recog 2.3.18 → 2.3.22
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +26 -0
- data/.github/workflows/verify.yml +89 -0
- data/CONTRIBUTING.md +6 -0
- data/README.md +17 -0
- data/bin/recog_standardize +33 -12
- data/bin/recog_verify +1 -2
- data/cpe-remap.yaml +355 -200
- data/features/verify.feature +14 -14
- data/identifiers/README.md +24 -10
- data/identifiers/fields.txt +105 -0
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +19 -0
- data/identifiers/hw_product.txt +122 -0
- data/identifiers/os_device.txt +2 -1
- data/identifiers/os_family.txt +3 -0
- data/identifiers/os_product.txt +46 -8
- data/identifiers/service_family.txt +10 -1
- data/identifiers/service_product.txt +90 -2
- data/identifiers/vendor.txt +104 -0
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +18 -5
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +5 -5
- data/lib/recog/verifier_factory.rb +3 -3
- data/lib/recog/verify_reporter.rb +14 -4
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/verify_reporter_spec.rb +69 -0
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +19 -6
- data/xml/apache_modules.xml +60 -0
- data/xml/apache_os.xml +38 -38
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +11 -1
- data/xml/favicons.xml +270 -45
- data/xml/ftp_banners.xml +89 -64
- data/xml/h323_callresp.xml +99 -99
- data/xml/hp_pjl_id.xml +3 -3
- data/xml/html_title.xml +1051 -62
- data/xml/http_cookies.xml +294 -85
- data/xml/http_servers.xml +551 -122
- data/xml/http_wwwauth.xml +139 -43
- data/xml/imap_banners.xml +8 -8
- data/xml/ldap_searchresult.xml +1 -0
- data/xml/mdns_device-info_txt.xml +720 -27
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +4 -4
- data/xml/ntp_banners.xml +79 -65
- data/xml/operating_system.xml +6 -6
- data/xml/pop_banners.xml +11 -11
- data/xml/rsh_resp.xml +3 -3
- data/xml/rtsp_servers.xml +7 -0
- data/xml/sip_banners.xml +374 -9
- data/xml/sip_user_agents.xml +377 -5
- data/xml/smb_native_lm.xml +32 -1
- data/xml/smb_native_os.xml +160 -33
- data/xml/smtp_banners.xml +168 -129
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_expn.xml +1 -0
- data/xml/smtp_help.xml +10 -10
- data/xml/smtp_noop.xml +2 -2
- data/xml/smtp_vrfy.xml +1 -0
- data/xml/snmp_sysdescr.xml +508 -214
- data/xml/snmp_sysobjid.xml +25 -25
- data/xml/ssh_banners.xml +145 -29
- data/xml/telnet_banners.xml +240 -61
- data/xml/tls_jarm.xml +162 -0
- data/xml/x509_issuers.xml +237 -2
- data/xml/x509_subjects.xml +369 -49
- metadata +10 -3
data/xml/sip_user_agents.xml
CHANGED
@@ -4,6 +4,95 @@
|
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
5
5
|
-->
|
6
6
|
|
7
|
+
<!-- Generic high volume matches -->
|
8
|
+
|
9
|
+
<fingerprint pattern="^SIP/2.0$">
|
10
|
+
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
11
|
+
<example>SIP/2.0</example>
|
12
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
13
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
14
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
15
|
+
</fingerprint>
|
16
|
+
|
17
|
+
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
18
|
+
<description>TP-Link SIP enabled device</description>
|
19
|
+
<example>TP-Link SIP Stack V1.0.0</example>
|
20
|
+
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
21
|
+
</fingerprint>
|
22
|
+
|
23
|
+
<fingerprint pattern="^DLink VoIP Stack$">
|
24
|
+
<description>DLink SIP enabled device</description>
|
25
|
+
<example>DLink VoIP Stack</example>
|
26
|
+
<param pos="0" name="hw.vendor" value="D-Link"/>
|
27
|
+
</fingerprint>
|
28
|
+
|
29
|
+
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
30
|
+
<description>Zyxel home routers</description>
|
31
|
+
<example>Home&Life HUB/1.1.26.00</example>
|
32
|
+
<param pos="0" name="os.vendor" value="Zyxel"/>
|
33
|
+
<param pos="1" name="os.version"/>
|
34
|
+
<param pos="0" name="os.device" value="Router"/>
|
35
|
+
<param pos="0" name="hw.vendor" value="Zyxel"/>
|
36
|
+
<param pos="0" name="hw.device" value="Router"/>
|
37
|
+
</fingerprint>
|
38
|
+
|
39
|
+
<!-- Technicolor devices -->
|
40
|
+
|
41
|
+
<fingerprint pattern="^Technicolor / VANT-6 / AGTOT_([\d.]+) / AGTOT_[\d.]+$">
