recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/html_title.xml
CHANGED
@@ -1,41 +1,62 @@
|
|
1
1
|
<?xml version='1.0' encoding='UTF-8'?>
|
2
|
-
<fingerprints matches="html_title" database_type="service" preference="0.90">
|
2
|
+
<fingerprints matches="html_title" protocol="http" database_type="service" preference="0.90">
|
3
3
|
<!-- HTML Title elements found in HTTP response bodies are matched against these patterns to fingerprint HTTP servers. -->
|
4
4
|
|
5
5
|
<fingerprint pattern="^301 Moved Permanently$">
|
6
6
|
<description>301 Moved Permanently - generic -- assert nothing.</description>
|
7
7
|
<example>301 Moved Permanently</example>
|
8
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
9
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
10
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
8
11
|
</fingerprint>
|
9
12
|
|
10
13
|
<fingerprint pattern="^302 Found$">
|
11
14
|
<description>302 Found - generic -- assert nothing.</description>
|
12
15
|
<example>302 Found</example>
|
16
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
17
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
18
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
13
19
|
</fingerprint>
|
14
20
|
|
15
21
|
<fingerprint pattern="^400 Bad Request$">
|
16
22
|
<description>400 Bad Request - generic -- assert nothing.</description>
|
17
23
|
<example>400 Bad Request</example>
|
24
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
25
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
26
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
18
27
|
</fingerprint>
|
19
28
|
|
20
29
|
<fingerprint pattern="^401 Unauthorized$">
|
21
30
|
<description>401 Unauthorized - generic -- assert nothing.</description>
|
22
31
|
<example>401 Unauthorized</example>
|
32
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
33
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
34
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
23
35
|
</fingerprint>
|
24
36
|
|
25
37
|
<fingerprint pattern="^403 Forbidden$">
|
26
38
|
<description>403 Forbidden - generic -- assert nothing.</description>
|
27
39
|
<example>403 Forbidden</example>
|
40
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
41
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
42
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
28
43
|
</fingerprint>
|
29
44
|
|
30
45
|
<fingerprint pattern="^(?:404 )?Not Found$">
|
31
46
|
<description>404 Not Found - generic -- assert nothing.</description>
|
32
47
|
<example>404 Not Found</example>
|
33
48
|
<example>Not Found</example>
|
49
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
50
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
51
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
34
52
|
</fingerprint>
|
35
53
|
|
36
54
|
<fingerprint pattern="^Invalid URL$">
|
37
55
|
<description>Invalid URL - generic -- assert nothing.</description>
|
38
56
|
<example>Invalid URL</example>
|
57
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
58
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
59
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
39
60
|
</fingerprint>
|
40
61
|
|
41
62
|
<fingerprint pattern="^ERROR: The request could not be satisfied$">
|
@@ -193,6 +214,17 @@
|
|
193
214
|
<param pos="0" name="hw.device" value="DVR"/>
|
194
215
|
</fingerprint>
|
195
216
|
|
217
|
+
<!-- Xiongmai Technology is rebranded by a number of DVR and IP Camera manufacturers -->
|
218
|
+
|
219
|
+
<fingerprint pattern="^NETSurveillance WEB$">
|
220
|
+
<description>NetSurveillance web interface on DVR and IP Camera devices sourced from Xiongmai Technology</description>
|
221
|
+
<example>NETSurveillance WEB</example>
|
222
|
+
<param pos="0" name="service.vendor" value="Xiongmai Technology"/>
|
223
|
+
<param pos="0" name="service.product" value="uc-httpd"/>
|
224
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:xiongmaitech:uc-httpd:-"/>
|
225
|
+
<param pos="0" name="os.vendor" value="Xiongmai Technology"/>
|
226
|
+
</fingerprint>
|
227
|
+
|
196
228
|
<fingerprint pattern="^FRITZ!Box$">
|
197
229
|
<description>AVM FRITZ!Box</description>
|
198
230
|
<example>FRITZ!Box</example>
|
@@ -301,7 +333,7 @@
|
|
301
333
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
302
334
|
</fingerprint>
|
303
335
|
|
304
|
-
<fingerprint pattern="^
|
336
|
+
<fingerprint pattern="^NETIASPOT Management Console|Konsola zarzdzania NETIASPOT$">
|
305
337
|
<description>Netia Spot wireless router</description>
|
306
338
|
<example>Konsola zarzdzania NETIASPOT</example>
|
307
339
|
<example>NETIASPOT Management Console</example>
|
@@ -353,7 +385,7 @@
|
|
353
385
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
354
386
|
</fingerprint>
|
355
387
|
|
356
|
-
<fingerprint pattern="
|
388
|
+
<fingerprint pattern="(?i)^Default (?:Parallels )?Plesk (?:Panel )?Page$">
|
357
389
|
<description>Plesk web hosting platform with no version</description>
|
358
390
|
<example>Default Parallels Plesk Panel Page</example>
|
359
391
|
<example>Default Parallels Plesk Page</example>
|
@@ -378,7 +410,7 @@
|
|
378
410
|
<param pos="0" name="hw.device" value="DVR"/>
|
379
411
|
</fingerprint>
|
380
412
|
|
381
|
-
<fingerprint pattern="
|
413
|
+
<fingerprint pattern="(?i)^(?:Dell )?Sonicwall - Authentication$">
|
382
414
|
<description>Sonicwall firewalls</description>
|
383
415
|
<example>SonicWall - Authentication</example>
|
384
416
|
<param pos="0" name="os.vendor" value="SonicWall"/>
|
@@ -412,7 +444,7 @@
|
|
412
444
|
<param pos="0" name="os.cpe23" value="cpe:/o:watchguard:fireware:-"/>
|
413
445
|
</fingerprint>
|
414
446
|
|
415
|
-
<fingerprint pattern="^(
|
447
|
+
<fingerprint pattern="^(.{0,512}).nbsp;-.nbsp;Synology.nbsp;DiskStation$">
|
416
448
|
<description>Synology DiskStation</description>
|
417
449
|
<example host.name="DiskStation">DiskStation&nbsp;-&nbsp;Synology&nbsp;DiskStation</example>
|
418
450
|
<example host.name="DS218">DS218&nbsp;-&nbsp;Synology&nbsp;DiskStation</example>
|
@@ -443,6 +475,14 @@
|
|
443
475
|
<param pos="0" name="os.vendor" value="Synology"/>
|
444
476
|
</fingerprint>
|
445
477
|
|
478
|
+
<fingerprint pattern="^Synology.nbsp;Router.nbsp;-.nbsp;synology$">
|
479
|
+
<description>Synology Router</description>
|
480
|
+
<example>Synology&nbsp;Router&nbsp;-&nbsp;synology</example>
|
481
|
+
<param pos="0" name="hw.vendor" value="Synology"/>
|
482
|
+
<param pos="0" name="hw.device" value="Router"/>
|
483
|
+
<param pos="0" name="hw.certainty" value="0.7"/>
|
484
|
+
</fingerprint>
|
485
|
+
|
446
486
|
<fingerprint pattern="^Web Filter Block Override$">
|
447
487
|
<description>Fortinet FortiGate/Fortiguard Web Filter</description>
|
448
488
|
<example>Web Filter Block Override</example>
|
@@ -456,6 +496,19 @@
|
|
456
496
|
<param pos="0" name="hw.device" value="Firewall"/>
|
457
497
|
</fingerprint>
|
458
498
|
|
499
|
+
<fingerprint pattern="^FortiGate$">
|
500
|
+
<description>Fortinet FortiGate Network Firewall</description>
|
501
|
+
<example>FortiGate</example>
|
502
|
+
<param pos="0" name="os.vendor" value="Fortinet"/>
|
503
|
+
<param pos="0" name="os.family" value="FortiOS"/>
|
504
|
+
<param pos="0" name="os.product" value="FortiOS"/>
|
505
|
+
<param pos="0" name="os.device" value="Firewall"/>
|
506
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
|
507
|
+
<param pos="0" name="hw.vendor" value="Fortinet"/>
|
508
|
+
<param pos="0" name="hw.family" value="FortiGate"/>
|
509
|
+
<param pos="0" name="hw.device" value="Firewall"/>
|
510
|
+
</fingerprint>
|
511
|
+
|
459
512
|
<!-- Various products by Ubiquiti networks -->
|
460
513
|
|
461
514
|
<fingerprint pattern="^Ubiquiti Networks$">
|
@@ -518,7 +571,7 @@
|
|
