recog 2.3.18 → 2.3.22

Sign up to get free protection for your applications and to get access to all the features.
Files changed (73) hide show
  1. checksums.yaml +4 -4
  2. data/.github/dependabot.yml +8 -0
  3. data/.github/workflows/ci.yml +26 -0
  4. data/.github/workflows/verify.yml +89 -0
  5. data/CONTRIBUTING.md +6 -0
  6. data/README.md +17 -0
  7. data/bin/recog_standardize +33 -12
  8. data/bin/recog_verify +1 -2
  9. data/cpe-remap.yaml +355 -200
  10. data/features/verify.feature +14 -14
  11. data/identifiers/README.md +24 -10
  12. data/identifiers/fields.txt +105 -0
  13. data/identifiers/hw_device.txt +8 -0
  14. data/identifiers/hw_family.txt +19 -0
  15. data/identifiers/hw_product.txt +122 -0
  16. data/identifiers/os_device.txt +2 -1
  17. data/identifiers/os_family.txt +3 -0
  18. data/identifiers/os_product.txt +46 -8
  19. data/identifiers/service_family.txt +10 -1
  20. data/identifiers/service_product.txt +90 -2
  21. data/identifiers/vendor.txt +104 -0
  22. data/lib/recog/db.rb +2 -1
  23. data/lib/recog/fingerprint.rb +18 -5
  24. data/lib/recog/nizer.rb +1 -82
  25. data/lib/recog/verifier.rb +5 -5
  26. data/lib/recog/verifier_factory.rb +3 -3
  27. data/lib/recog/verify_reporter.rb +14 -4
  28. data/lib/recog/version.rb +1 -1
  29. data/requirements.txt +1 -1
  30. data/spec/lib/fingerprint_self_test_spec.rb +1 -0
  31. data/spec/lib/recog/verify_reporter_spec.rb +69 -0
  32. data/tools/dev/hooks/pre-commit +21 -0
  33. data/update_cpes.py +19 -6
  34. data/xml/apache_modules.xml +60 -0
  35. data/xml/apache_os.xml +38 -38
  36. data/xml/dhcp_vendor_class.xml +206 -0
  37. data/xml/dns_versionbind.xml +11 -1
  38. data/xml/favicons.xml +270 -45
  39. data/xml/ftp_banners.xml +89 -64
  40. data/xml/h323_callresp.xml +99 -99
  41. data/xml/hp_pjl_id.xml +3 -3
  42. data/xml/html_title.xml +1051 -62
  43. data/xml/http_cookies.xml +294 -85
  44. data/xml/http_servers.xml +551 -122
  45. data/xml/http_wwwauth.xml +139 -43
  46. data/xml/imap_banners.xml +8 -8
  47. data/xml/ldap_searchresult.xml +1 -0
  48. data/xml/mdns_device-info_txt.xml +720 -27
  49. data/xml/mysql_banners.xml +3 -2
  50. data/xml/nntp_banners.xml +4 -4
  51. data/xml/ntp_banners.xml +79 -65
  52. data/xml/operating_system.xml +6 -6
  53. data/xml/pop_banners.xml +11 -11
  54. data/xml/rsh_resp.xml +3 -3
  55. data/xml/rtsp_servers.xml +7 -0
  56. data/xml/sip_banners.xml +374 -9
  57. data/xml/sip_user_agents.xml +377 -5
  58. data/xml/smb_native_lm.xml +32 -1
  59. data/xml/smb_native_os.xml +160 -33
  60. data/xml/smtp_banners.xml +168 -129
  61. data/xml/smtp_ehlo.xml +1 -1
  62. data/xml/smtp_expn.xml +1 -0
  63. data/xml/smtp_help.xml +10 -10
  64. data/xml/smtp_noop.xml +2 -2
  65. data/xml/smtp_vrfy.xml +1 -0
  66. data/xml/snmp_sysdescr.xml +508 -214
  67. data/xml/snmp_sysobjid.xml +25 -25
  68. data/xml/ssh_banners.xml +145 -29
  69. data/xml/telnet_banners.xml +240 -61
  70. data/xml/tls_jarm.xml +162 -0
  71. data/xml/x509_issuers.xml +237 -2
  72. data/xml/x509_subjects.xml +369 -49
  73. metadata +10 -3
data/xml/mysql_banners.xml CHANGED
@@ -1354,9 +1354,10 @@
1354
1354
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
1355
1355
  </fingerprint>
1356
1356
 
1357
- <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4})-MariaDB-\d\:.*\+maria\~focal$" flags="REG_ICASE">
1357
+ <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4})-MariaDB-\d\:.*\+maria\~focal(?:-log)?$" flags="REG_ICASE">
1358
1358
  <description>MariaDB MariaDB on Ubuntu 20.04 (Focal Fossa)</description>
1359
1359
  <example service.version="10.5.2">5.5.5-10.5.2-MariaDB-1:10.5.2+maria~focal</example>
1360
+ <example service.version="10.1.1">5.5.5-10.1.1-MariaDB-1:10.1.1+maria~focal-log</example>
1360
1361
  <param pos="1" name="service.version"/>
1361
1362
  <param pos="0" name="service.vendor" value="MariaDB"/>
1362
1363
  <param pos="0" name="service.family" value="MySQL"/>
@@ -1384,7 +1385,7 @@
1384
1385
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
1385
1386
  </fingerprint>
1386
1387
 
1387
- <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4}(?:\-\d)?)-MariaDB-alt\d{1,2}(?:-log)?.*$" flags="REG_ICASE">
1388
+ <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4}(?:\-\d)?)-MariaDB-alt\d{1,2}(?:-log)?" flags="REG_ICASE">
1388
1389
  <description>MariaDB MariaDB on a ALT Linux</description>
1389
1390
  <example service.version="10.1.29">5.5.5-10.1.29-MariaDB-alt1.M80P.1</example>
1390
1391
  <example service.version="10.2.15">5.5.5-10.2.15-MariaDB-alt2.M80P.3.S1</example>
data/xml/nntp_banners.xml CHANGED
@@ -13,7 +13,7 @@
13
13
  <param pos="0" name="service.product" value="CCProxy"/>
14
14
  </fingerprint>
15
15
 
16
- <fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
16
+ <fingerprint pattern="^(\S{1,512}) Lyris ListManager NNTP Service ready">
17
17
  <description>Lyris Listmanager</description>
18
18
  <example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
19
19
  <param pos="0" name="service.vendor" value="Lyris"/>
@@ -22,7 +22,7 @@
22
22
  <param pos="1" name="host.name"/>
23
23
  </fingerprint>
24
24
 
25
- <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
25
+ <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+)">
26
26
  <description>Microsoft IIS NNTP Server on Windows 2000</description>
27
27
  <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
28
28
  <example>NNTP Service 5.00.0984 Version: 5.0.2195.5329 Posting Allowed</example>
@@ -38,7 +38,7 @@
38
38
  <param pos="1" name="ms.nttp.version"/>
39
39
  </fingerprint>
40
40
 
41
- <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
41
+ <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+)">
42
42
  <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
43
43
  <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
44
44
  <example>NNTP Service 6.0.3790.206 Version: 6.0.3790.206 Posting Allowed</example>
@@ -54,7 +54,7 @@
54
54
  <param pos="1" name="ms.nttp.version"/>
55
55
  </fingerprint>
56
56
 
57
- <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
57
+ <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+)">
58
58
  <description>Older Microsoft IIS NNTP Servers</description>
59
59
  <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
60
60
  <example>NNTP Service Microsoft. Internet Services 5.00.7515. Version: 5.0.0.7515 Posting Allowed</example>