|
42
|
+
<description>Technicolor TG789vac Router</description>
|
43
|
+
<example os.version="2.1.4">Technicolor / VANT-6 / AGTOT_2.1.4 / AGTOT_2.1.4</example>
|
44
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
45
|
+
<param pos="0" name="os.device" value="Router"/>
|
46
|
+
<param pos="1" name="os.version"/>
|
47
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
48
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
49
|
+
<param pos="0" name="hw.device" value="Router"/>
|
50
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
51
|
+
</fingerprint>
|
52
|
+
|
53
|
+
<fingerprint pattern="^Technicolor / VANT-6$">
|
54
|
+
<description>Technicolor TG789vac Router w/o version string</description>
|
55
|
+
<example>Technicolor / VANT-6</example>
|
56
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
57
|
+
<param pos="0" name="os.device" value="Router"/>
|
58
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
59
|
+
<param pos="0" name="hw.product" value="TG789vac"/>
|
60
|
+
<param pos="0" name="hw.device" value="Router"/>
|
61
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
62
|
+
</fingerprint>
|
63
|
+
|
64
|
+
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
65
|
+
<description>Technicolor TGxxx Router with build info</description>
|
66
|
+
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
67
|
+
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
68
|
+
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
69
|
+
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
70
|
+
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
71
|
+
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
72
|
+
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
73
|
+
<param pos="0" name="os.vendor" value="Technicolor"/>
|
74
|
+
<param pos="0" name="os.device" value="Router"/>
|
75
|
+
<param pos="2" name="os.version"/>
|
76
|
+
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
77
|
+
<param pos="1" name="hw.product"/>
|
78
|
+
<param pos="0" name="hw.device" value="Router"/>
|
79
|
+
</fingerprint>
|
80
|
+
|
81
|
+
<!-- Thomson was an older name for Technicolor-->
|
82
|
+
|
83
|
+
<fingerprint pattern="^Thomson (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
84
|
+
<description>Thomson TGxxx Router with build info</description>
|
85
|
+
<example hw.product="TG784" os.version="8.4.2.Q">Thomson TG784 Build 8.4.2.Q</example>
|
86
|
+
<example hw.product="TG784n" os.version="8.4.H.F">Thomson TG784n Build 8.4.H.F</example>
|
87
|
+
<example hw.product="TG797n" os.version="8.C.D.9">Thomson TG797n v2 Build 8.C.D.9</example>
|
88
|
+
<param pos="0" name="os.vendor" value="Thomson"/>
|
89
|
+
<param pos="0" name="os.device" value="Router"/>
|
90
|
+
<param pos="2" name="os.version"/>
|
91
|
+
<param pos="0" name="hw.vendor" value="Thomson"/>
|
92
|
+
<param pos="1" name="hw.product"/>
|
93
|
+
<param pos="0" name="hw.device" value="Router"/>
|
94
|
+
</fingerprint>
|
95
|
+
|
7
96
|
<!-- Axis devices -->
|
8
97
|
|
9
98
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
@@ -40,13 +129,44 @@
|
|
40
129
|
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
|
41
130
|
</fingerprint>
|
42
131
|
|
132
|
+
<fingerprint pattern="^Cisco-CP(39\d{2})/([\d.]+)$">
|
133
|
+
<description>Cisco Unified SIP Phone 3900 Series</description>
|
134
|
+
<example cisco.model="3905" hw.product="Unified SIP Phone 3905" os.version="9.4.1">Cisco-CP3905/9.4.1</example>
|
135
|
+
<param pos="1" name="cisco.model"/>
|
136
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
137
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
138
|
+
<param pos="0" name="hw.product" value="Unified SIP Phone {cisco.model}"/>
|
139
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
140
|
+
<param pos="0" name="os.product" value="Unified SIP Phone 3900 Firmware"/>
|
141
|
+
<param pos="2" name="os.version"/>
|
142
|
+
<param pos="0" name="hw.certainty" value="0.95"/>
|
143
|
+
<param pos="0" name="os.certainty" value="0.95"/>
|
144
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:unified_sip_phone_3900_firmware:{os.version}"/>
|
145
|
+
