recog 2.3.18 → 2.3.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +26 -0
- data/.github/workflows/verify.yml +89 -0
- data/CONTRIBUTING.md +6 -0
- data/README.md +17 -0
- data/bin/recog_standardize +33 -12
- data/bin/recog_verify +1 -2
- data/cpe-remap.yaml +355 -200
- data/features/verify.feature +14 -14
- data/identifiers/README.md +24 -10
- data/identifiers/fields.txt +105 -0
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +19 -0
- data/identifiers/hw_product.txt +122 -0
- data/identifiers/os_device.txt +2 -1
- data/identifiers/os_family.txt +3 -0
- data/identifiers/os_product.txt +46 -8
- data/identifiers/service_family.txt +10 -1
- data/identifiers/service_product.txt +90 -2
- data/identifiers/vendor.txt +104 -0
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +18 -5
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +5 -5
- data/lib/recog/verifier_factory.rb +3 -3
- data/lib/recog/verify_reporter.rb +14 -4
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/verify_reporter_spec.rb +69 -0
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +19 -6
- data/xml/apache_modules.xml +60 -0
- data/xml/apache_os.xml +38 -38
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +11 -1
- data/xml/favicons.xml +270 -45
- data/xml/ftp_banners.xml +89 -64
- data/xml/h323_callresp.xml +99 -99
- data/xml/hp_pjl_id.xml +3 -3
- data/xml/html_title.xml +1051 -62
- data/xml/http_cookies.xml +294 -85
- data/xml/http_servers.xml +551 -122
- data/xml/http_wwwauth.xml +139 -43
- data/xml/imap_banners.xml +8 -8
- data/xml/ldap_searchresult.xml +1 -0
- data/xml/mdns_device-info_txt.xml +720 -27
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +4 -4
- data/xml/ntp_banners.xml +79 -65
- data/xml/operating_system.xml +6 -6
- data/xml/pop_banners.xml +11 -11
- data/xml/rsh_resp.xml +3 -3
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +374 -9
- data/xml/sip_user_agents.xml +377 -5
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +160 -33
- data/xml/smtp_banners.xml +168 -129
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_expn.xml +1 -0
- data/xml/smtp_help.xml +10 -10
- data/xml/smtp_noop.xml +2 -2
- data/xml/smtp_vrfy.xml +1 -0
- data/xml/snmp_sysdescr.xml +508 -214
- data/xml/snmp_sysobjid.xml +25 -25
- data/xml/ssh_banners.xml +145 -29
- data/xml/telnet_banners.xml +240 -61
- data/xml/tls_jarm.xml +162 -0
- data/xml/x509_issuers.xml +237 -2
- data/xml/x509_subjects.xml +369 -49
- metadata +10 -3
data/xml/sip_user_agents.xml
CHANGED
|
@@ -4,6 +4,95 @@
|
|
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
|
5
5
|
-->
|
|
6
6
|
|
|
7
|
+
<!-- Generic high volume matches -->
|
|
8
|
+
|
|
9
|
+
<fingerprint pattern="^SIP/2.0$">
|
|
10
|
+
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
|
11
|
+
<example>SIP/2.0</example>
|
|
12
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
13
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
14
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
15
|
+
</fingerprint>
|
|
16
|
+
|
|
17
|
+
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
|
18
|
+
<description>TP-Link SIP enabled device</description>
|
|
19
|
+
<example>TP-Link SIP Stack V1.0.0</example>
|
|
20
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
|
21
|
+
</fingerprint>
|
|
22
|
+
|
|
23
|
+
<fingerprint pattern="^DLink VoIP Stack$">
|
|
24
|
+
<description>DLink SIP enabled device</description>
|
|
25
|
+
<example>DLink VoIP Stack</example>
|
|
26
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
|
27
|
+
</fingerprint>
|
|
28
|
+
|
|
29
|
+
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
|
30
|
+
<description>Zyxel home routers</description>
|
|
31
|
+
<example>Home&Life HUB/1.1.26.00</example>
|
|
32
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
|
33
|
+
<param pos="1" name="os.version"/>
|
|
34
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
35
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
|
36
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
37
|
+
</fingerprint>
|
|
38
|
+
|
|
39
|
+
<!-- Technicolor devices -->
|
|
40
|
+
|
|
41
|
+
<fingerprint pattern="^Technicolor / VANT-6 / AGTOT_([\d.]+) / AGTOT_[\d.]+$">
|
|
42
|
+
<description>Technicolor TG789vac Router</description>
|
|
43
|
+
<example os.version="2.1.4">Technicolor / VANT-6 / AGTOT_2.1.4 / AGTOT_2.1.4</example>
|
|
44
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
45
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
46
|
+
<param pos="1" name="os.version"/>
|
|
47
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
48
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
49
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
50
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
|
51
|
+
</fingerprint>
|
|
52
|
+
|
|
53
|
+