518
571
|
<param pos="0" name="service.cpe23" value="cpe:/a:ui:unifi_video:-"/>
|
519
572
|
</fingerprint>
|
520
573
|
|
521
|
-
<fingerprint pattern="^
|
574
|
+
<fingerprint pattern="^UniFi NVR: Software Portal|airVision: \[NVR\] - Software Portal$">
|
522
575
|
<description>UniFi NVR for recording from UniFi video cameras</description>
|
523
576
|
<example>UniFi NVR: Software Portal</example>
|
524
577
|
<example>airVision: [NVR] - Software Portal</example>
|
@@ -528,6 +581,14 @@
|
|
528
581
|
<param pos="0" name="hw.device" value="DVR"/>
|
529
582
|
</fingerprint>
|
530
583
|
|
584
|
+
<fingerprint pattern="^Welcome to AmpliFi$">
|
585
|
+
<description>Ubiquiti AmpliFi Router</description>
|
586
|
+
<example>Welcome to AmpliFi</example>
|
587
|
+
<param pos="0" name="hw.vendor" value="Ubiquiti"/>
|
588
|
+
<param pos="0" name="hw.product" value="AmpliFi"/>
|
589
|
+
<param pos="0" name="hw.device" value="Router"/>
|
590
|
+
</fingerprint>
|
591
|
+
|
531
592
|
<!-- Various products by Zyxel -->
|
532
593
|
|
533
594
|
<fingerprint pattern="^USG60$">
|
@@ -585,8 +646,8 @@
|
|
585
646
|
|
586
647
|
<fingerprint pattern="^Wowza Streaming Engine 4 (Subscription|Perpetual Pro) Edition (\d\.[\w.]+) build(\d+)$">
|
587
648
|
<description>Wowza Streaming Engine</description>
|
588
|
-
<example service.version="4.7.7.01" service.version.version="20190222144406">Wowza Streaming Engine 4 Subscription Edition 4.7.7.01 build20190222144406</example>
|
589
|
-
<example service.edition="Perpetual Pro">Wowza Streaming Engine 4 Perpetual Pro Edition 4.8.8.01 build20201216140014</example>
|
649
|
+
<example service.version="4.7.7.01" service.version.version="20190222144406" service.edition="Subscription">Wowza Streaming Engine 4 Subscription Edition 4.7.7.01 build20190222144406</example>
|
650
|
+
<example service.edition="Perpetual Pro" service.version="4.8.8.01" service.version.version="20201216140014">Wowza Streaming Engine 4 Perpetual Pro Edition 4.8.8.01 build20201216140014</example>
|
590
651
|
<param pos="0" name="service.vendor" value="Wowza"/>
|
591
652
|
<param pos="0" name="service.product" value="Streaming Engine"/>
|
592
653
|
<param pos="1" name="service.edition"/>
|
@@ -606,14 +667,24 @@
|
|
606
667
|
<param pos="0" name="hw.device" value="Router"/>
|
607
668
|
</fingerprint>
|
608
669
|
|
609
|
-
<fingerprint pattern="^
|
670
|
+
<fingerprint pattern="^MikroTik SwOS$">
|
671
|
+
<description>MikroTik SwOS switch configuration page</description>
|
672
|
+
<example>MikroTik SwOS</example>
|
673
|
+
<param pos="0" name="os.vendor" value="MikroTik"/>
|
674
|
+
<param pos="0" name="os.device" value="Switch"/>
|
675
|
+
<param pos="0" name="os.product" value="SwOS"/>
|
676
|
+
<param pos="0" name="hw.vendor" value="MikroTik"/>
|
677
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
678
|
+
</fingerprint>
|
679
|
+
|
680
|
+
<fingerprint pattern="^Welcome to nginx!|Test Page for the Nginx HTTP Server$">
|
610
681
|
<description>Default OS-agnostic nginx</description>
|
611
682
|
<example>Welcome to nginx!</example>
|
612
683
|
<example>Test Page for the Nginx HTTP Server</example>
|
613
684
|
<param pos="0" name="service.product" value="nginx"/>
|
614
685
|
<param pos="0" name="service.family" value="nginx"/>
|
615
686
|
<param pos="0" name="service.vendor" value="nginx"/>
|
616
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:
|
687
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:f5:nginx:-"/>
|
617
688
|
</fingerprint>
|
618
689
|
|
619
690
|
<fingerprint pattern="^Test Page for the Nginx HTTP Server on (?:Fedora|EPEL)$">
|
@@ -622,11 +693,11 @@
|
|
622
693
|
<param pos="0" name="service.product" value="nginx"/>
|
623
694
|
<param pos="0" name="service.family" value="nginx"/>
|
624
695
|
<param pos="0" name="service.vendor" value="nginx"/>
|
625
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:
|
696
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:f5:nginx:-"/>
|
626
697
|
<param pos="0" name="os.family" value="Linux"/>
|
627
|
-
<param pos="0" name="os.vendor" value="
|
628
|
-
<param pos="0" name="os.product" value="Fedora Core
|
629
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
698
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
699
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
700
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:-"/>
|
630
701
|
</fingerprint>
|
631
702
|
|
632
703
|
<fingerprint pattern="^Welcome to nginx on Debian!$">
|
@@ -635,7 +706,7 @@
|
|
635
706
|
<param pos="0" name="service.product" value="nginx"/>
|
636
707
|
<param pos="0" name="service.family" value="nginx"/>
|
637
708
|
<param pos="0" name="service.vendor" value="nginx"/>
|
638
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:
|
709
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:f5:nginx:-"/>
|
639
710
|
<param pos="0" name="os.vendor" value="Debian"/>
|
640
711
|
<param pos="0" name="os.product" value="Linux"/>
|
641
712
|
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
|
@@ -687,9 +758,10 @@
|
|
687
758
|
<param pos="1" name="hw.product"/>
|
688
759
|
</fingerprint>
|
689
760
|
|
690
|
-
<fingerprint pattern="^Netgear Prosafe Plus Switch$">
|
761
|
+
<fingerprint pattern="(?i)^Netgear Prosafe Plus Switch$">
|
691
762
|
<description>Netgear Prosafe Plus Switch</description>
|
692
763
|
<example>Netgear Prosafe Plus Switch</example>
|
764
|
+
<example>NETGEAR ProSAFE Plus Switch</example>
|
693
765
|
<param pos="0" name="os.vendor" value="Netgear"/>
|
694
766
|
<param pos="0" name="os.device" value="Switch"/>
|
695
767
|
<param pos="0" name="os.product" value="Prosafe Firmware"/>
|
@@ -699,7 +771,7 @@
|
|
699
771
|
<param pos="0" name="hw.product" value="Prosafe Plus"/>
|
700
772
|
</fingerprint>
|
701
773
|
|
702
|
-
<fingerprint pattern="^(
|
774
|
+
<fingerprint pattern="^(.{0,256}).nbsp;Configuration and Management$">
|
703
775
|
<description>Digi Terminal Servers</description>
|
704
776
|
<example hw.product="Digi One SP">Digi One SP&nbsp;Configuration and Management</example>
|
705
777
|
<example hw.product="PortServer TS 4">PortServer TS 4&nbsp;Configuration and Management</example>
|
@@ -712,6 +784,37 @@
|
|
712
784
|
<param pos="0" name="os.product" value="NET+OS"/>
|
713
785
|
</fingerprint>
|
714
786
|
|
787
|
+
<fingerprint pattern="^(?:TransPort )?(WR\S+) \(SN: (\d+)\) Configuration and Management$">
|
788
|
+
<description>Digi Cellular Routers</description>
|
789
|
+
<example hw.product="WR44v2" hw.serial_number="888111" digi.serial_number="888111">WR44v2 (SN: 888111) Configuration and Management</example>
|
790
|
+
<example hw.product="WR21" hw.serial_number="888111" digi.serial_number="888111">WR21 (SN: 888111) Configuration and Management</example>
|
791
|
+
<example hw.product="WR44v2" hw.serial_number="888111" digi.serial_number="888111">TransPort WR44v2 (SN: 888111) Configuration and Management</example>
|
792
|
+
<example hw.product="WR44RR" hw.serial_number="888111" digi.serial_number="888111">TransPort WR44RR (SN: 888111) Configuration and Management</example>
|
793
|
+
<example hw.product="WR44" hw.serial_number="888111" digi.serial_number="888111">TransPort WR44 (SN: 888111) Configuration and Management</example>
|
794
|
+
<param pos="0" name="hw.vendor" value="Digi"/>
|
795
|
+
<param pos="0" name="hw.device" value="Router"/>
|
796
|
+
<param pos="1" name="hw.product"/>
|
797
|
+
<param pos="2" name="digi.serial_number"/>
|
798
|
+
<param pos="2" name="hw.serial_number"/>
|
799
|
+
</fingerprint>
|
800
|
+
|
801
|
+
<fingerprint pattern="^Digi (\S+) - ([a-fA-F0-9]{12})">
|
802
|
+
<description>Digi TX Cellular Routers</description>
|
803
|
+
<example hw.product="TX54-Dual-Cellular" host.mac="0040FF100000">Digi TX54-Dual-Cellular - 0040FF100000</example>