</fingerprint>
|
146
|
+
|
147
|
+
<fingerprint pattern="^Cisco-ATA(\d{3})/([\d.]+)$">
|
148
|
+
<description>Cisco Analog Telephone Adapters (ATA)</description>
|
149
|
+
<example cisco.model="187" hw.product="ATA 187" os.version="9.2.3">Cisco-ATA187/9.2.3</example>
|
150
|
+
<param pos="1" name="cisco.model"/>
|
151
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
152
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
153
|
+
<param pos="0" name="hw.product" value="ATA {cisco.model}"/>
|
154
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
155
|
+
<param pos="0" name="os.product" value="ATA {cisco.model} Firmware"/>
|
156
|
+
<param pos="2" name="os.version"/>
|
157
|
+
<param pos="0" name="hw.certainty" value="0.9"/>
|
158
|
+
<param pos="0" name="os.certainty" value="0.9"/>
|
159
|
+
</fingerprint>
|
160
|
+
|
43
161
|
<!-- AVM.DE Devices -->
|
44
162
|
|
45
163
|
<fingerprint pattern="^FRITZ!OS$">
|
46
|
-
<description>AVM
|
164
|
+
<description>AVM Fritz!OS Device</description>
|
47
165
|
<example>FRITZ!OS</example>
|
48
166
|
<param pos="0" name="os.vendor" value="AVM"/>
|
49
|
-
<param pos="0" name="os.product" value="FRITZ!
|
167
|
+
<param pos="0" name="os.product" value="FRITZ!OS"/>
|
168
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:avm:fritz\!os:-"/>
|
169
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
50
170
|
</fingerprint>
|
51
171
|
|
52
172
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
@@ -67,6 +187,8 @@
|
|
67
187
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
68
188
|
<param pos="1" name="os.product"/>
|
69
189
|
<param pos="2" name="os.version"/>
|
190
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
191
|
+
<param pos="0" name="hw.family" value="FRITZ!Box"/>
|
70
192
|
</fingerprint>
|
71
193
|
|
72
194
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
@@ -77,15 +199,19 @@
|
|
77
199
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
78
200
|
<param pos="1" name="os.product"/>
|
79
201
|
<param pos="2" name="os.version"/>
|
202
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
203
|
+
<param pos="0" name="hw.family" value="FRITZ!Fon"/>
|
80
204
|
</fingerprint>
|
81
205
|
|
82
206
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
83
|
-
<description>AVM Multibox</description>
|
207
|
+
<description>AVM Multibox - Generic</description>
|
84
208
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
85
209
|
<param pos="0" name="os.vendor" value="AVM"/>
|
86
210
|
<param pos="0" name="os.family" value="Multibox"/>
|
87
211
|
<param pos="1" name="os.product"/>
|
88
212
|
<param pos="2" name="os.version"/>
|
213
|
+
<param pos="0" name="hw.vendor" value="AVM"/>
|
214
|
+
<param pos="1" name="hw.product"/>
|
89
215
|
</fingerprint>
|
90
216
|
|
91
217
|
<!-- Huawei devices -->
|
@@ -196,7 +322,7 @@
|
|
196
322
|
<param pos="2" name="hw.version"/>
|
197
323
|
</fingerprint>
|
198
324
|
|
199
|
-
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)
|
325
|
+
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)$">
|
200
326
|
<description>Nero SIPPS IP Phone</description>
|
201
327
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
202
328
|
<param pos="0" name="service.vendor" value="Nero"/>
|
@@ -206,10 +332,11 @@
|
|
206
332
|
<param pos="1" name="service.version"/>
|
207
333
|
</fingerprint>
|
208
334
|
|
209
|
-
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel \d+\)$">
|
335
|
+
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel [\d\.]+\)$">
|
210
336
|
<description>ShoreTel VoIP Switch</description>
|
211
337
|
<example hw.version="21.90.4128.0">ShoreGear/21.90.4128.0 (ShoreTel 15)</example>
|
212
338
|
<example hw.version="22.11.4900.0">ShoreGear/22.11.4900.0 (ShoreTel 15)</example>
|
339
|
+
<example hw.version="19.48.2600.0">ShoreGear/19.48.2600.0 (ShoreTel 14.2)</example>
|
213
340
|
<param pos="0" name="hw.vendor" value="ShoreTel"/>
|
214
341
|
<param pos="0" name="hw.device" value="VoIP Switch"/>
|
215
342
|
<param pos="1" name="hw.version"/>
|
@@ -245,4 +372,249 @@
|
|
245
372
|
<param pos="1" name="hw.product"/>
|
246
373
|
</fingerprint>
|
247