<fingerprint pattern="^Technicolor / VANT-6$">
|
|
54
|
+
<description>Technicolor TG789vac Router w/o version string</description>
|
|
55
|
+
<example>Technicolor / VANT-6</example>
|
|
56
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
57
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
58
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
59
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
|
60
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
61
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
|
62
|
+
</fingerprint>
|
|
63
|
+
|
|
64
|
+
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
65
|
+
<description>Technicolor TGxxx Router with build info</description>
|
|
66
|
+
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
|
67
|
+
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
|
68
|
+
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
|
69
|
+
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
|
70
|
+
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
|
71
|
+
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
|
72
|
+
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
|
73
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
|
74
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
75
|
+
<param pos="2" name="os.version"/>
|
|
76
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
|
77
|
+
<param pos="1" name="hw.product"/>
|
|
78
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
79
|
+
</fingerprint>
|
|
80
|
+
|
|
81
|
+
<!-- Thomson was an older name for Technicolor-->
|
|
82
|
+
|
|
83
|
+
<fingerprint pattern="^Thomson (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
|
84
|
+
<description>Thomson TGxxx Router with build info</description>
|
|
85
|
+
<example hw.product="TG784" os.version="8.4.2.Q">Thomson TG784 Build 8.4.2.Q</example>
|
|
86
|
+
<example hw.product="TG784n" os.version="8.4.H.F">Thomson TG784n Build 8.4.H.F</example>
|
|
87
|
+
<example hw.product="TG797n" os.version="8.C.D.9">Thomson TG797n v2 Build 8.C.D.9</example>
|
|
88
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
|
89
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
90
|
+
<param pos="2" name="os.version"/>
|
|
91
|
+
<param pos="0" name="hw.vendor" value="Thomson"/>
|
|
92
|
+
<param pos="1" name="hw.product"/>
|
|
93
|
+
<param pos="0" name="hw.device" value="Router"/>
|
|
94
|
+
</fingerprint>
|
|
95
|
+
|
|
7
96
|
<!-- Axis devices -->
|
|
8
97
|
|
|
9
98
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
|
@@ -40,13 +129,44 @@
|
|
|
40
129
|
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
|
|
41
130
|
</fingerprint>
|
|
42
131
|
|
|
132
|
+
<fingerprint pattern="^Cisco-CP(39\d{2})/([\d.]+)$">
|
|
133
|
+
<description>Cisco Unified SIP Phone 3900 Series</description>
|
|
134
|
+
<example cisco.model="3905" hw.product="Unified SIP Phone 3905" os.version="9.4.1">Cisco-CP3905/9.4.1</example>
|
|
135
|
+
<param pos="1" name="cisco.model"/>
|
|
136
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
137
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
138
|
+
<param pos="0" name="hw.product" value="Unified SIP Phone {cisco.model}"/>
|
|
139
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
140
|
+
<param pos="0" name="os.product" value="Unified SIP Phone 3900 Firmware"/>
|
|
141
|
+
<param pos="2" name="os.version"/>
|
|
142
|
+
<param pos="0" name="hw.certainty" value="0.95"/>
|
|
143
|
+
<param pos="0" name="os.certainty" value="0.95"/>
|
|
144
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:unified_sip_phone_3900_firmware:{os.version}"/>
|
|
145
|
+
</fingerprint>
|
|
146
|
+
|
|
147
|
+
<fingerprint pattern="^Cisco-ATA(\d{3})/([\d.]+)$">
|
|
148
|
+
<description>Cisco Analog Telephone Adapters (ATA)</description>
|
|
149
|
+
<example cisco.model="187" hw.product="ATA 187" os.version="9.2.3">Cisco-ATA187/9.2.3</example>
|
|
150
|
+
<param pos="1" name="cisco.model"/>
|
|
151
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
152
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
153
|
+
<param pos="0" name="hw.product" value="ATA {cisco.model}"/>
|
|
154
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
|
155
|
+
<param pos="0" name="os.product" value="ATA {cisco.model} Firmware"/>
|
|
156
|
+
<param pos="2" name="os.version"/>
|
|
157
|
+
<param pos="0" name="hw.certainty" value="0.9"/>
|
|
158
|
+
<param pos="0" name="os.certainty" value="0.9"/>
|
|
159
|
+
</fingerprint>
|
|
160
|
+
|
|
43
161
|
<!-- AVM.DE Devices -->
|
|
44
162
|
|
|
45
163
|
<fingerprint pattern="^FRITZ!OS$">
|
|
46
|
-
<description>AVM
|
|
164
|
+
<description>AVM Fritz!OS Device</description>
|
|
47
165
|
<example>FRITZ!OS</example>
|
|
48
166
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
49
|
-
<param pos="0" name="os.product" value="FRITZ!