|
804
|
+
<param pos="0" name="hw.vendor" value="Digi"/>
|
805
|
+
<param pos="0" name="hw.device" value="Router"/>
|
806
|
+
<param pos="1" name="hw.product"/>
|
807
|
+
<param pos="2" name="host.mac"/>
|
808
|
+
</fingerprint>
|
809
|
+
|
810
|
+
<fingerprint pattern="^Digi Configuration and Management$">
|
811
|
+
<description>Digi Cellular Routers (Generic)</description>
|
812
|
+
<example>Digi Configuration and Management</example>
|
813
|
+
<param pos="0" name="hw.vendor" value="Digi"/>
|
814
|
+
<param pos="0" name="hw.device" value="Router"/>
|
815
|
+
<param pos="0" name="hw.certainty" value="0.25"/>
|
816
|
+
</fingerprint>
|
817
|
+
|
715
818
|
<fingerprint pattern="^NPort Web Console$">
|
716
819
|
<description>Moxa NPort Terminal Servers</description>
|
717
820
|
<example>NPort Web Console</example>
|
@@ -730,6 +833,14 @@
|
|
730
833
|
<param pos="1" name="hw.product"/>
|
731
834
|
</fingerprint>
|
732
835
|
|
836
|
+
<fingerprint pattern="^Lantronix WEB-Manager$">
|
837
|
+
<description>Lantronix UDS terminal server</description>
|
838
|
+
<example>Lantronix WEB-Manager</example>
|
839
|
+
<param pos="0" name="hw.vendor" value="Lantronix"/>
|
840
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
841
|
+
<param pos="0" name="hw.product" value="UDS"/>
|
842
|
+
</fingerprint>
|
843
|
+
|
733
844
|
<fingerprint pattern="^(KN\S+) - Cover$">
|
734
845
|
<description>ATEN KVM over IP</description>
|
735
846
|
<example hw.product="KN4140v">KN4140v - Cover</example>
|
@@ -820,7 +931,7 @@
|
|
820
931
|
<param pos="0" name="hw.product" value="Rack PDU Card"/>
|
821
932
|
</fingerprint>
|
822
933
|
|
823
|
-
<fingerprint pattern="^(
|
934
|
+
<fingerprint pattern="^(.{0,256}) IntelliSlot Web(?:/\d+)? Card?$">
|
824
935
|
<description>Emerson Network Power IntelliSlot Web Card and rebrands</description>
|
825
936
|
<example hw.vendor="Emerson Network Power">Emerson Network Power IntelliSlot Web Card</example>
|
826
937
|
<example hw.vendor="Emerson Network Power">Emerson Network Power IntelliSlot Web/485 Card</example>
|
@@ -1038,7 +1149,7 @@
|
|
1038
1149
|
<param pos="0" name="hw.product" value="OpenManage Switch"/>
|
1039
1150
|
</fingerprint>
|
1040
1151
|
|
1041
|
-
<fingerprint pattern="^(\S
|
1152
|
+
<fingerprint pattern="^(\S{1,512})\s{1,8}-\s{1,8}ProCurve Switch (\S+) \((.*)\)$">
|
1042
1153
|
<description>HPE ProCurve Switch w/Hostname</description>
|
1043
1154
|
<example host.name="SW1" hw.product="4204vl" procurve.model="J8770A">SW1 - ProCurve Switch 4204vl (J8770A)</example>
|
1044
1155
|
<param pos="0" name="hw.vendor" value="HPE"/>
|
@@ -1134,20 +1245,39 @@
|
|
1134
1245
|
|
1135
1246
|
<fingerprint pattern="^Agilent 33220A \((.*)\)$">
|
1136
1247
|
<description>Agilent 33220A</description>
|
1137
|
-
<example agilent.serial="MY44041111">Agilent 33220A (MY44041111)</example>
|
1248
|
+
<example agilent.serial="MY44041111" hw.serial_number="MY44041111">Agilent 33220A (MY44041111)</example>
|
1138
1249
|
<param pos="0" name="hw.vendor" value="Agilent"/>
|
1139
1250
|
<param pos="0" name="hw.device" value="Test Instrument"/>
|
1140
1251
|
<param pos="0" name="hw.product" value="33220A Waveform Generator"/>
|
1141
1252
|
<param pos="1" name="agilent.serial"/>
|
1253
|
+
<param pos="1" name="hw.serial_number"/>
|
1142
1254
|
</fingerprint>
|
1143
1255
|
|
1144
1256
|
<fingerprint pattern="^Agilent N5172B (?:EXG )?(MY\S+)$">
|
1145
1257
|
<description>Agilent N5172B</description>
|
1146
|
-
<example agilent.serial="MY44041111">Agilent N5172B EXG MY44041111</example>
|
1258
|
+
<example agilent.serial="MY44041111" hw.serial_number="MY44041111">Agilent N5172B EXG MY44041111</example>
|
1147
1259
|
<param pos="0" name="hw.vendor" value="Agilent"/>
|
1148
1260
|
<param pos="0" name="hw.device" value="Test Instrument"/>
|
1149
1261
|
<param pos="0" name="hw.product" value="N5172B Signal Generator"/>
|
1150
1262
|
<param pos="1" name="agilent.serial"/>
|
1263
|
+
<param pos="1" name="hw.serial_number"/>
|
1264
|
+
</fingerprint>
|
1265
|
+
|
1266
|
+
<fingerprint pattern="^Agilent E5810 \(([a-fA-F0-9-]{17})\)$">
|
1267
|
+
<description>Agilent E5810 Instrument Gateway Device</description>
|
1268
|
+
<example host.mac="00-30-D3-01-01-01">Agilent E5810 (00-30-D3-01-01-01)</example>
|
1269
|
+
<param pos="0" name="hw.vendor" value="Agilent"/>
|
1270
|
+
<param pos="0" name="hw.device" value="Test Instrument"/>
|
1271
|
+
<param pos="0" name="hw.product" value="E5810 Gateway Device"/>
|
1272
|
+
<param pos="1" name="host.mac"/>
|
1273
|
+
</fingerprint>
|
1274
|
+
|
1275
|
+
<fingerprint pattern="^LXI - Agilent Technologies - N1913A - EPM Series Power Meter$">
|
1276
|
+
<description>Agilent N1913A EPM Series Power Meter</description>
|
1277
|
+
<example>LXI - Agilent Technologies - N1913A - EPM Series Power Meter</example>
|
1278
|
+
<param pos="0" name="hw.vendor" value="Agilent"/>
|
1279
|
+
<param pos="0" name="hw.device" value="Test Instrument"/>
|
1280
|
+
<param pos="0" name="hw.product" value="N1913A Power Meter"/>
|
1151
1281
|
</fingerprint>
|
1152
1282
|
|
1153
1283
|
<fingerprint pattern="^Polycom - Configuration Utility$">
|
@@ -1183,6 +1313,15 @@
|
|
1183
1313
|
<param pos="1" name="hw.product"/>
|
1184
1314
|
</fingerprint>
|
1185
1315
|
|
1316
|
+
<fingerprint pattern="^(SPA\S+) Device Information \(SEP(\S+)\)$">
|
1317
|
+
<description>Cisco IP Phone - SPA504G</description>
|
1318
|
+
<example hw.product="SPA504G" host.mac="0123456789ab">SPA504G Device Information (SEP0123456789ab)</example>
|
1319
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
1320
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
1321
|
+
<param pos="1" name="hw.product"/>
|
1322
|
+
<param pos="2" name="host.mac"/>
|
1323
|
+
</fingerprint>
|
1324
|
+
|
1186
1325
|
<fingerprint pattern="^Cisco (?:SPA Configuration|IP Phone)$">
|
1187
1326
|
<description>Cisco IP Phone </description>
|
1188
1327
|
<example>Cisco SPA Configuration</example>
|
@@ -1239,6 +1378,7 @@
|
|
1239
1378
|
<param pos="0" name="os.device" value="Switch"/>
|
1240
1379
|
<param pos="0" name="os.product" value="MDS 9000"/>
|
1241
1380
|
<param pos="1" name="os.version"/>
|
1381
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:mds_9000_san-os:{os.version}"/>
|
1242
1382
|
</fingerprint>
|
1243
1383
|
|
1244
1384
|
<fingerprint pattern="^Stealthwatch Management Console$">
|
@@ -1299,6 +1439,14 @@
|
|
1299
1439
|
<param pos="0" name="hw.cpe23" value="cpe:/h:cisco:wireless_lan_controller:-"/>
|
1300
1440
|
</fingerprint>
|
1301
1441
|
|
1442
|
+
<fingerprint pattern="^Cisco ASDM (\S+)$">
|
1443
|
+
<description>Cisco Adaptive Security Device Manager Application</description>
|
1444
|
+
<example service.version="6.4(7)">Cisco ASDM 6.4(7)</example>
|
1445
|
+
<param pos="0" name="service.vendor" value="Cisco"/>
|
1446
|
+
<param pos="0" name="service.product" value="ASDM"/>
|
1447
|
+
<param pos="1" name="service.version"/>
|
1448
|
+
</fingerprint>
|
1449
|
+
|
1302
1450
|
<fingerprint pattern="^Duo Access Gateway$">
|
1303
1451
|
<description>Duo Access Gateway</description>
|
1304
1452
|
<example>Duo Access Gateway</example>
|
@@ -1397,6 +1545,7 @@
|
|
1397
1545
|
<param pos="0" name="hw.vendor" value="KACE"/>
|
1398
1546
|
<param pos="0" name="hw.device" value="Support Appliance"/>
|
1399
1547
|
<param pos="0" name="hw.product" value="K1000"/>
|
1548
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:dell:kace_k1000_systems_management_appliance:-"/>
|
1400
1549
|
<param pos="0" name="os.vendor" value="KACE"/>
|
1401
1550
|
<param pos="0" name="os.family" value="FreeBSD"/>
|
1402
1551
|
</fingerprint>
|
@@ -1450,6 +1599,36 @@
|
|
1450
1599
|
<param pos="0" name="os.product" value="SmartServer"/>