374
|
|
375
|
+
<!-- Grandstream -->
|
376
|
+
|
377
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
378
|
+
|
379
|
+
<fingerprint pattern="^Grandstream HT818 ([\d.]+)$">
|
380
|
+
<description>Grandstream Handy Tone HT818</description>
|
381
|
+
<example os.version="1.0.8.7">Grandstream HT818 1.0.8.7</example>
|
382
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
383
|
+
<param pos="0" name="os.product" value="HT818 Firmware"/>
|
384
|
+
<param pos="1" name="os.version"/>
|
385
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
386
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht818_firmware:{os.version}"/>
|
387
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
388
|
+
<param pos="0" name="hw.product" value="HT818"/>
|
389
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
390
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht818:-"/>
|
391
|
+
</fingerprint>
|
392
|
+
|
393
|
+
<fingerprint pattern="^Grandstream HT814 ([\d.]+)$">
|
394
|
+
<description>Grandstream Handy Tone HT814</description>
|
395
|
+
<example os.version="1.0.9.3">Grandstream HT814 1.0.9.3</example>
|
396
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
397
|
+
<param pos="0" name="os.product" value="HT814 Firmware"/>
|
398
|
+
<param pos="1" name="os.version"/>
|
399
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
400
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht814_firmware:{os.version}"/>
|
401
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
402
|
+
<param pos="0" name="hw.product" value="HT814"/>
|
403
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
404
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht814:-"/>
|
405
|
+
</fingerprint>
|
406
|
+
|
407
|
+
<fingerprint pattern="^Grandstream HT813 ([\d.]+)$">
|
408
|
+
<description>Grandstream Handy Tone HT813</description>
|
409
|
+
<example os.version="1.0.1.2">Grandstream HT813 1.0.1.2</example>
|
410
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
411
|
+
<param pos="0" name="os.product" value="HT813 Firmware"/>
|
412
|
+
<param pos="1" name="os.version"/>
|
413
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
414
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht813_firmware:{os.version}"/>
|
415
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
416
|
+
<param pos="0" name="hw.product" value="HT813"/>
|
417
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
418
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht813:-"/>
|
419
|
+
</fingerprint>
|
420
|
+
|
421
|
+
<fingerprint pattern="^Grandstream HT812 ([\d.]+)$">
|
422
|
+
<description>Grandstream Handy Tone HT812</description>
|
423
|
+
<example os.version="1.0.3.5">Grandstream HT812 1.0.3.5</example>
|
424
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
425
|
+
<param pos="0" name="os.product" value="HT812 Firmware"/>
|
426
|
+
<param pos="1" name="os.version"/>
|
427
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
428
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht812_firmware:{os.version}"/>
|
429
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
430
|
+
<param pos="0" name="hw.product" value="HT812"/>
|
431
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
432
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht812:-"/>
|
433
|
+
</fingerprint>
|
434
|
+
|
435
|
+
<fingerprint pattern="^Grandstream HT802 ([\d.]+)$">
|
436
|
+
<description>Grandstream Handy Tone HT802</description>
|
437
|
+
<example os.version="1.0.3.2">Grandstream HT802 1.0.3.2</example>
|
438
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
439
|
+
<param pos="0" name="os.product" value="HT802 Firmware"/>
|
440
|
+
<param pos="1" name="os.version"/>
|
441
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
442
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht802_firmware:{os.version}"/>
|
443
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
444
|
+
<param pos="0" name="hw.product" value="HT802"/>
|
445
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
446
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht802:-"/>
|
447
|
+
</fingerprint>
