RubyGems - recog - Versions diffs - 2.3.20 → 2.3.23 - Mend

recog 2.3.20 → 2.3.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +8 -0
data/.github/workflows/ci.yml +1 -1
data/.github/workflows/verify.yml +89 -0
data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
data/.vscode/extensions.json +5 -0
data/.vscode/settings.json +8 -0
data/.vscode/tasks.json +77 -0
data/CONTRIBUTING.md +8 -0
data/README.md +17 -0
data/bin/recog_standardize +28 -13
data/bin/recog_verify +42 -8
data/cpe-remap.yaml +62 -3
data/features/data/schema_failure.xml +4 -0
data/features/data/tests_with_failures.xml +6 -0
data/features/support/hooks.rb +9 -0
data/features/verify.feature +85 -21
data/identifiers/fields.txt +6 -5
data/identifiers/hw_device.txt +8 -0
data/identifiers/hw_family.txt +8 -0
data/identifiers/hw_product.txt +54 -0
data/identifiers/os_device.txt +2 -0
data/identifiers/os_family.txt +2 -0
data/identifiers/os_product.txt +18 -2
data/identifiers/service_product.txt +26 -0
data/identifiers/vendor.txt +62 -1
data/lib/recog/db.rb +2 -1
data/lib/recog/fingerprint.rb +33 -6
data/lib/recog/fingerprint_parse_error.rb +10 -0
data/lib/recog/nizer.rb +1 -82
data/lib/recog/verifier.rb +9 -9
data/lib/recog/verify_reporter.rb +17 -6
data/lib/recog/version.rb +1 -1
data/requirements.txt +1 -1
data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
data/spec/data/external_example_fingerprint.xml +8 -0
data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
data/spec/lib/fingerprint_self_test_spec.rb +1 -0
data/spec/lib/recog/db_spec.rb +84 -61
data/spec/lib/recog/fingerprint_spec.rb +4 -4
data/spec/lib/recog/verify_reporter_spec.rb +73 -4
data/tools/dev/hooks/pre-commit +21 -0
data/update_cpes.py +130 -37
data/xml/apache_os.xml +98 -56
data/xml/architecture.xml +15 -1
data/xml/dhcp_vendor_class.xml +206 -0
data/xml/dns_versionbind.xml +26 -13
data/xml/favicons.xml +236 -47
data/xml/fingerprints.xsd +9 -1
data/xml/ftp_banners.xml +213 -197
data/xml/h323_callresp.xml +101 -101
data/xml/hp_pjl_id.xml +84 -84
data/xml/html_title.xml +715 -45
data/xml/http_cookies.xml +143 -80
data/xml/http_servers.xml +510 -310
data/xml/http_wwwauth.xml +177 -75
data/xml/imap_banners.xml +10 -10
data/xml/mdns_device-info_txt.xml +421 -26
data/xml/mysql_banners.xml +3 -2
data/xml/nntp_banners.xml +12 -9
data/xml/ntp_banners.xml +97 -97
data/xml/operating_system.xml +98 -83
data/xml/pop_banners.xml +27 -27
data/xml/rsh_resp.xml +3 -3
data/xml/sip_banners.xml +46 -8
data/xml/sip_user_agents.xml +180 -27
data/xml/smb_native_lm.xml +5 -5
data/xml/smb_native_os.xml +28 -25
data/xml/smtp_banners.xml +258 -254
data/xml/smtp_ehlo.xml +1 -1
data/xml/smtp_help.xml +11 -11
data/xml/smtp_noop.xml +2 -2
data/xml/snmp_sysdescr.xml +1554 -1429
data/xml/snmp_sysobjid.xml +27 -27
data/xml/ssh_banners.xml +27 -20
data/xml/telnet_banners.xml +256 -57
data/xml/tls_jarm.xml +48 -6
data/xml/x11_banners.xml +3 -3
data/xml/x509_issuers.xml +69 -2
data/xml/x509_subjects.xml +144 -33
metadata +24 -4
data/lib/recog/verifier_factory.rb +0 -13