|
1451
1600
|
</fingerprint>
|
1452
1601
|
|
1602
|
+
<!-- Various products by Avocent -->
|
1603
|
+
|
1604
|
+
<fingerprint pattern="^Avocent AutoView ([^/$]+)">
|
1605
|
+
<description>Avocent AutoView KVM</description>
|
1606
|
+
<example hw.model="3100">Avocent AutoView 3100/3200</example>
|
1607
|
+
<example hw.model="3050">Avocent AutoView 3050</example>
|
1608
|
+
<param pos="0" name="hw.vendor" value="Avocent"/>
|
1609
|
+
<param pos="0" name="hw.device" value="KVM"/>
|
1610
|
+
<param pos="1" name="hw.model"/>
|
1611
|
+
<param pos="0" name="hw.product" value="AutoView {hw.model}"/>
|
1612
|
+
</fingerprint>
|
1613
|
+
|
1614
|
+
<!-- Various products by Aerohive -->
|
1615
|
+
|
1616
|
+
<fingerprint pattern="^Aerohive HiveUI$">
|
1617
|
+
<description>Aerohive Access Point</description>
|
1618
|
+
<example>Aerohive HiveUI</example>
|
1619
|
+
<param pos="0" name="hw.vendor" value="Aerohive"/>
|
1620
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1621
|
+
</fingerprint>
|
1622
|
+
|
1623
|
+
<!-- Various products by Ruckus -->
|
1624
|
+
|
1625
|
+
<fingerprint pattern="^Ruckus Wireless Admin$">
|
1626
|
+
<description>Ruckus Wireless Access Point</description>
|
1627
|
+
<example>Ruckus Wireless Admin</example>
|
1628
|
+
<param pos="0" name="hw.vendor" value="Ruckus"/>
|
1629
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
1630
|
+
</fingerprint>
|
1631
|
+
|
1453
1632
|
<!-- Various ICS/OT -->
|
1454
1633
|
|
1455
1634
|
<fingerprint pattern="^CTI (25\S+) Main Menu$">
|
@@ -1678,7 +1857,7 @@
|
|
1678
1857
|
<param pos="0" name="service.cpe23" value="cpe:/a:realvnc:realvnc:-"/>
|
1679
1858
|
</fingerprint>
|
1680
1859
|
|
1681
|
-
<fingerprint pattern="
|
1860
|
+
<fingerprint pattern="^.{0,1000} \[Jenkins\]$">
|
1682
1861
|
<description>Jenkins Customized Dashboard</description>
|
1683
1862
|
<example>Continuous Integrations [Jenkins]</example>
|
1684
1863
|
<example>Dashboard [Jenkins]</example>
|
@@ -2020,7 +2199,7 @@
|
|
2020
2199
|
<description>Pure Storage Appliance</description>
|
2021
2200
|
<example>Pure Storage Login</example>
|
2022
2201
|
<param pos="0" name="hw.vendor" value="Pure Storage"/>
|
2023
|
-
<param pos="0" name="hw.device" value="
|
2202
|
+
<param pos="0" name="hw.device" value="Storage Appliance"/>
|
2024
2203
|
<param pos="0" name="hw.product" value="Appliance"/>
|
2025
2204
|
</fingerprint>
|
2026
2205
|
|
@@ -2203,7 +2382,7 @@
|
|
2203
2382
|
<param pos="0" name="hw.product" value="Network Node"/>
|
2204
2383
|
</fingerprint>
|
2205
2384
|
|
2206
|
-
<fingerprint pattern="^
|
2385
|
+
<fingerprint pattern="^S2 Netbox Login|Home - NetBox$">
|
2207
2386
|
<description>S2 Netbox Appliance</description>
|
2208
2387
|
<example>S2 Netbox Login</example>
|
2209
2388
|
<example>Home - NetBox</example>
|
@@ -2255,7 +2434,7 @@
|
|
2255
2434
|
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:tivoli_storage_flashcopy_manager:-"/>
|
2256
2435
|
</fingerprint>
|
2257
2436
|
|
2258
|
-
<fingerprint pattern="^
|
2437
|
+
<fingerprint pattern="^Jupyter Notebook|JupyterLab|Home Page - Select or create a notebook$">
|
2259
2438
|
<description>Jupyter Notebook Server</description>
|
2260
2439
|
<example>Jupyter Notebook</example>
|
2261
2440
|
<example>JupyterLab</example>
|
@@ -2300,7 +2479,7 @@
|
|
2300
2479
|
<param pos="0" name="service.product" value="Network Monitor"/>
|
2301
2480
|
</fingerprint>
|
2302
2481
|
|
2303
|
-
<fingerprint pattern="^
|
2482
|
+
<fingerprint pattern="^BrightSign&reg;|BrightSign Applications|Diagnostics Web Server$">
|
2304
2483
|
<description>BrightSign Controller</description>
|
2305
2484
|
<example>BrightSign&reg;</example>
|
2306
2485
|
<example>BrightSign Applications</example>
|
@@ -2321,7 +2500,7 @@
|
|
2321
2500
|
<param pos="0" name="hw.device" value="WAP"/>
|
2322
2501
|
</fingerprint>
|
2323
2502
|
|
2324
|
-
<fingerprint pattern="^
|
2503
|
+
<fingerprint pattern="^DD System Manager|System Manager$">
|
2325
2504
|
<description>Data Domain System Manager</description>
|
2326
2505
|
<example>DD System Manager</example>
|
2327
2506
|
<example>System Manager</example>
|
@@ -2341,7 +2520,7 @@
|
|
2341
2520
|
<param pos="0" name="service.product" value="SonarQube"/>
|
2342
2521
|
</fingerprint>
|
2343
2522
|
|
2344
|
-
<fingerprint pattern="^(\S
|
2523
|
+
<fingerprint pattern="^(\S{1,512}) - Opengear Management Console$">
|
2345
2524
|
<description>Opengear Management Console</description>
|
2346
2525
|
<example host.name="server01">server01 - Opengear Management Console</example>
|
2347
2526
|
<param pos="0" name="service.vendor" value="Opengear"/>
|
@@ -2374,7 +2553,7 @@
|
|
2374
2553
|
<param pos="0" name="service.cpe23" value="cpe:/a:influxdata:influxdb:2.0"/>
|
2375
2554
|
</fingerprint>
|
2376
2555
|
|
2377
|
-
<fingerprint pattern="^
|
2556
|
+
<fingerprint pattern="^Sign in . GitLab|GitLab|GitLab is not responding$">
|
2378
2557
|
<description>GitLab</description>
|
2379
2558
|
<example>Sign in · GitLab</example>
|
2380
2559
|
<example>GitLab is not responding</example>
|
@@ -2385,7 +2564,7 @@
|
|
2385
2564
|
<param pos="0" name="service.cpe23" value="cpe:/a:gitlab:gitlab:-"/>
|
2386
2565
|
</fingerprint>
|
2387
2566
|
|
2388
|
-
<fingerprint pattern="^
|
2567
|
+
<fingerprint pattern="^GitHub Enterprise|Setup GitHub Enterprise|GitHub Enterprise preflight check$">
|
2389
2568
|
<description>GitHub Enterprise</description>
|
2390
2569
|
<example>GitHub Enterprise</example>
|
2391
2570
|
<example>Setup GitHub Enterprise</example>
|
@@ -2394,7 +2573,7 @@
|
|
2394
2573
|
<param pos="0" name="service.product" value="Enterprise"/>
|
2395
2574
|
</fingerprint>
|
2396
2575
|
|
2397
|
-
<fingerprint pattern="^
|
2576
|
+
<fingerprint pattern="^SAP NetWeaver Application Server Java|SAP&#x20;NetWeaver&#x20;Portal|Loading Portal\.\.\.$">
|
2398
2577
|
<description>SAP NetWeaver Portal</description>
|
2399
2578
|
<example>SAP NetWeaver Application Server Java</example>
|
2400
2579
|
<example>SAP&#x20;NetWeaver&#x20;Portal</example>
|
@@ -2413,7 +2592,7 @@
|
|
2413
2592
|
<param pos="0" name="service.cpe23" value="cpe:/a:lansweeper:lansweeper:-"/>
|
2414
2593
|
</fingerprint>
|
2415
2594
|
|
2416
|
-
<fingerprint pattern="^
|
2595
|
+
<fingerprint pattern="^Celery Flower|Flower$">
|
2417
2596
|
<description>Celery Flower Dashboard</description>
|
2418
2597
|
<example>Celery Flower</example>
|
2419
2598
|
<example>Flower</example>
|
@@ -2553,7 +2732,7 @@
|
|
2553
2732
|
<param pos="0" name="service.cpe23" value="cpe:/a:apache:flink:-"/>
|
2554
2733
|
</fingerprint>
|
2555
2734
|
|
2556
|
-
<fingerprint pattern="^
|
2735
|
+
<fingerprint pattern="^Twonky|Twonky Server|TwonkyMedia|TwonkyMedia server media browser$">
|
2557
2736
|
<description>Twonky Server</description>
|
2558
2737
|
<example>Twonky</example>
|
2559
2738
|
<example>Twonky Server</example>
|
@@ -2598,7 +2777,7 @@
|
|
2598
2777
|
<param pos="0" name="service.cpe23" value="cpe:/a:sabnzbd:sabnzbd:-"/>
|
2599
2778
|
</fingerprint>
|
2600
2779
|
|
2601
|
-
<fingerprint pattern="^
|
2780
|
+
<fingerprint pattern="^Zabbix|.*: Zabbix$">
|
2602
2781
|
<description>Zabbix</description>
|
2603
2782
|
<example>Zabbix</example>
|
2604
2783
|
<example>appliance: Zabbix</example>
|
@@ -2607,7 +2786,7 @@
|
|
2607
2786
|
<param pos="0" name="service.cpe23" value="cpe:/a:zabbix:zabbix:-"/>
|
2608
2787
|
</fingerprint>
|
2609
2788
|
|
2610
|
-
<fingerprint pattern="^(\S
|
2789
|
+
<fingerprint pattern="^(\S{1,512}) \(build (\S+)\) - Info$">
|
2611
2790
|
<description>DD-WRT</description>
|
2612
2791
|
<example host.name="SubTerraVia-NUC" os.version="36104" os.build="36104">SubTerraVia-NUC (build 36104) - Info</example>
|
2613
2792
|