|
448
|
+
|
449
|
+
<fingerprint pattern="^Grandstream HT801 ([\d.]+)$">
|
450
|
+
<description>Grandstream Handy Tone HT801</description>
|
451
|
+
<example os.version="1.0.3.2">Grandstream HT801 1.0.3.2</example>
|
452
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
453
|
+
<param pos="0" name="os.product" value="HT801 Firmware"/>
|
454
|
+
<param pos="1" name="os.version"/>
|
455
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
456
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:ht801_firmware:{os.version}"/>
|
457
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
458
|
+
<param pos="0" name="hw.product" value="HT801"/>
|
459
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
460
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:ht801:-"/>
|
461
|
+
</fingerprint>
|
462
|
+
|
463
|
+
<!-- Grandstream Handy Tone catchall for when CPEs aren't required for vuln mapping-->
|
464
|
+
|
465
|
+
<fingerprint pattern="^Grandstream (HT7\d\d) ([\d.]+)$">
|
466
|
+
<description>Grandstream Handy Tone HT7xx</description>
|
467
|
+
<example hw.product="HT701" os.version="1.0.8.2">Grandstream HT701 1.0.8.2</example>
|
468
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
469
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
470
|
+
<param pos="2" name="os.version"/>
|
471
|
+
<param pos="0" name="os.device" value="SIP Gateway"/>
|
472
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
473
|
+
<param pos="1" name="hw.product"/>
|
474
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
475
|
+
</fingerprint>
|
476
|
+
|
477
|
+
<!-- The next few fingerprints could be merged but are split to enable CPEs -->
|
478
|
+
|
479
|
+
<fingerprint pattern="^Grandstream GXP2200 ([\d.]+)$">
|
480
|
+
<description>Grandstream GXP SIP Phone GXP2200</description>
|
481
|
+
<example os.version="1.0.3.27">Grandstream GXP2200 1.0.3.27</example>
|
482
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
483
|
+
<param pos="0" name="os.product" value="GXP2200 Firmware"/>
|
484
|
+
<param pos="1" name="os.version"/>
|
485
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
486
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp2200_firmware:{os.version}"/>
|
487
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
488
|
+
<param pos="0" name="hw.product" value="GXP2200"/>
|
489
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
490
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp2200:-"/>
|
491
|
+
</fingerprint>
|
492
|
+
|
493
|
+
<fingerprint pattern="^Grandstream GXP1628 ([\d.]+)$">
|
494
|
+
<description>Grandstream GXP SIP Phone GXP1628</description>
|
495
|
+
<example os.version="1.0.7.6">Grandstream GXP1628 1.0.7.6</example>
|
496
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
497
|
+
<param pos="0" name="os.product" value="GXP1628 Firmware"/>
|
498
|
+
<param pos="1" name="os.version"/>
|
499
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
500
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1628_firmware:{os.version}"/>
|
501
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
502
|
+
<param pos="0" name="hw.product" value="GXP1628"/>
|
503
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
504
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1628:-"/>
|
505
|
+
</fingerprint>
|
506
|
+
|
507
|
+
<fingerprint pattern="^Grandstream GXP1625 ([\d.]+)$">
|
508
|
+
<description>Grandstream GXP SIP Phone GXP1625</description>
|
509
|
+
<example os.version="1.0.4.128">Grandstream GXP1625 1.0.4.128</example>
|
510
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
511
|
+
<param pos="0" name="os.product" value="GXP1625 Firmware"/>
|
512
|
+
<param pos="1" name="os.version"/>
|
513
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
514
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1625_firmware:{os.version}"/>
|
515
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
516
|
+
<param pos="0" name="hw.product" value="GXP1625"/>
|
517
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
518
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1625:-"/>
|
519
|
+
</fingerprint>
|
520
|
+
