize"/>
+    <param pos="0" name="hw.device" value="Video Conferencing"/>
+    <param pos="0" name="hw.product" value="TelePresence"/>
+    <param pos="0" name="os.vendor" value="Lifesize"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="TelePresence"/>
+    <param pos="0" name="os.device" value="Video Conferencing"/>
+  </fingerprint>
   <fingerprint pattern="^CN=MERCURY-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
     <description>Crestron Mercury</description>
     <example host.mac="00107F1ABAA0">CN=MERCURY-00107F1ABAA0,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
@@ -893,6 +920,16 @@
     <param pos="0" name="os.device" value="Router"/>
   </fingerprint>
+  <fingerprint pattern="^CN=UbiquitiRouterUI,O=Ubiquiti Inc.,L=New York,ST=New York,C=US">
+    <description>Ubiquiti Router UI</description>
+    <example>CN=UbiquitiRouterUI,O=Ubiquiti Inc.,L=New York,ST=New York,C=US</example>
+    <param pos="0" name="hw.vendor" value="Ubiquiti"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="os.vendor" value="Ubiquiti"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.device" value="Router"/>
+  </fingerprint>
   <fingerprint pattern="^CN=UniFi-Video Controller,OU=R&amp;D,O=Ubiquiti Networks,L=New York,ST=NY,C=US$">
     <description>Ubiquiti Video Controller</description>
     <example>CN=UniFi-Video Controller,OU=R&amp;D,O=Ubiquiti Networks,L=New York,ST=NY,C=US</example>
@@ -1324,6 +1361,7 @@
     <param pos="0" name="hw.vendor" value="Philips"/>
     <param pos="0" name="hw.product" value="Hue"/>
     <param pos="0" name="hw.device" value="Light Bulb"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:philips:hue:-"/>
     <param pos="1" name="host.mac_eui64"/>
   </fingerprint>
@@ -1435,4 +1473,38 @@
     <param pos="0" name="os.product" value="Linux"/>
   </fingerprint>
+  <fingerprint pattern="^CN=(RFS\d+)-([0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2})$">
+    <description>Motorola RFS Wireless Controllers</description>
+    <example host.mac="B1-C1-11-11-11-11" hw.product="RFS6000">CN=RFS6000-B1-C1-11-11-11-11</example>
+    <param pos="0" name="hw.device" value="Wireless Controller"/>
+    <param pos="0" name="hw.vendor" value="Motorola"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="host.mac"/>
+  </fingerprint>
+  <fingerprint pattern="^CN=(AP\d+)-([0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2})$">
+    <description>Motorola Wireless Access Points</description>
+    <example host.mac="F1-11-11-11-11-11" hw.product="AP6532">CN=AP6532-F1-11-11-11-11-11</example>
+    <param pos="0" name="hw.device" value="WAP"/>
+    <param pos="0" name="hw.vendor" value="Motorola"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="host.mac"/>
+  </fingerprint>
+  <fingerprint pattern="^CN=attvpngateway\.att\.com,O=AT&amp;T,L=Tampa,ST=FL,C=US$">
+    <description>ATT VPN Gateway</description>
+    <example>CN=attvpngateway.att.com,O=AT&amp;T,L=Tampa,ST=FL,C=US</example>
+    <param pos="0" name="hw.vendor" value="ATT"/>
+    <param pos="0" name="hw.device" value="VPN"/>
+    <param pos="0" name="hw.product" value="VPN Gateway"/>
+  </fingerprint>
+  <fingerprint pattern="^CN=silver-peak,OU=Networking Appliance">
+    <description>Silver Peak Appliance</description>
+    <example>CN=silver-peak,OU=Networking Appliance,O=Silver Peak Systems Inc,L=Mountain View,ST=California,C=--</example>
+    <param pos="0" name="hw.vendor" value="Silver Peak"/>
+    <param pos="0" name="hw.device" value="Network Appliance"/>
+    <param pos="0" name="hw.product" value="SD-WAN"/>
+  </fingerprint>
 </fingerprints>

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.3.18
+  version: 2.3.19
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-12-17 00:00:00.000000000 Z
+date: 2021-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -128,6 +128,7 @@ files:
 - ".github/ISSUE_TEMPLATE/fingerprint_request.md"
 - ".github/PULL_REQUEST_TEMPLATE"
 - ".github/SECURITY.md"
+- ".github/workflows/ci.yml"
 - ".gitignore"
 - ".rspec"
 - ".ruby-gemset"
@@ -251,6 +252,7 @@ files:
 - xml/snmp_sysobjid.xml
 - xml/ssh_banners.xml
 - xml/telnet_banners.xml
+- xml/tls_jarm.xml
 - xml/x11_banners.xml
 - xml/x509_issuers.xml
 - xml/x509_subjects.xml