|
|
167
|
+
<param pos="0" name="os.product" value="FRITZ!OS"/>
|
|
168
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:avm:fritz\!os:-"/>
|
|
169
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
50
170
|
</fingerprint>
|
|
51
171
|
|
|
52
172
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
|
@@ -67,6 +187,8 @@
|
|
|
67
187
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
|
68
188
|
<param pos="1" name="os.product"/>
|
|
69
189
|
<param pos="2" name="os.version"/>
|
|
190
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
191
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
|
70
192
|
</fingerprint>
|
|
71
193
|
|
|
72
194
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
|
@@ -77,15 +199,19 @@
|
|
|
77
199
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
|
78
200
|
<param pos="1" name="os.product"/>
|
|
79
201
|
<param pos="2" name="os.version"/>
|
|
202
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
203
|
+
<param pos="0" name="hw.family" value="FRITZ!Fon"/>
|
|
80
204
|
</fingerprint>
|
|
81
205
|
|
|
82
206
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
|
83
|
-
<description>AVM Multibox</description>
|
|
207
|
+
<description>AVM Multibox - Generic</description>
|
|
84
208
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
|
85
209
|
<param pos="0" name="os.vendor" value="AVM"/>
|
|
86
210
|
<param pos="0" name="os.family" value="Multibox"/>
|
|
87
211
|
<param pos="1" name="os.product"/>
|
|
88
212
|
<param pos="2" name="os.version"/>
|
|
213
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
|
214
|
+
<param pos="1" name="hw.product"/>
|
|
89
215
|
</fingerprint>
|
|
90
216
|
|
|
91
217
|
<!-- Huawei devices -->
|
|
@@ -196,7 +322,7 @@
|
|
|
196
322
|
<param pos="2" name="hw.version"/>
|
|
197
323
|
</fingerprint>
|
|
198
324
|
|
|
199
|
-
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)
|
|
325
|
+
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)$">
|
|
200
326
|
<description>Nero SIPPS IP Phone</description>
|
|
201
327
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
|
202
328
|
<param pos="0" name="service.vendor" value="Nero"/>
|
|
@@ -206,10 +332,11 @@
|
|
|
206
332
|
<param pos="1" name="service.version"/>
|
|
207
333
|
</fingerprint>
|
|
208
334
|
|
|
209
|
-
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel \d+\)$">
|
|
335
|
+
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel [\d\.]+\)$">
|
|
210
336
|
<description>ShoreTel VoIP Switch</description>
|
|
211
337
|
<example hw.version="21.90.4128.0">ShoreGear/21.90.4128.0 (ShoreTel 15)</example>
|
|
212
338
|
<example hw.version="22.11.4900.0">ShoreGear/22.11.4900.0 (ShoreTel 15)</example>
|
|
339
|
+
<example hw.version="19.48.2600.0">ShoreGear/19.48.2600.0 (ShoreTel 14.2)</example>
|
|
213
340
|
<param pos="0" name="hw.vendor" value="ShoreTel"/>
|
|
214
341
|
<param pos="0" name="hw.device" value="VoIP Switch"/>
|
|
215
342
|
<param pos="1" name="hw.version"/>
|
|
@@ -245,4 +372,249 @@
|
|
|
245
372
|
<param pos="1" name="hw.product"/>
|
|
246
373
|
</fingerprint>
|
|
247
374
|
|
|
375
|
+
<!-- Grandstream -->
|
|
376
|
+
|
|
377
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
378
|
+
|
|
379
|
+
<fingerprint pattern="^Grandstream HT818 ([\d.]+)$">
|
|
380
|
+
<description>Grandstream Handy Tone HT818</description>
|
|
381
|
+
<example os.version="1.0.8.7">Grandstream HT818 1.0.8.7</example>
|
|
382
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
383
|
+
<param pos="0" name="os.product" value="HT818 Firmware"/>
|
|
384
|
+
<param pos="1" name="os.version"/>
|
|
385
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
386
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht818_firmware:{os.version}"/>
|
|
387
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
388
|
+
<param pos="0" name="hw.product" value="HT818"/>
|
|
389
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
390
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht818:-"/>