<example host.name="DD-WRT" os.version="35030M" os.build="35030M">DD-WRT (build 35030M) - Info</example>
|
@@ -2620,7 +2799,7 @@
|
|
2620
2799
|
<param pos="0" name="os.cpe23" value="cpe:/o:dd-wrt:dd-wrt:{os.version}"/>
|
2621
2800
|
</fingerprint>
|
2622
2801
|
|
2623
|
-
<fingerprint pattern="^
|
2802
|
+
<fingerprint pattern="^Apache Druid|Druid Console|Legacy Coordinator Console$">
|
2624
2803
|
<description>Apache Druid</description>
|
2625
2804
|
<example>Apache Druid</example>
|
2626
2805
|
<example>Legacy Coordinator Console</example>
|
@@ -2707,7 +2886,7 @@
|
|
2707
2886
|
<example>Rundeck - Login</example>
|
2708
2887
|
<param pos="0" name="service.vendor" value="Rundeck"/>
|
2709
2888
|
<param pos="0" name="service.product" value="Rundeck"/>
|
2710
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:
|
2889
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:pagerduty:rundeck:-"/>
|
2711
2890
|
</fingerprint>
|
2712
2891
|
|
2713
2892
|
<fingerprint pattern="^CrushFTP WebInterface$">
|
@@ -2830,7 +3009,7 @@
|
|
2830
3009
|
<param pos="0" name="service.cpe23" value="cpe:/a:solarwinds:virtualization_manager:-"/>
|
2831
3010
|
</fingerprint>
|
2832
3011
|
|
2833
|
-
<fingerprint pattern="^
|
3012
|
+
<fingerprint pattern="^Gitea: .*|LocalRepo|TurnKey Gitea$">
|
2834
3013
|
<description>Gitea</description>
|
2835
3014
|
<example>Gitea: Git with a cup of tea</example>
|
2836
3015
|
<example>TurnKey Gitea</example>
|
@@ -2918,7 +3097,7 @@
|
|
2918
3097
|
<param pos="0" name="service.cpe23" value="cpe:/a:rstudio:connect:-"/>
|
2919
3098
|
</fingerprint>
|
2920
3099
|
|
2921
|
-
<fingerprint pattern="^
|
3100
|
+
<fingerprint pattern="^TurnKey Moodle|New Site$">
|
2922
3101
|
<description>Moodle</description>
|
2923
3102
|
<example>TurnKey Moodle</example>
|
2924
3103
|
<example>New Site</example>
|
@@ -2945,7 +3124,7 @@
|
|
2945
3124
|
<example>Log In - Confluence</example>
|
2946
3125
|
<param pos="0" name="service.vendor" value="Atlassian"/>
|
2947
3126
|
<param pos="0" name="service.product" value="Confluence"/>
|
2948
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:atlassian:
|
3127
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:atlassian:confluence_server:-"/>
|
2949
3128
|
</fingerprint>
|
2950
3129
|
|
2951
3130
|
<fingerprint pattern="^System Dashboard - ">
|
@@ -2957,7 +3136,7 @@
|
|
2957
3136
|
<param pos="0" name="service.cpe23" value="cpe:/a:atlassian:jira:-"/>
|
2958
3137
|
</fingerprint>
|
2959
3138
|
|
2960
|
-
<fingerprint pattern="^
|
3139
|
+
<fingerprint pattern="^Welcome to XAMPP|XAMPP for Linux">
|
2961
3140
|
<description>XAMPP Server</description>
|
2962
3141
|
<example>Welcome to XAMPP</example>
|
2963
3142
|
<example>XAMPP for Linux</example>
|
@@ -2982,7 +3161,7 @@
|
|
2982
3161
|
<param pos="0" name="service.cpe23" value="cpe:/a:kodi:kodi:-"/>
|
2983
3162
|
</fingerprint>
|
2984
3163
|
|
2985
|
-
<fingerprint pattern="^
|
3164
|
+
<fingerprint pattern="^Drupal|TurnKey Drupal\d+|Select an installation profile$">
|
2986
3165
|
<description>Drupal CMS</description>
|
2987
3166
|
<example>Drupal</example>
|
2988
3167
|
<example>TurnKey Drupal8</example>
|
@@ -3062,9 +3241,9 @@
|
|
3062
3241
|
<param pos="0" name="service.product" value="Media Server"/>
|
3063
3242
|
</fingerprint>
|
3064
3243
|
|
3065
|
-
<fingerprint pattern="
|
3244
|
+
<fingerprint pattern="^.{1,256} - Proxmox Virtual Environment$">
|
3066
3245
|
<description>Proxmox open-source virtualization platform</description>
|
3067
|
-
<example>
|
3246
|
+
<example>hypervisor - Proxmox Virtual Environment</example>
|
3068
3247
|
<param pos="0" name="service.vendor" value="Proxmox"/>
|
3069
3248
|
<param pos="0" name="service.product" value="Virtual Environment"/>
|
3070
3249
|
<param pos="0" name="service.cpe23" value="cpe:/a:proxmox:virtual_environment:-"/>
|
@@ -3084,7 +3263,7 @@
|
|
3084
3263
|
<fingerprint pattern="Lifesize&reg;$">
|
3085
3264
|
<description>Lifesize TelePresence</description>
|
3086
3265
|
<example>Lifesize&reg;</example>
|
3087
|
-
<example>400 - Bad Request
|
3266
|
+
<example>400 - Bad Request Lifesize&reg;</example>
|
3088
3267
|
<param pos="0" name="hw.vendor" value="Lifesize"/>
|
3089
3268
|
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
3090
3269
|
<param pos="0" name="hw.product" value="TelePresence"/>
|
@@ -3223,4 +3402,495 @@
|
|
3223
3402
|
<param pos="0" name="service.cpe23" value="cpe:/a:moinmo:moinmoin:-"/>
|
3224
3403
|
</fingerprint>
|
3225
3404
|
|
3405
|
+
<fingerprint pattern="^(\w+) - BlackBox Management Console$">
|
3406
|
+
<description>BlackBox Management Console</description>
|
3407
|
+
<example host.name="ABC123">ABC123 - BlackBox Management Console</example>
|
3408
|
+
<param pos="0" name="hw.vendor" value="BlackBox"/>
|
3409
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
3410
|
+
<param pos="0" name="hw.product" value="BlackBox"/>
|
3411
|
+
<param pos="1" name="host.name"/>
|
3412
|
+
</fingerprint>
|
3413
|
+
|
3414
|
+
<fingerprint pattern="^Shelly Color Bulb$">
|
3415
|
+
<description>Shelly Smart Bulb</description>
|
3416
|
+
<example>Shelly Color Bulb</example>
|
3417
|
+
<param pos="0" name="os.vendor" value="Cesanta"/>
|
3418
|
+
<param pos="0" name="os.product" value="Mongoose OS"/>
|
3419
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
|
3420
|
+
<param pos="0" name="hw.vendor" value="Shelly"/>
|
3421
|
+
<param pos="0" name="hw.device" value="Light Bulb"/>
|
3422
|
+
<param pos="0" name="hw.product" value="Color Bulb"/>
|
3423
|
+
</fingerprint>
|
3424
|
+
|
3425
|
+
<fingerprint pattern="^Shelly (Plug|Dimmer(?: 2)?|Switch)$">
|
3426
|
+
<description>Shelly Plug/Dimmer/Switch Devices</description>
|
3427
|
+
<example hw.product="Plug">Shelly Plug</example>
|
3428
|
+
<example hw.product="Dimmer">Shelly Dimmer</example>
|
3429
|
+
<example hw.product="Dimmer 2">Shelly Dimmer 2</example>
|
3430
|
+
<example hw.product="Switch">Shelly Switch</example>
|
3431
|
+
<param pos="0" name="os.vendor" value="Cesanta"/>
|
3432
|
+
<param pos="0" name="os.product" value="Mongoose OS"/>
|
3433
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
|
3434
|
+
<param pos="0" name="hw.vendor" value="Shelly"/>
|
3435
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3436
|
+
<param pos="1" name="hw.product"/>
|
3437
|
+
</fingerprint>
|
3438
|
+
|
3439
|
+
<fingerprint pattern="^Shelly[ ]?(RGBW2|1L)$">
|
3440
|
+
<description>Shelly Lighting Controller</description>
|
3441
|
+
<example hw.product="RGBW2">Shelly RGBW2</example>
|
3442
|
+
<example hw.product="1L">Shelly1L</example>
|
3443
|
+
<param pos="0" name="os.vendor" value="Cesanta"/>
|
3444
|
+
<param pos="0" name="os.product" value="Mongoose OS"/>
|
3445
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cesanta:mongoose_os:-"/>
|
3446
|
+
<param pos="0" name="hw.vendor" value="Shelly"/>
|
3447
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3448
|
+
<param pos="1" name="hw.product"/>
|
3449
|
+
</fingerprint>
|
3450
|
+
|
3451
|
+
<fingerprint pattern="^TinyGS Configuration$">
|
3452
|
+
<description>TinyGS LoRa Ground Station Software</description>
|
3453
|
+
<example>TinyGS Configuration</example>
|
3454
|
+
<param pos="0" name="service.product" value="TinyGS"/>
|
3455
|
+
</fingerprint>
|
3456
|
+
|
3457
|
+
<fingerprint pattern="^WLED$">
|
3458
|
+
<description>WLED Controlled Device</description>
|
3459
|
+
<example>WLED</example>
|
3460
|
+
<param pos="0" name="service.vendor" value="Aircookie"/>
|
3461
|
+
<param pos="0" name="service.product" value="WLED"/>
|
3462
|
+
<param pos="0" name="service.device" value="Device"/>
|
3463
|
+
</fingerprint>
|
3464
|
+
|
3465
|
+
<fingerprint pattern="^Freebox OS (?:.*)$">
|
3466
|
+
<description>Freebox OS on Freebox Set-top Box Devices</description>