|
521
|
+
<fingerprint pattern="^Grandstream GXP1615 ([\d.]+)$">
|
522
|
+
<description>Grandstream GXP SIP Phone GXP1615</description>
|
523
|
+
<example os.version="1.0.4.128">Grandstream GXP1615 1.0.4.128</example>
|
524
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
525
|
+
<param pos="0" name="os.product" value="GXP1615 Firmware"/>
|
526
|
+
<param pos="1" name="os.version"/>
|
527
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
528
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1615_firmware:{os.version}"/>
|
529
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
530
|
+
<param pos="0" name="hw.product" value="GXP1615"/>
|
531
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
532
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1615:-"/>
|
533
|
+
</fingerprint>
|
534
|
+
|
535
|
+
<fingerprint pattern="^Grandstream GXP1610 ([\d.]+)$">
|
536
|
+
<description>Grandstream GXP SIP Phone GXP1610</description>
|
537
|
+
<example os.version="1.0.4.138">Grandstream GXP1610 1.0.4.138</example>
|
538
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
539
|
+
<param pos="0" name="os.product" value="GXP1610 Firmware"/>
|
540
|
+
<param pos="1" name="os.version"/>
|
541
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
542
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:grandstream:gxp1610_firmware:{os.version}"/>
|
543
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
544
|
+
<param pos="0" name="hw.product" value="GXP1610"/>
|
545
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
546
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:grandstream:gxp1610:-"/>
|
547
|
+
</fingerprint>
|
548
|
+
|
549
|
+
<!-- Grandstream GXP catchall for when CPEs aren't required for vuln mapping-->
|
550
|
+
|
551
|
+
<fingerprint pattern="^Grandstream (GXP\d\d\d\d) ([\d.]+)$">
|
552
|
+
<description>Grandstream GXP SIP Phone</description>
|
553
|
+
<example hw.product="GXP2135" os.version="1.0.9.108">Grandstream GXP2135 1.0.9.108</example>
|
554
|
+
<param pos="0" name="os.vendor" value="Grandstream"/>
|
555
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
556
|
+
<param pos="2" name="os.version"/>
|
557
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
558
|
+
<param pos="0" name="hw.vendor" value="Grandstream"/>
|
559
|
+
<param pos="1" name="hw.product"/>
|
560
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
561
|
+
</fingerprint>
|
562
|
+
|
563
|
+
<fingerprint pattern="^FortiVoice/([\w.-]+)$">
|
564
|
+
<description>Fortinet FortiVoice</description>
|
565
|
+
<example service.version="7.31b00">FortiVoice/7.31b00</example>
|
566
|
+
<example service.version="5.2.95-5">FortiVoice/5.2.95-5</example>
|
567
|
+
<param pos="0" name="service.vendor" value="Fortinet"/>
|
568
|
+
<param pos="0" name="service.product" value="FortiVoice"/>
|
569
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
570
|
+
<param pos="1" name="service.version"/>
|
571
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:fortinet:fortivoice:{service.version}"/>
|
572
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
573
|
+
<param pos="0" name="hw.family" value="FortiVoice"/>
|
574
|
+
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
575
|
+
</fingerprint>
|
576
|
+
|
577
|
+
<fingerprint pattern="^FreeSWITCH$">
|
578
|
+
<description>FreeSWITCH FreeSWITCH without version</description>
|
579
|
+
<example>FreeSWITCH</example>
|
580
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
581
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
582
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
583
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
584
|
+
</fingerprint>
|
585
|
+
|
586
|
+
<fingerprint pattern="^FreeSWITCH-mod_sofia/([\d.]+)">
|
587
|
+
<description>FreeSWITCH FreeSWITCH with version, mod_sofia</description>
|
588
|
+
<example service.version="1.10.4">FreeSWITCH-mod_sofia/1.10.4-release+git~20200805T110119Z~133fc2c870~64bit</example>
|
589
|
+
<example service.version="1.6.20">FreeSWITCH-mod_sofia/1.6.20~64bit</example>
|
590
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
591