data/xml/mysql_banners.xml CHANGED Viewed

@@ -1354,9 +1354,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
   </fingerprint>
-  <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4})-MariaDB-\d\:.*\+maria\~focal$" flags="REG_ICASE">
+  <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4})-MariaDB-\d\:.*\+maria\~focal(?:-log)?$" flags="REG_ICASE">
     <description>MariaDB MariaDB on Ubuntu 20.04 (Focal Fossa)</description>
     <example service.version="10.5.2">5.5.5-10.5.2-MariaDB-1:10.5.2+maria~focal</example>
+    <example service.version="10.1.1">5.5.5-10.1.1-MariaDB-1:10.1.1+maria~focal-log</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="MariaDB"/>
     <param pos="0" name="service.family" value="MySQL"/>
@@ -1384,7 +1385,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
   </fingerprint>
-  <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4}(?:\-\d)?)-MariaDB-alt\d{1,2}(?:-log)?.*$" flags="REG_ICASE">
+  <fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4}(?:\-\d)?)-MariaDB-alt\d{1,2}(?:-log)?" flags="REG_ICASE">
     <description>MariaDB MariaDB on a ALT Linux</description>
     <example service.version="10.1.29">5.5.5-10.1.29-MariaDB-alt1.M80P.1</example>
     <example service.version="10.2.15">5.5.5-10.2.15-MariaDB-alt2.M80P.3.S1</example>

data/xml/nntp_banners.xml CHANGED Viewed

@@ -13,7 +13,7 @@
     <param pos="0" name="service.product" value="CCProxy"/>
   </fingerprint>
-  <fingerprint pattern="^(\S+) Lyris ListManager NNTP Service ready">
+  <fingerprint pattern="^(\S{1,512}) Lyris ListManager NNTP Service ready">
     <description>Lyris Listmanager</description>
     <example host.name="blah">blah Lyris ListManager NNTP Service ready (posting ok).</example>
     <param pos="0" name="service.vendor" value="Lyris"/>
@@ -22,10 +22,10 @@
     <param pos="1" name="host.name"/>
   </fingerprint>
-  <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+) .*$">
+  <fingerprint pattern="^NNTP Service (?:.*) Version: (5.0.2195.[0-9]+)">
     <description>Microsoft IIS NNTP Server on Windows 2000</description>
-    <example>NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
-    <example>NNTP Service 5.00.0984 Version: 5.0.2195.5329 Posting Allowed</example>
+    <example service.version="5.0.2195.7034" ms.nttp.version="5.0.2195.7034">NNTP Service 5.00.0984 Version: 5.0.2195.7034 Posting Allowed</example>
+    <example service.version="5.0.2195.5329" ms.nttp.version="5.0.2195.5329">NNTP Service 5.00.0984 Version: 5.0.2195.5329 Posting Allowed</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.product" value="IIS"/>
     <param pos="0" name="service.family" value="IIS"/>
@@ -38,10 +38,10 @@
     <param pos="1" name="ms.nttp.version"/>
   </fingerprint>
-  <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+) .*$">
+  <fingerprint pattern="^NNTP Service (?:.*) Version: (6.0.3790.[0-9]+)">
     <description>Microsoft IIS NNTP Server on Windows Server 2003</description>
-    <example>NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
-    <example>NNTP Service 6.0.3790.206 Version: 6.0.3790.206 Posting Allowed</example>
+    <example service.version="6.0.3790.3959" ms.nttp.version="6.0.3790.3959">NNTP Service 6.0.3790.3959 Version: 6.0.3790.3959 Posting Allowed</example>
+    <example service.version="6.0.3790.206" ms.nttp.version="6.0.3790.206">NNTP Service 6.0.3790.206 Version: 6.0.3790.206 Posting Allowed</example>
     <param pos="0" name="service.vendor" value="Microsoft"/>
     <param pos="0" name="service.product" value="IIS"/>
     <param pos="0" name="service.family" value="IIS"/>
@@ -54,7 +54,7 @@
     <param pos="1" name="ms.nttp.version"/>
   </fingerprint>
-  <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+) .*$">
+  <fingerprint pattern="^NNTP Service Microsoft. Internet Services (?:.*) Version: (?:[^ ]+)">
     <description>Older Microsoft IIS NNTP Servers</description>
     <example>NNTP Service Microsoft. Internet Services 5.00 Version: 5.0.2068.0 Posting Allowed</example>
     <example>NNTP Service Microsoft. Internet Services 5.00.7515. Version: 5.0.0.7515 Posting Allowed</example>
@@ -82,9 +82,12 @@
   </fingerprint>
   <fingerprint pattern="^NNTP server ready(?: \(no posting\))?$">
-    <description>Non-specific NNTP</description>
+    <description>Non-specific NNTP -- assert nothing</description>
     <example>NNTP server ready (no posting)</example>
     <example>NNTP server ready</example>
+    <param pos="0" name="hw.certainty" value="0.0"/>
+    <param pos="0" name="os.certainty" value="0.0"/>
+    <param pos="0" name="service.certainty" value="0.0"/>
   </fingerprint>
 </fingerprints>