|
3467
|
+
<example>Freebox OS :: Identification</example>
|
3468
|
+
<param pos="0" name="os.vendor" value="Freebox"/>
|
3469
|
+
<param pos="0" name="os.product" value="Freebox OS"/>
|
3470
|
+
<param pos="0" name="hw.vendor" value="Freebox"/>
|
3471
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3472
|
+
</fingerprint>
|
3473
|
+
|
3474
|
+
<fingerprint pattern="^HP UPS Network Module$">
|
3475
|
+
<description>HP RT3000 G2 UPS</description>
|
3476
|
+
<example>HP UPS Network Module</example>
|
3477
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
3478
|
+
<param pos="0" name="hw.device" value="UPS"/>
|
3479
|
+
</fingerprint>
|
3480
|
+
|
3481
|
+
<fingerprint pattern="^UniFi Network$">
|
3482
|
+
<description>Ubiquiti UniFi Network Application</description>
|
3483
|
+
<example>UniFi Network</example>
|
3484
|
+
<param pos="0" name="service.vendor" value="Ubiquiti"/>
|
3485
|
+
<param pos="0" name="service.product" value="UniFi"/>
|
3486
|
+
<param pos="0" name="service.device" value="Device"/>
|
3487
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ui:unifi:-"/>
|
3488
|
+
</fingerprint>
|
3489
|
+
|
3490
|
+
<fingerprint pattern="^Login to AdminDroid Office 365 Reporter$">
|
3491
|
+
<description>AdminDroid Office 365 Reporter Application</description>
|
3492
|
+
<example>Login to AdminDroid Office 365 Reporter</example>
|
3493
|
+
<param pos="0" name="service.vendor" value="AdminDroid"/>
|
3494
|
+
<param pos="0" name="service.product" value="Office 365 Reporter"/>
|
3495
|
+
</fingerprint>
|
3496
|
+
|
3497
|
+
<fingerprint pattern="^Nanoleaf Firmware Upload$">
|
3498
|
+
<description>Nanoleaf LED Lighting</description>
|
3499
|
+
<example>Nanoleaf Firmware Upload</example>
|
3500
|
+
<param pos="0" name="hw.vendor" value="Nanoleaf"/>
|
3501
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3502
|
+
</fingerprint>
|
3503
|
+
|
3504
|
+
<fingerprint pattern="^GoGogate - LAN$">
|
3505
|
+
<description>GoGogate Garage Door Opener</description>
|
3506
|
+
<example>GoGogate - LAN</example>
|
3507
|
+
<param pos="0" name="hw.vendor" value="GoGogate"/>
|
3508
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3509
|
+
</fingerprint>
|
3510
|
+
|
3511
|
+
<fingerprint pattern="^ASUS Login$">
|
3512
|
+
<description>ASUS Router/Network Device</description>
|
3513
|
+
<example>ASUS Login</example>
|
3514
|
+
<param pos="0" name="hw.vendor" value="Asus"/>
|
3515
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3516
|
+
</fingerprint>
|
3517
|
+
|
3518
|
+
<fingerprint pattern="^GigaBlue Quad Plus - OpenWebif$">
|
3519
|
+
<description>GigaBlue Quad Plus Satellite TV Receiver</description>
|
3520
|
+
<example>GigaBlue Quad Plus - OpenWebif</example>
|
3521
|
+
<param pos="0" name="hw.vendor" value="GigaBlue"/>
|
3522
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3523
|
+
<param pos="0" name="hw.product" value="Quad Plus Receiver"/>
|
3524
|
+
</fingerprint>
|
3525
|
+
|
3526
|
+
<fingerprint pattern="^Barix Instreamer Instreamer$">
|
3527
|
+
<description>Barix Instreamer</description>
|
3528
|
+
<example>Barix Instreamer Instreamer</example>
|
3529
|
+
<param pos="0" name="hw.vendor" value="Barix"/>
|
3530
|
+
<param pos="0" name="hw.device" value="Audio Encoder"/>
|
3531
|
+
<param pos="0" name="hw.product" value="Instreamer"/>
|
3532
|
+
</fingerprint>
|
3533
|
+
|
3534
|
+
<fingerprint pattern="^Tracker Display$">
|
3535
|
+
<description>SpotterRF</description>
|
3536
|
+
<example>Tracker Display</example>
|
3537
|
+
<param pos="0" name="os.vendor" value="SpotterRF"/>
|
3538
|
+
<param pos="0" name="os.family" value="Linux"/>
|
3539
|
+
<param pos="0" name="os.certainty" value="0.90"/>
|
3540
|
+
<param pos="0" name="hw.vendor" value="SpotterRF"/>
|
3541
|
+
<param pos="0" name="hw.device" value="Sensor"/>
|
3542
|
+
<param pos="0" name="hw.product" value="Drone Detector"/>
|
3543
|
+
</fingerprint>
|
3544
|
+
|
3545
|
+
<fingerprint pattern="^Polycom (DMA \d+)$">
|
3546
|
+
<description>Polycom DMA 7000</description>
|
3547
|
+
<example hw.product="DMA 7000">Polycom DMA 7000</example>
|
3548
|
+
<param pos="0" name="hw.vendor" value="Polycom"/>
|
3549
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
3550
|
+
<param pos="1" name="hw.product"/>
|
3551
|
+
</fingerprint>
|
3552
|
+
|
3553
|
+
<fingerprint pattern="^VVX(\d{3})$">
|
3554
|
+
<description>Polycom VVX VoIP Phones</description>
|
3555
|
+
<example hw.model="250">VVX250</example>
|
3556
|
+
<param pos="0" name="hw.vendor" value="Polycom"/>
|
3557
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
3558
|
+
<param pos="1" name="hw.model"/>
|
3559
|
+
<param pos="0" name="hw.product" value="VVX {hw.model}"/>
|
3560
|
+
</fingerprint>
|
3561
|
+
|
3562
|
+
<fingerprint pattern="^(OBi[23]\d{2})">
|
3563
|
+
<description>Poly OBI Analog Telephone Adapter</description>
|
3564
|
+
<example hw.product="OBi200">OBi200</example>
|
3565
|
+
<param pos="0" name="hw.vendor" value="Poly"/>
|
3566
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
3567
|
+
<param pos="1" name="hw.product"/>
|
3568
|
+
</fingerprint>
|
3569
|
+
|
3570
|
+
<fingerprint pattern="^Alpha Technologies$">
|
3571
|
+
<description>Alpha Technologies Novus UPS</description>
|
3572
|
+
<example>Alpha Technologies</example>
|
3573
|
+
<param pos="0" name="hw.vendor" value="Alpha Technologies"/>
|
3574
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
3575
|
+
<param pos="0" name="hw.product" value="Novus UPS"/>
|
3576
|
+
</fingerprint>
|
3577
|
+
|
3578
|
+
<fingerprint pattern="^Network Management Card$">
|
3579
|
+
<description>Eaton UPS Network Card</description>
|
3580
|
+
<example>Network Management Card</example>
|
3581
|
+
<param pos="0" name="hw.vendor" value="Eaton"/>
|
3582
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
3583
|
+
<param pos="0" name="hw.product" value="UPS"/>
|
3584
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
3585
|
+
</fingerprint>
|
3586
|
+
|
3587
|
+
<fingerprint pattern="^UPS Properties$">
|
3588
|
+
<description>APC UPS Network Card</description>
|
3589
|
+
<example>UPS Properties</example>
|
3590
|
+
<param pos="0" name="hw.vendor" value="APC"/>
|
3591
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
3592
|
+
<param pos="0" name="hw.product" value="UPS"/>
|
3593
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
3594
|
+
</fingerprint>
|
3595
|
+
|
3596
|
+
<fingerprint pattern="^HP ([\w ]+) PostScript">
|
3597
|
+
<description>HP Printer</description>
|
3598
|
+
<example hw.product="Designjet T1200">HP Designjet T1200 PostScript - Supplies</example>
|
3599
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
3600
|
+
<param pos="0" name="hw.family" value="JetDirect"/>
|
3601
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3602
|
+
<param pos="1" name="hw.product"/>
|
3603
|
+
</fingerprint>
|
3604
|
+
|
3605
|
+
<fingerprint pattern="^Radio Configuration/Diagnostic Utility$">
|
3606
|
+
<description>ProSoft RadioLinx</description>
|
3607
|
+
<example>Radio Configuration/Diagnostic Utility</example>
|
3608
|
+
<param pos="0" name="hw.vendor" value="ProSoft Technology"/>
|
3609
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
3610
|
+
<param pos="0" name="hw.product" value="RadioLinx"/>
|
3611
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
3612
|
+
</fingerprint>
|
3613
|
+
|
3614
|
+
<fingerprint pattern="^Welcome to ntopng$">
|
3615
|
+
<description>ntopng Network Analysis Application</description>
|
3616
|
+
<example>Welcome to ntopng</example>
|
3617
|
+
<param pos="0" name="service.vendor" value="ntop"/>
|
3618
|
+
<param pos="0" name="service.product" value="ntopng"/>
|
3619
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:ntop:ntopng:-"/>
