recog 2.3.18 → 2.3.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +26 -0
- data/cpe-remap.yaml +11 -0
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_family.txt +6 -0
- data/identifiers/hw_product.txt +59 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +1 -0
- data/identifiers/os_product.txt +25 -0
- data/identifiers/service_family.txt +3 -0
- data/identifiers/service_product.txt +27 -0
- data/identifiers/vendor.txt +33 -0
- data/lib/recog/version.rb +1 -1
- data/update_cpes.py +3 -3
- data/xml/favicons.xml +108 -0
- data/xml/ftp_banners.xml +2 -1
- data/xml/html_title.xml +156 -1
- data/xml/http_cookies.xml +85 -0
- data/xml/http_servers.xml +120 -1
- data/xml/http_wwwauth.xml +8 -0
- data/xml/mdns_device-info_txt.xml +308 -10
- data/xml/ntp_banners.xml +9 -1
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +344 -8
- data/xml/sip_user_agents.xml +317 -4
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +157 -33
- data/xml/snmp_sysdescr.xml +129 -1
- data/xml/ssh_banners.xml +118 -11
- data/xml/telnet_banners.xml +25 -1
- data/xml/tls_jarm.xml +139 -0
- data/xml/x509_issuers.xml +16 -0
- data/xml/x509_subjects.xml +72 -0
- metadata +4 -2
data/xml/x509_subjects.xml
CHANGED
|
@@ -482,6 +482,7 @@
|
|
|
482
482
|
<param pos="0" name="os.device" value="Hypervisor"/>
|
|
483
483
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:esx:-"/>
|
|
484
484
|
<param pos="1" name="host.name"/>
|
|
485
|
+
<param pos="0" name="hw.device" value="Hypervisor"/>
|
|
485
486
|
</fingerprint>
|
|
486
487
|
|
|
487
488
|
<fingerprint pattern="^CN.*,OU=SRM,O=VMware\\, Inc\.,L=Palo Alto,ST=California,C=US$">
|
|
@@ -513,10 +514,12 @@
|
|
|
513
514
|
<example chromecast.serial_number="YRBLE" host.mac_local="FA8FCA7DE87D">CN=YRBLE FA8FCA7DE87D,OU=Google TV,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
|
514
515
|
<param pos="0" name="os.vendor" value="Google"/>
|
|
515
516
|
<param pos="0" name="os.product" value="Chrome OS"/>
|
|
517
|
+
<param pos="0" name="os.certainty" value="0.5"/>
|
|
516
518
|
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
|
517
519
|
<param pos="0" name="hw.device" value="Media Server"/>
|
|
518
520
|
<param pos="0" name="hw.vendor" value="Google"/>
|
|
519
521
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
|
522
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
|
520
523
|
<param pos="1" name="chromecast.serial_number"/>
|
|
521
524
|
<!-- This is the hotspot-mode MAC address (clear bit 2) -->
|
|
522
525
|
|
|
@@ -562,6 +565,30 @@
|
|
|
562
565
|
<param pos="0" name="os.device" value="Video Conferencing"/>
|
|
563
566
|
</fingerprint>
|
|
564
567
|
|
|
568
|
+
<fingerprint pattern="^CN=a_lifesize_system,OU=lifesize,O=lifesize,L=Austin,ST=Texas,C=US$">
|
|
569
|
+
<description>Lifesize TelePresence (a_lifesize variant 1)</description>
|
|
570
|
+
<example>CN=a_lifesize_system,OU=lifesize,O=lifesize,L=Austin,ST=Texas,C=US</example>
|
|
571
|
+
<param pos="0" name="hw.vendor" value="Lifesize"/>
|
|
572
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
|
573
|
+
<param pos="0" name="hw.product" value="TelePresence"/>
|
|
574
|
+
<param pos="0" name="os.vendor" value="Lifesize"/>
|
|
575
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
576
|
+
<param pos="0" name="os.product" value="TelePresence"/>
|
|
577
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
|
578
|
+
</fingerprint>
|
|
579
|
+
|
|
580
|
+
<fingerprint pattern="^CN=A_LifeSize_System,OU=IT,O=LifeSize Communications\\, Inc\.,ST=Texas,C=US$">
|
|
581
|
+
<description>Lifesize TelePresence (a_lifesize variant 2)</description>
|
|
582
|
+
<example>CN=A_LifeSize_System,OU=IT,O=LifeSize Communications\, Inc.,ST=Texas,C=US</example>
|
|
583
|
+
<param pos="0" name="hw.vendor" value="Lifesize"/>
|
|
584
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
|
585
|
+
<param pos="0" name="hw.product" value="TelePresence"/>
|
|
586
|
+
<param pos="0" name="os.vendor" value="Lifesize"/>
|
|
587
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
588
|
+
<param pos="0" name="os.product" value="TelePresence"/>
|
|
589
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
|
590
|
+
</fingerprint>
|
|
591
|
+
|
|
565
592
|
<fingerprint pattern="^CN=MERCURY-([a-fA-F0-9]{12}),OU=Engineering,O=Crestron">
|
|
566
593
|
<description>Crestron Mercury</description>
|
|
567
594
|
<example host.mac="00107F1ABAA0">CN=MERCURY-00107F1ABAA0,OU=Engineering,O=Crestron Electronics\, Inc.,L=Rockleigh,ST=NJ,C=US</example>
|
|
@@ -893,6 +920,16 @@
|