|
|
391
|
+
</fingerprint>
|
|
392
|
+
|
|
393
|
+
<fingerprint pattern="^Grandstream HT814 ([\d.]+)$">
|
|
394
|
+
<description>Grandstream Handy Tone HT814</description>
|
|
395
|
+
<example os.version="1.0.9.3">Grandstream HT814 1.0.9.3</example>
|
|
396
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
397
|
+
<param pos="0" name="os.product" value="HT814 Firmware"/>
|
|
398
|
+
<param pos="1" name="os.version"/>
|
|
399
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
400
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht814_firmware:{os.version}"/>
|
|
401
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
402
|
+
<param pos="0" name="hw.product" value="HT814"/>
|
|
403
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
404
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht814:-"/>
|
|
405
|
+
</fingerprint>
|
|
406
|
+
|
|
407
|
+
<fingerprint pattern="^Grandstream HT813 ([\d.]+)$">
|
|
408
|
+
<description>Grandstream Handy Tone HT813</description>
|
|
409
|
+
<example os.version="1.0.1.2">Grandstream HT813 1.0.1.2</example>
|
|
410
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
411
|
+
<param pos="0" name="os.product" value="HT813 Firmware"/>
|
|
412
|
+
<param pos="1" name="os.version"/>
|
|
413
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
414
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht813_firmware:{os.version}"/>
|
|
415
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
416
|
+
<param pos="0" name="hw.product" value="HT813"/>
|
|
417
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
418
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht813:-"/>
|
|
419
|
+
</fingerprint>
|
|
420
|
+
|
|
421
|
+
<fingerprint pattern="^Grandstream HT812 ([\d.]+)$">
|
|
422
|
+
<description>Grandstream Handy Tone HT812</description>
|
|
423
|
+
<example os.version="1.0.3.5">Grandstream HT812 1.0.3.5</example>
|
|
424
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
425
|
+
<param pos="0" name="os.product" value="HT812 Firmware"/>
|
|
426
|
+
<param pos="1" name="os.version"/>
|
|
427
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
428
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht812_firmware:{os.version}"/>
|
|
429
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
430
|
+
<param pos="0" name="hw.product" value="HT812"/>
|
|
431
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
432
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht812:-"/>
|
|
433
|
+
</fingerprint>
|
|
434
|
+
|
|
435
|
+
<fingerprint pattern="^Grandstream HT802 ([\d.]+)$">
|
|
436
|
+
<description>Grandstream Handy Tone HT802</description>
|
|
437
|
+
<example os.version="1.0.3.2">Grandstream HT802 1.0.3.2</example>
|
|
438
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
439
|
+
<param pos="0" name="os.product" value="HT802 Firmware"/>
|
|
440
|
+
<param pos="1" name="os.version"/>
|
|
441
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
442
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht802_firmware:{os.version}"/>
|
|
443
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
444
|
+
<param pos="0" name="hw.product" value="HT802"/>
|
|
445
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
446
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht802:-"/>
|
|
447
|
+
</fingerprint>
|
|
448
|
+
|
|
449
|
+
<fingerprint pattern="^Grandstream HT801 ([\d.]+)$">
|
|
450
|
+
<description>Grandstream Handy Tone HT801</description>
|
|
451
|
+
<example os.version="1.0.3.2">Grandstream HT801 1.0.3.2</example>
|
|
452
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
453
|
+
<param pos="0" name="os.product" value="HT801 Firmware"/>
|
|
454
|
+
<param pos="1" name="os.version"/>
|
|
455
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
456
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht801_firmware:{os.version}"/>
|
|
457
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
458
|
+
<param pos="0" name="hw.product" value="HT801"/>