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
592
|
+
<param pos="1" name="service.version"/>
|
593
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
594
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
595
|
+
</fingerprint>
|
596
|
+
|
597
|
+
<fingerprint pattern="^Valcom (VIP-\w+) sw([\d.]+)">
|
598
|
+
<description>Valcom SIP device with version</description>
|
599
|
+
<example os.version="1.50.28">Valcom VIP-204 sw1.50.28</example>
|
600
|
+
<param pos="0" name="os.vendor" value="Valcom"/>
|
601
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
602
|
+
<param pos="2" name="os.version"/>
|
603
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
604
|
+
<param pos="0" name="hw.vendor" value="Valcom"/>
|
605
|
+
<param pos="1" name="hw.product"/>
|
606
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
607
|
+
</fingerprint>
|
608
|
+
|
609
|
+
<fingerprint pattern="^DX800A/([\d.]+)$">
|
610
|
+
<description>Gigaset SIP Phones</description>
|
611
|
+
<example os.version="41.175.00.000.000">DX800A/41.175.00.000.000</example>
|
612
|
+
<param pos="0" name="hw.vendor" value="Gigaset"/>
|
613
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
614
|
+
<param pos="0" name="hw.product" value="DX800A"/>
|
615
|
+
<param pos="0" name="os.vendor" value="Gigaset"/>
|
616
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
617
|
+
<param pos="1" name="os.version"/>
|
618
|
+
</fingerprint>
|
619
|
+
|
248
620
|
</fingerprints>
|
data/xml/smb_native_lm.xml
CHANGED
@@ -40,7 +40,7 @@
|
|
40
40
|
<fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
|
41
41
|
<description>Samba</description>
|
42
42
|
<example>Samba 3.0.24</example>
|
43
|
-
<example>Samba 3.0.28a</example>
|
43
|
+
<example service.version="3.0.28a">Samba 3.0.28a</example>
|
44
44
|
<example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
|
45
45
|
<example>Samba 3.6.3</example>
|
46
46
|
<example>Samba 3.6.6</example>
|
@@ -51,6 +51,20 @@
|
|
51
51
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
52
52
|
</fingerprint>
|
53
53
|
|
54
|
+
<fingerprint pattern="^Samba (?:Samba )?for GuardianOS v\.?(\d\.[\d.]+)$">
|
55
|
+
<description>Samba on a SnapServer appliance</description>
|
56
|
+
<example os.version="4.3.007.200609131215">Samba Samba for GuardianOS v4.3.007.200609131215</example>
|
57
|
+
<example os.version="5.0.133.200807301131">Samba Samba for GuardianOS v5.0.133.200807301131</example>
|
58
|
+
<example os.version="7.7.220">Samba for GuardianOS v.7.7.220</example>
|
59
|
+
<param pos="0" name="service.vendor" value="Samba"/>
|
60
|
+
<param pos="0" name="service.product" value="Samba"/>
|
61
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:-"/>
|
62
|
+
<param pos="0" name="os.vendor" value="SnapServer"/>
|
63
|
+
<param pos="0" name="os.family" value="Linux"/>
|
64
|
+
<param pos="0" name="os.product" value="GuardianOS"/>
|
65
|
+
<param pos="1" name="os.version"/>
|
66
|
+
</fingerprint>
|
67
|
+
|
54
68
|
<fingerprint pattern="^Netreon LANMAN 1.0$">
|
55
69
|
<description>Netreon SAN software</description>
|
56
70
|
<example>Netreon LANMAN 1.0</example>
|
@@ -67,4 +81,21 @@
|
|
67
81
|
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
|
68
82
|
</fingerprint>
|
69
83
|
|
84
|
+
<fingerprint pattern="^NQ (\d\.\d+)$">
|
85
|
+
<description>Visuality Systems NQ Enterprise Storage SMB stack</description>
|
86
|
+
<example service.version="7.3">NQ 7.3</example>
|
87
|
+
<example service.version="4.32">NQ 4.32</example>
|
88
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
89
|
+
<param pos="0" name="service.product" value="NQ"/>
|
90
|
+
<param pos="1" name="service.version"/>
|
91
|
+
</fingerprint>
|
92
|
+
|
93
|
+
<fingerprint pattern="^YNQ (\d\.[\d.]+)$">
|
94
|
+
<description>Visuality Systems YNQ Storage SMB stack</description>
|
95
|
+
<example service.version="1.2.1">YNQ 1.2.1</example>
|
96
|
+
<param pos="0" name="service.vendor" value="Visuality Systems"/>
|
97
|
+
<param pos="0" name="service.product" value="YNQ"/>
|
98
|
+
<param pos="1" name="service.version"/>
|
99
|
+
</fingerprint>
|
100
|
+
|
70
101
|
</fingerprints>
|