|
3620
|
+
</fingerprint>
|
3621
|
+
|
3622
|
+
<fingerprint pattern="^FreeNAS$">
|
3623
|
+
<description>iXsystems FreeNAS</description>
|
3624
|
+
<example>FreeNAS</example>
|
3625
|
+
<param pos="0" name="service.vendor" value="iXsystems"/>
|
3626
|
+
<param pos="0" name="service.product" value="FreeNAS"/>
|
3627
|
+
<param pos="0" name="os.vendor" value="iXsystems"/>
|
3628
|
+
<param pos="0" name="os.family" value="FreeBSD"/>
|
3629
|
+
<param pos="0" name="os.product" value="FreeNAS Firmware"/>
|
3630
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:ixsystems:freenas_firmware:-"/>
|
3631
|
+
</fingerprint>
|
3632
|
+
|
3633
|
+
<fingerprint pattern="^Xerox (.{1,1000}) - \d+\.\d+\.\d+\.\d+$">
|
3634
|
+
<description>Xerox Color Printer</description>
|
3635
|
+
<example hw.product="Color 570">Xerox Color 570 - 100.100.100.101</example>
|
3636
|
+
<param pos="0" name="hw.vendor" value="Xerox"/>
|
3637
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3638
|
+
<param pos="1" name="hw.product"/>
|
3639
|
+
</fingerprint>
|
3640
|
+
|
3641
|
+
<fingerprint pattern="^Web Smart Switch$">
|
3642
|
+
<description>3Com Switch</description>
|
3643
|
+
<example>Web Smart Switch</example>
|
3644
|
+
<param pos="0" name="hw.vendor" value="3Com"/>
|
3645
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
3646
|
+
</fingerprint>
|
3647
|
+
|
3648
|
+
<fingerprint pattern="^(Quantum) - (Scalar i\d+) Login Screen$">
|
3649
|
+
<description>Quantum Scalar Tape Library</description>
|
3650
|
+
<example hw.vendor="Quantum" hw.product="Scalar i80">Quantum - Scalar i80 Login Screen</example>
|
3651
|
+
<param pos="0" name="hw.device" value="Tape Library"/>
|
3652
|
+
<param pos="1" name="hw.vendor"/>
|
3653
|
+
<param pos="2" name="hw.product"/>
|
3654
|
+
</fingerprint>
|
3655
|
+
|
3656
|
+
<fingerprint pattern="^Printer Administration$">
|
3657
|
+
<description>Weidmüller Printer</description>
|
3658
|
+
<example>Printer Administration</example>
|
3659
|
+
<param pos="0" name="hw.vendor" value="Weidmüller"/>
|
3660
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3661
|
+
</fingerprint>
|
3662
|
+
|
3663
|
+
<fingerprint pattern="^Machine Identification - (MX-\S+)$">
|
3664
|
+
<description>Sharp MX Printer</description>
|
3665
|
+
<example hw.product="MX-3071">Machine Identification - MX-3071</example>
|
3666
|
+
<param pos="0" name="hw.vendor" value="Sharp"/>
|
3667
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3668
|
+
<param pos="1" name="hw.product"/>
|
3669
|
+
</fingerprint>
|
3670
|
+
|
3671
|
+
<fingerprint pattern="^Remote UI: Login: (MF\S+):">
|
3672
|
+
<description>Canon MF Printer</description>
|
3673
|
+
<example hw.product="MF632C/634C">Remote UI: Login: MF632C/634C: MF632C/634C</example>
|
3674
|
+
<param pos="0" name="hw.vendor" value="Canon"/>
|
3675
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3676
|
+
<param pos="1" name="hw.product"/>
|
3677
|
+
<param pos="0" name="hw.certainty" value="0.8"/>
|
3678
|
+
</fingerprint>
|
3679
|
+
|
3680
|
+
<fingerprint pattern="^Network Video Recorder Login$">
|
3681
|
+
<description>Nuuo NVR</description>
|
3682
|
+
<example>Network Video Recorder Login</example>
|
3683
|
+
<param pos="0" name="hw.vendor" value="Nuuo"/>
|
3684
|
+
<param pos="0" name="hw.device" value="DVR"/>
|
3685
|
+
</fingerprint>
|
3686
|
+
|
3687
|
+
<fingerprint pattern="^Evolis Printer$">
|
3688
|
+
<description>Evolis Printer</description>
|
3689
|
+
<example>Evolis Printer</example>
|
3690
|
+
<param pos="0" name="hw.vendor" value="Evolis"/>
|
3691
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
3692
|
+
</fingerprint>
|
3693
|
+
|
3694
|
+
<fingerprint pattern="^WyzeOutdoorPlug - ">
|
3695
|
+
<description>Wyze Plug Outdoor</description>
|
3696
|
+
<example>WyzeOutdoorPlug - Main Menu</example>
|
3697
|
+
<param pos="0" name="hw.vendor" value="Wyze"/>
|
3698
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3699
|
+
<param pos="0" name="hw.product" value="Plug Outdoor"/>
|
3700
|
+
</fingerprint>
|
3701
|
+
|
3702
|
+
<fingerprint pattern="^Aptinex IOT Relay Module - (\d+ Channel) (Rev\S+)?">
|
3703
|
+
<description>Aptinex Relay Controller</description>
|
3704
|
+
<example aptinex.model="4 Channel" os.version="Rev1.1">Aptinex IOT Relay Module - 4 Channel Rev1.1</example>
|
3705
|
+
<param pos="0" name="os.vendor" value="Aptinex"/>
|
3706
|
+
<param pos="0" name="hw.vendor" value="Aptinex"/>
|
3707
|
+
<param pos="0" name="hw.device" value="Relay Controller"/>
|
3708
|
+
<param pos="0" name="hw.product" value="{aptinex.model} Relay Controller"/>
|
3709
|
+
<param pos="1" name="aptinex.model"/>
|
3710
|
+
<param pos="2" name="os.version"/>
|
3711
|
+
</fingerprint>
|
3712
|
+
|
3713
|
+
<fingerprint pattern="^Diagnoser - Bobcatminer Diagnostic Dashboard$">
|
3714
|
+
<description>Bobcat Helium Miner</description>
|
3715
|
+
<example>Diagnoser - Bobcatminer Diagnostic Dashboard</example>
|
3716
|
+
<param pos="0" name="hw.vendor" value="Bobcat"/>
|
3717
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3718
|
+
<param pos="0" name="hw.product" value="Helium Miner"/>
|
3719
|
+
</fingerprint>
|
3720
|
+
|
3721
|
+
<fingerprint pattern="^LORIX Manager$">
|
3722
|
+
<description>Wifx LORIX One</description>
|
3723
|
+
<example>LORIX Manager</example>
|
3724
|
+
<param pos="0" name="os.vendor" value="Wifx"/>
|
3725
|
+
<param pos="0" name="os.product" value="LORIX OS"/>
|
3726
|
+
<param pos="0" name="hw.vendor" value="Wifx"/>
|
3727
|
+
<param pos="0" name="hw.device" value="Device"/>
|
3728
|
+
<param pos="0" name="hw.product" value="LORIX ONE"/>
|
3729
|
+
</fingerprint>
|
3730
|
+
|
3731
|
+
<fingerprint pattern="^ETERNUS$">
|
3732
|
+
<description>Fujitsu ETERNUS Storage Appliance</description>
|
3733
|
+
<example>ETERNUS</example>
|
3734
|
+
<param pos="0" name="hw.vendor" value="Fujitsu"/>
|
3735
|
+
<param pos="0" name="hw.device" value="Storage Appliance"/>
|
3736
|
+
<param pos="0" name="hw.product" value="Eternus"/>
|
3737
|
+
</fingerprint>
|
3738
|
+
|
3739
|
+
<fingerprint pattern="^Covenant - Login$">
|
3740
|
+
<description>Covenant .NET C2 framework</description>
|
3741
|
+
<example>Covenant - Login</example>
|
3742
|
+
<param pos="0" name="service.product" value="Covenant"/>
|
3743
|
+
</fingerprint>
|
3744
|
+
|
3745
|
+
<fingerprint pattern="^Login \| CALDERA$">
|
3746
|
+
<description>MITRE CALDERA C2 framework</description>
|
3747
|
+
<example>Login | CALDERA</example>
|
3748
|
+
<param pos="0" name="service.vendor" value="MITRE"/>
|
3749
|
+
<param pos="0" name="service.product" value="CALDERA"/>
|
3750
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:mitre:caldera:-"/>
|
3751
|
+
</fingerprint>
|
3752
|
+
|
3753
|
+
<fingerprint pattern="(?:(\S{1,512}):\d{1,5} / \S{1,512} \| )?phpMyAdmin(?: ([\d.]+(?:-[a-zA-Z0-9]+)?(?:\+\d{8}\.[a-f0-9]{4,40})?))?">
|
3754
|
+
<description>phpMyAdmin web interface for MySQL and MariaDB</description>
|
3755
|
+
<example>phpMyAdmin</example>
|
3756
|
+
<example service.version="2.10.0.2">phpMyAdmin 2.10.0.2</example>
|
3757
|
+
<example service.version="5.0.0-rc1">phpMyAdmin 5.0.0-rc1</example>
|
3758
|
+
<example service.version="5.3.0-dev">phpMyAdmin 5.3.0-dev</example>
|
3759
|
+
<example host.name="10.10.10.10" service.version="5.0.4">10.10.10.10:8080 / db.foo.bar | phpMyAdmin 5.0.4</example>
|
3760
|
+
<example host.name="localhost" service.version="5.3.0-dev+20220208.47252f9cf8">localhost:8080 / mysql-server | phpMyAdmin 5.3.0-dev+20220208.47252f9cf8</example>
|
3761
|
+
<example host.name="[::ffff:10.10.10.10]" service.version="5.3.0-dev+20220208.47252f9cf8">[::ffff:10.10.10.10]:8080 / mysql-server | phpMyAdmin 5.3.0-dev+20220208.47252f9cf8</example>