|
|
459
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
460
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht801:-"/>
|
|
461
|
+
</fingerprint>
|
|
462
|
+
|
|
463
|
+
<!-- Grandstream Handy Tone catchall for when CPEs aren't required for vuln mapping-->
|
|
464
|
+
|
|
465
|
+
<fingerprint pattern="^Grandstream (HT7\d\d) ([\d.]+)$">
|
|
466
|
+
<description>Grandstream Handy Tone HT7xx</description>
|
|
467
|
+
<example hw.product="HT701" os.version="1.0.8.2">Grandstream HT701 1.0.8.2</example>
|
|
468
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
469
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
470
|
+
<param pos="2" name="os.version"/>
|
|
471
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
|
472
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
473
|
+
<param pos="1" name="hw.product"/>
|
|
474
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
475
|
+
</fingerprint>
|
|
476
|
+
|
|
477
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
|
478
|
+
|
|
479
|
+
<fingerprint pattern="^Grandstream GXP2200 ([\d.]+)$">
|
|
480
|
+
<description>Grandstream GXP SIP Phone GXP2200</description>
|
|
481
|
+
<example os.version="1.0.3.27">Grandstream GXP2200 1.0.3.27</example>
|
|
482
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
483
|
+
<param pos="0" name="os.product" value="GXP2200 Firmware"/>
|
|
484
|
+
<param pos="1" name="os.version"/>
|
|
485
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
486
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp2200_firmware:{os.version}"/>
|
|
487
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
488
|
+
<param pos="0" name="hw.product" value="GXP2200"/>
|
|
489
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
490
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp2200:-"/>
|
|
491
|
+
</fingerprint>
|
|
492
|
+
|
|
493
|
+
<fingerprint pattern="^Grandstream GXP1628 ([\d.]+)$">
|
|
494
|
+
<description>Grandstream GXP SIP Phone GXP1628</description>
|
|
495
|
+
<example os.version="1.0.7.6">Grandstream GXP1628 1.0.7.6</example>
|
|
496
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
497
|
+
<param pos="0" name="os.product" value="GXP1628 Firmware"/>
|
|
498
|
+
<param pos="1" name="os.version"/>
|
|
499
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
500
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1628_firmware:{os.version}"/>
|
|
501
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
502
|
+
<param pos="0" name="hw.product" value="GXP1628"/>
|
|
503
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
504
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1628:-"/>
|
|
505
|
+
</fingerprint>
|
|
506
|
+
|
|
507
|
+
<fingerprint pattern="^Grandstream GXP1625 ([\d.]+)$">
|
|
508
|
+
<description>Grandstream GXP SIP Phone GXP1625</description>
|
|
509
|
+
<example os.version="1.0.4.128">Grandstream GXP1625 1.0.4.128</example>
|
|
510
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
511
|
+
<param pos="0" name="os.product" value="GXP1625 Firmware"/>
|
|
512
|
+
<param pos="1" name="os.version"/>
|
|
513
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
514
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1625_firmware:{os.version}"/>
|
|
515
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
516
|
+
<param pos="0" name="hw.product" value="GXP1625"/>
|
|
517
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
518
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1625:-"/>
|
|
519
|
+
</fingerprint>
|
|
520
|
+
|
|
521
|
+
<fingerprint pattern="^Grandstream GXP1615 ([\d.]+)$">
|
|
522
|
+
<description>Grandstream GXP SIP Phone GXP1615</description>
|
|
523
|
+
<example os.version="1.0.4.128">Grandstream GXP1615 1.0.4.128</example>
|
|
524
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
525
|
+
<param pos="0" name="os.product" value="GXP1615 Firmware"/>
|
|
526
|
+
<param pos="1" name="os.version"/>
|
|
527
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