|
|
893
920
|
<param pos="0" name="os.device" value="Router"/>
|
|
894
921
|
</fingerprint>
|
|
895
922
|
|
|
923
|
+
<fingerprint pattern="^CN=UbiquitiRouterUI,O=Ubiquiti Inc.,L=New York,ST=New York,C=US">
|
|
924
|
+
<description>Ubiquiti Router UI</description>
|
|
925
|
+
<example>CN=UbiquitiRouterUI,O=Ubiquiti Inc.,L=New York,ST=New York,C=US</example>
|
|
926
|
+
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
|
927
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
928
|
+
<param pos="0" name="os.vendor" value="Ubiquiti"/>
|
|
929
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
930
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
931
|
+
</fingerprint>
|
|
932
|
+
|
|
896
933
|
<fingerprint pattern="^CN=UniFi-Video Controller,OU=R&D,O=Ubiquiti Networks,L=New York,ST=NY,C=US$">
|
|
897
934
|
<description>Ubiquiti Video Controller</description>
|
|
898
935
|
<example>CN=UniFi-Video Controller,OU=R&D,O=Ubiquiti Networks,L=New York,ST=NY,C=US</example>
|
|
@@ -1324,6 +1361,7 @@
|
|
|
1324
1361
|
<param pos="0" name="hw.vendor" value="Philips"/>
|
|
1325
1362
|
<param pos="0" name="hw.product" value="Hue"/>
|
|
1326
1363
|
<param pos="0" name="hw.device" value="Light Bulb"/>
|
|
1364
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:philips:hue:-"/>
|
|
1327
1365
|
<param pos="1" name="host.mac_eui64"/>
|
|
1328
1366
|
</fingerprint>
|
|
1329
1367
|
|
|
@@ -1435,4 +1473,38 @@
|
|
|
1435
1473
|
<param pos="0" name="os.product" value="Linux"/>
|
|
1436
1474
|
</fingerprint>
|
|
1437
1475
|
|
|
1476
|
+
<fingerprint pattern="^CN=(RFS\d+)-([0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2})$">
|
|
1477
|
+
<description>Motorola RFS Wireless Controllers</description>
|
|
1478
|
+
<example host.mac="B1-C1-11-11-11-11" hw.product="RFS6000">CN=RFS6000-B1-C1-11-11-11-11</example>
|
|
1479
|
+
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
|
1480
|
+
<param pos="0" name="hw.vendor" value="Motorola"/>
|
|
1481
|
+
<param pos="1" name="hw.product"/>
|
|
1482
|
+
<param pos="2" name="host.mac"/>
|
|
1483
|
+
</fingerprint>
|
|
1484
|
+
|
|
1485
|
+
<fingerprint pattern="^CN=(AP\d+)-([0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2}-[0-9a-fA-F]{2})$">
|
|
1486
|
+
<description>Motorola Wireless Access Points</description>
|
|
1487
|
+
<example host.mac="F1-11-11-11-11-11" hw.product="AP6532">CN=AP6532-F1-11-11-11-11-11</example>
|
|
1488
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
|
1489
|
+
<param pos="0" name="hw.vendor" value="Motorola"/>
|
|
1490
|
+
<param pos="1" name="hw.product"/>
|
|
1491
|
+
<param pos="2" name="host.mac"/>
|
|
1492
|
+
</fingerprint>
|
|
1493
|
+
|
|
1494
|
+
<fingerprint pattern="^CN=attvpngateway\.att\.com,O=AT&T,L=Tampa,ST=FL,C=US$">
|
|
1495
|
+
<description>ATT VPN Gateway</description>
|
|
1496
|
+
<example>CN=attvpngateway.att.com,O=AT&T,L=Tampa,ST=FL,C=US</example>
|
|
1497
|
+
<param pos="0" name="hw.vendor" value="ATT"/>
|
|
1498
|
+
<param pos="0" name="hw.device" value="VPN"/>
|
|
1499
|
+
<param pos="0" name="hw.product" value="VPN Gateway"/>
|
|
1500
|
+
</fingerprint>
|
|
1501
|
+
|
|
1502
|
+
<fingerprint pattern="^CN=silver-peak,OU=Networking Appliance">
|
|
1503
|
+
<description>Silver Peak Appliance</description>
|
|
1504
|
+
<example>CN=silver-peak,OU=Networking Appliance,O=Silver Peak Systems Inc,L=Mountain View,ST=California,C=--</example>
|
|
1505
|
+
<param pos="0" name="hw.vendor" value="Silver Peak"/>
|
|
1506
|
+
<param pos="0" name="hw.device" value="Network Appliance"/>
|
|
1507
|
+
<param pos="0" name="hw.product" value="SD-WAN"/>
|
|
1508
|
+
</fingerprint>
|
|
1509
|
+
|
|
1438
1510
|
</fingerprints>
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.3.
|
|
4
|
+
version: 2.3.19
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rapid7 Research
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-02-04 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -128,6 +128,7 @@ files:
|
|
|
128
128
|
- ".github/ISSUE_TEMPLATE/fingerprint_request.md"
|
|
129
129
|
- ".github/PULL_REQUEST_TEMPLATE"
|
|
130
130
|
- ".github/SECURITY.md"
|
|
131
|
+
- ".github/workflows/ci.yml"
|
|
131
132
|
- ".gitignore"
|
|
132
133
|
- ".rspec"
|
|
133
134
|
- ".ruby-gemset"
|
|
@@ -251,6 +252,7 @@ files:
|
|
|
251
252
|
- xml/snmp_sysobjid.xml
|
|
252
253
|
- xml/ssh_banners.xml
|
|
253
254
|
- xml/telnet_banners.xml
|
|
255
|
+
- xml/tls_jarm.xml
|
|
254
256
|
- xml/x11_banners.xml
|
|
255
257
|
- xml/x509_issuers.xml
|
|
256
258
|
- xml/x509_subjects.xml
|