|
3762
|
+
<param pos="0" name="service.vendor" value="phpMyAdmin"/>
|
3763
|
+
<param pos="0" name="service.product" value="phpMyAdmin"/>
|
3764
|
+
<param pos="1" name="host.name"/>
|
3765
|
+
<param pos="2" name="service.version"/>
|
3766
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:phpmyadmin:phpmyadmin:{service.version}"/>
|
3767
|
+
</fingerprint>
|
3768
|
+
|
3769
|
+
<fingerprint pattern="^Login - Adminer$">
|
3770
|
+
<description>Adminer database management tool</description>
|
3771
|
+
<example>Login - Adminer</example>
|
3772
|
+
<param pos="0" name="service.vendor" value="Adminer"/>
|
3773
|
+
<param pos="0" name="service.product" value="Adminer"/>
|
3774
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:adminer:adminer:-"/>
|
3775
|
+
</fingerprint>
|
3776
|
+
|
3777
|
+
<fingerprint pattern="^Home - Mongo Express$">
|
3778
|
+
<description>mongo-express web-based MongoDB admin interface</description>
|
3779
|
+
<example>Home - Mongo Express</example>
|
3780
|
+
<param pos="0" name="service.vendor" value="mongo-express Project"/>
|
3781
|
+
<param pos="0" name="service.product" value="mongo-express"/>
|
3782
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:mongo-express_project:mongo-express:-"/>
|
3783
|
+
</fingerprint>
|
3784
|
+
|
3785
|
+
<fingerprint pattern="^Solr Admin$">
|
3786
|
+
<description>Apache Solr</description>
|
3787
|
+
<example>Solr Admin</example>
|
3788
|
+
<param pos="0" name="service.vendor" value="Apache"/>
|
3789
|
+
<param pos="0" name="service.product" value="Solr"/>
|
3790
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:apache:solr:-"/>
|
3791
|
+
</fingerprint>
|
3792
|
+
|
3793
|
+
<fingerprint pattern="^Spark (?:Master|Worker) at (?:spark:\/\/)?(\S{1,512}):\d{1,5}$">
|
3794
|
+
<description>Apache Spark</description>
|
3795
|
+
<example host.name="spark-master-0.foo.bar">Spark Master at spark://spark-master-0.foo.bar:7077</example>
|
3796
|
+
<example host.name="10.10.10.10">Spark Master at spark://10.10.10.10:7077</example>
|
3797
|
+
<example host.name="10.10.10.10">Spark Worker at 10.10.10.10:45339</example>
|
3798
|
+
<param pos="0" name="service.vendor" value="Apache"/>
|
3799
|
+
<param pos="0" name="service.product" value="Spark"/>
|
3800
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:apache:spark:-"/>
|
3801
|
+
<param pos="1" name="host.name"/>
|
3802
|
+
</fingerprint>
|
3803
|
+
|
3804
|
+
<fingerprint pattern="^pfSense - Login$">
|
3805
|
+
<description>pfSense Firewall</description>
|
3806
|
+
<example>pfSense - Login</example>
|
3807
|
+
<param pos="0" name="service.vendor" value="pfSense"/>
|
3808
|
+
<param pos="0" name="service.product" value="pfSense"/>
|
3809
|
+
<param pos="0" name="service.device" value="Firewall"/>
|
3810
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:pfsense:pfsense:-"/>
|
3811
|
+
<param pos="0" name="service.component.vendor" value="nginx"/>
|
3812
|
+
<param pos="0" name="service.component.product" value="nginx"/>
|
3813
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:f5:nginx:-"/>
|
3814
|
+
<param pos="0" name="os.vendor" value="pfSense"/>
|
3815
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
3816
|
+
</fingerprint>
|
3817
|
+
|
3818
|
+
<fingerprint pattern="^Netgate pfSense Plus - Login$">
|
3819
|
+
<description>pfSense Plus Firewall</description>
|
3820
|
+
<example>Netgate pfSense Plus - Login</example>
|
3821
|
+
<param pos="0" name="service.vendor" value="Netgate"/>
|
3822
|
+
<param pos="0" name="service.product" value="pfSense"/>
|
3823
|
+
<param pos="0" name="service.device" value="Firewall"/>
|
3824
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:netgate:pfsense:-"/>
|
3825
|
+
<param pos="0" name="service.component.vendor" value="nginx"/>
|
3826
|
+
<param pos="0" name="service.component.product" value="nginx"/>
|
3827
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:f5:nginx:-"/>
|
3828
|
+
<param pos="0" name="os.vendor" value="pfSense"/>
|
3829
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
3830
|
+
</fingerprint>
|
3831
|
+
|
3832
|
+
<fingerprint pattern="^Vigor Login Page$">
|
3833
|
+
<description>DrayTek Vigor network equipment - without model or version</description>
|
3834
|
+
<example>Vigor Login Page</example>
|
3835
|
+
<param pos="0" name="os.vendor" value="DrayTek"/>
|
3836
|
+
<param pos="0" name="os.family" value="Vigor"/>
|
3837
|
+
<param pos="0" name="hw.vendor" value="DrayTek"/>
|
3838
|
+
<param pos="0" name="hw.family" value="Vigor"/>
|
3839
|
+
</fingerprint>
|
3840
|
+
|
3841
|
+
<!-- Specific Eltex fingerprints to enable CPE generation -->
|
3842
|
+
|
3843
|
+
<fingerprint pattern="^Eltex - NTP-RG-1402G$">
|
3844
|
+
<description>Eltex - NTP-RG-1402G broadband router</description>
|
3845
|
+
<example>Eltex - NTP-RG-1402G</example>
|
3846
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
3847
|
+
<param pos="0" name="os.product" value="NTP-RG-1402G Firmware"/>
|
3848
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
3849
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:eltex-co:ntp-rg-1402g_firmware:-"/>
|
3850
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
3851
|
+
<param pos="0" name="hw.product" value="NTP-RG-1402G"/>
|
3852
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
3853
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:eltex-co:ntp-rg-1402g:-"/>
|
3854
|
+
</fingerprint>
|
3855
|
+
|
3856
|
+
<fingerprint pattern="^Eltex - NTP-2$">
|
3857
|
+
<description>Eltex - NTP-2 broadband router</description>
|
3858
|
+
<example>Eltex - NTP-2</example>
|
3859
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
3860
|
+
<param pos="0" name="os.product" value="NTP-2 Firmware"/>
|
3861
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
3862
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:eltex-co:ntp-2_firmware:-"/>
|
3863
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
3864
|
+
<param pos="0" name="hw.product" value="NTP-2"/>
|
3865
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
3866
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:eltex-co:ntp-2:-"/>
|
3867
|
+
</fingerprint>
|
3868
|
+
|
3869
|
+
<!-- General Eltex fingerprints -->
|
3870
|
+
|
3871
|
+
<fingerprint pattern="^Eltex - (NT[PU]-RG-\d[\w-]+):?(:?rev\.\w\w?)?$">
|
3872
|
+
<description>Eltex RG model ONT class broadband router</description>
|
3873
|
+
<example hw.product="NTU-RG-1402G-W">Eltex - NTU-RG-1402G-W</example>
|
3874
|
+
<example hw.product="NTU-RG-1421G-Wac" hw.version="rev.A1">Eltex - NTU-RG-1421G-Wac:rev.A1</example>
|
3875
|
+
<example hw.product="NTP-RG-1402G-W" hw.version="rev.C">Eltex - NTP-RG-1402G-W:rev.C</example>
|
3876
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
3877
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
3878
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
3879
|
+
<param pos="1" name="hw.product"/>
|
3880
|
+
<param pos="2" name="hw.version"/>
|
3881
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
3882
|
+
</fingerprint>
|
3883
|
+
|
3884
|
+
<fingerprint pattern="^Eltex - (NT[PU]-2\w\w?)$">
|
3885
|
+
<description>Eltex - NTP / NTU model broadband router</description>
|
3886
|
+
<example hw.product="NTU-2V">Eltex - NTU-2V</example>
|
3887
|
+
<example hw.product="NTU-2VC">Eltex - NTU-2VC</example>
|
3888
|
+
<example hw.product="NTP-2C">Eltex - NTP-2C</example>
|
3889
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
3890
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
3891
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
3892
|
+
<param pos="1" name="hw.product"/>
|
3893
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
3894
|
+
</fingerprint>
|
3895
|
+
|
3226
3896
|
</fingerprints>
|