528
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1615_firmware:{os.version}"/>
|
|
529
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
530
|
+
<param pos="0" name="hw.product" value="GXP1615"/>
|
|
531
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
532
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1615:-"/>
|
|
533
|
+
</fingerprint>
|
|
534
|
+
|
|
535
|
+
<fingerprint pattern="^Grandstream GXP1610 ([\d.]+)$">
|
|
536
|
+
<description>Grandstream GXP SIP Phone GXP1610</description>
|
|
537
|
+
<example os.version="1.0.4.138">Grandstream GXP1610 1.0.4.138</example>
|
|
538
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
539
|
+
<param pos="0" name="os.product" value="GXP1610 Firmware"/>
|
|
540
|
+
<param pos="1" name="os.version"/>
|
|
541
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
542
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1610_firmware:{os.version}"/>
|
|
543
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
544
|
+
<param pos="0" name="hw.product" value="GXP1610"/>
|
|
545
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
546
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1610:-"/>
|
|
547
|
+
</fingerprint>
|
|
548
|
+
|
|
549
|
+
<!-- Grandstream GXP catchall for when CPEs aren't required for vuln mapping-->
|
|
550
|
+
|
|
551
|
+
<fingerprint pattern="^Grandstream (GXP\d\d\d\d) ([\d.]+)$">
|
|
552
|
+
<description>Grandstream GXP SIP Phone</description>
|
|
553
|
+
<example hw.product="GXP2135" os.version="1.0.9.108">Grandstream GXP2135 1.0.9.108</example>
|
|
554
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
|
555
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
556
|
+
<param pos="2" name="os.version"/>
|
|
557
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
558
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
|
559
|
+
<param pos="1" name="hw.product"/>
|
|
560
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
561
|
+
</fingerprint>
|
|
562
|
+
|
|
563
|
+
<fingerprint pattern="^FortiVoice/([\w.-]+)$">
|
|
564
|
+
<description>Fortinet FortiVoice</description>
|
|
565
|
+
<example service.version="7.31b00">FortiVoice/7.31b00</example>
|
|
566
|
+
<example service.version="5.2.95-5">FortiVoice/5.2.95-5</example>
|
|
567
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
|
568
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
|
569
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
570
|
+
<param pos="1" name="service.version"/>
|
|
571
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:{service.version}"/>
|
|
572
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
|
573
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
|
574
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
|
575
|
+
</fingerprint>
|
|
576
|
+
|
|
577
|
+
<fingerprint pattern="^FreeSWITCH$">
|
|
578
|
+
<description>FreeSWITCH FreeSWITCH without version</description>
|
|
579
|
+
<example>FreeSWITCH</example>
|
|
580
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
581
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
582
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
583
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
|
584
|
+
</fingerprint>
|
|
585
|
+
|
|
586
|
+
<fingerprint pattern="^FreeSWITCH-mod_sofia/([\d.]+)">
|
|
587
|
+
<description>FreeSWITCH FreeSWITCH with version, mod_sofia</description>
|
|
588
|
+
<example service.version="1.10.4">FreeSWITCH-mod_sofia/1.10.4-release+git~20200805T110119Z~133fc2c870~64bit</example>
|
|
589
|
+
<example service.version="1.6.20">FreeSWITCH-mod_sofia/1.6.20~64bit</example>
|
|
590
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
|
591
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
|
592
|
+
<param pos="1" name="service.version"/>
|
|
593
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
|
594
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
|
595
|
+
</fingerprint>
|
|
596
|
+
|
|
597
|
+
<fingerprint pattern="^Valcom (VIP-\w+) sw([\d.]+)">
|
|
598
|
+
<description>Valcom SIP device with version</description>
|
|
599
|
+
<example os.version="1.50.28">Valcom VIP-204 sw1.50.28</example>
|
|
600
|
+
<param pos="0" name="os.vendor" value="Valcom"/>
|
|
601
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
602
|
+
<param pos="2" name="os.version"/>
|
|
603
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
|
604
|
+
<param pos="0" name="hw.vendor" value="Valcom"/>
|
|
605
|
+
<param pos="1" name="hw.product"/>
|
|
606
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
|
607
|
+
</fingerprint>
|
|
608
|
+
|
|
609
|
+
<fingerprint pattern="^DX800A/([\d.]+)$">
|
|
610
|
+
<description>Gigaset SIP Phones</description>
|
|
611
|
+
<example os.version="41.175.00.000.000">DX800A/41.175.00.000.000</example>
|
|
612
|
+
<param pos="0" name="hw.vendor" value="Gigaset"/>
|
|
613
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
|
614
|
+
<param pos="0" name="hw.product" value="DX800A"/>
|
|
615
|
+
<param pos="0" name="os.vendor" value="Gigaset"/>
|
|
616
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
|
617
|
+
<param pos="1" name="os.version"/>
|
|
618
|
+
</fingerprint>
|
|
619
|
+
|
|
248
620
|
</fingerprints>
|
data/xml/smb_native_lm.xml
CHANGED
|
@@ -40,7 +40,7 @@
|
|
|
40
40
|
<fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
|
|
41
41
|
<description>Samba</description>
|
|
42
42
|
<example>Samba 3.0.24</example>
|
|
43
|
-
<example>Samba 3.0.28a</example>
|
|
43
|
+
<example service.version="3.0.28a">Samba 3.0.28a</example>
|
|
44
44
|
<example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
|
|
45
45
|
<example>Samba 3.6.3</example>
|
|
46
46
|
<example>Samba 3.6.6</example>
|
|
@@ -51,6 +51,20 @@
|
|
|
51
51
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
|
52
52
|
</fingerprint>
|
|
53
53
|
|
|
54
|
+
<fingerprint pattern="^Samba (?:Samba )?for GuardianOS v\.?(\d\.[\d.]+)$">
|
|
55
|
+
<description>Samba on a SnapServer appliance</description>
|
|
56
|
+
<example os.version="4.3.007.200609131215">Samba Samba for GuardianOS v4.3.007.200609131215</example>
|
|
57
|
+
<example os.version="5.0.133.200807301131">Samba Samba for GuardianOS v5.0.133.200807301131</example>
|
|
58
|
+
<example os.version="7.7.220">Samba for GuardianOS v.7.7.220</example>
|
|
59
|
+
<param pos="0" name="service.vendor" value="Samba"/>
|
|
60
|
+
<param pos="0" name="service.product" value="Samba"/>
|
|
61
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:-"/>
|
|
62
|
+
<param pos="0" name="os.vendor" value="SnapServer"/>
|
|
63
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
64
|
+
<param pos="0" name="os.product" value="GuardianOS"/>
|
|
65
|
+
<param pos="1" name="os.version"/>
|
|
66
|
+
</fingerprint>
|
|
67
|
+
|
|
54
68
|
<fingerprint pattern="^Netreon LANMAN 1.0$">
|
|
55
69
|
<description>Netreon SAN software</description>
|
|
56
70
|
<example>Netreon LANMAN 1.0</example>
|
|
@@ -67,4 +81,21 @@
|
|
|
67
81
|
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
|
|
68
82
|
</fingerprint>
|
|
69
83
|
|
|
84
|
+
<fingerprint pattern="^NQ (\d\.\d+)$">
|
|
85
|
+
<description>Visuality Systems NQ Enterprise Storage SMB stack</description>
|
|
86
|
+
<example service.version="7.3">NQ 7.3</example>
|
|
87
|
+
<example service.version="4.32">NQ 4.32</example>
|
|
88
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
|
89
|
+
<param pos="0" name="service.product" value="NQ"/>
|
|
90
|
+
<param pos="1" name="service.version"/>
|
|
91
|
+
</fingerprint>
|
|
92
|
+
|
|
93
|
+
<fingerprint pattern="^YNQ (\d\.[\d.]+)$">
|
|
94
|
+
<description>Visuality Systems YNQ Storage SMB stack</description>
|
|
95
|
+
<example service.version="1.2.1">YNQ 1.2.1</example>
|
|
96
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
|
97
|
+
<param pos="0" name="service.product" value="YNQ"/>
|
|
98
|
+
<param pos="1" name="service.version"/>
|
|
99
|
+
</fingerprint>
|
|
100
|
+
|
|
70
101
|
</fingerprints>
|