recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/pop_banners.xml
CHANGED
@@ -5,7 +5,7 @@
|
|
5
5
|
matched against these patterns to fingerprint POP3 servers.
|
6
6
|
-->
|
7
7
|
|
8
|
-
<fingerprint pattern="^([^ ]
|
8
|
+
<fingerprint pattern="^([^ ]{1,512}) +Cyrus POP3 v(\d+\.\d+.*)-OS X(?: Server)? ([\d\.]+).* server ready">
|
9
9
|
<description>OSX Cyrus POP</description>
|
10
10
|
<example host.domain="8.8.8.8" service.version="2.3.8" os.version="10.5">8.8.8.8 Cyrus POP3 v2.3.8-OS X Server 10.5: 9A562 server ready <1999107648.1324502155@8.8.8.8></example>
|
11
11
|
<param pos="0" name="service.vendor" value="Carnegie Mellon University"/>
|
@@ -20,7 +20,7 @@
|
|
20
20
|
<param pos="1" name="host.domain"/>
|
21
21
|
</fingerprint>
|
22
22
|
|
23
|
-
<fingerprint pattern="^([^ ]
|
23
|
+
<fingerprint pattern="^([^ ]{1,512}) +Cyrus POP3 v([\d\.]+)">
|
24
24
|
<description>CMU Cyrus POP</description>
|
25
25
|
<example host.domain="foo" service.version="2.3">foo Cyrus POP3 v2.3</example>
|
26
26
|
<example host.domain="foo" service.version="2.3.14">foo Cyrus POP3 v2.3.14 server ready <13087751828270990591.1301068892@foo></example>
|
@@ -31,7 +31,7 @@
|
|
31
31
|
<param pos="1" name="host.domain"/>
|
32
32
|
</fingerprint>
|
33
33
|
|
34
|
-
<fingerprint pattern="^Lotus Notes POP3 server version X[^ ]+ ready on
|
34
|
+
<fingerprint pattern="^Lotus Notes POP3 server version X[^ ]+ ready on">
|
35
35
|
<description>IBM Lotus Notes/Domino</description>
|
36
36
|
<example>Lotus Notes POP3 server version X2.0 ready on foo/bar.</example>
|
37
37
|
<param pos="0" name="service.vendor" value="IBM"/>
|
@@ -40,7 +40,7 @@
|
|
40
40
|
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:-"/>
|
41
41
|
</fingerprint>
|
42
42
|
|
43
|
-
<fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on
|
43
|
+
<fingerprint pattern="^Lotus Notes POP3 server version Release ([^ ]+) ready on">
|
44
44
|
<description>IBM Lotus Notes/Domino - Release variant</description>
|
45
45
|
<example service.version="8.5.1FP5">Lotus Notes POP3 server version Release 8.5.1FP5 ready on foo/US.</example>
|
46
46
|
<param pos="0" name="service.vendor" value="IBM"/>
|
@@ -50,9 +50,9 @@
|
|
50
50
|
<param pos="0" name="service.cpe23" value="cpe:/a:ibm:lotus_domino:{service.version}"/>
|
51
51
|
</fingerprint>
|
52
52
|
|
53
|
-
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting
|
53
|
+
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+), modified by Sphera Technologies\) at (.+) starting\.">
|
54
54
|
<description>Qpopper with Sphera mods</description>
|
55
|
-
<example>Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting. <xxx@domain></example>
|
55
|
+
<example service.version="4.0.3" host.domain="domain">Qpopper (version 4.0.3, modified by Sphera Technologies) at domain starting. <xxx@domain></example>
|
56
56
|
<param pos="0" name="service.vendor" value="Sphera"/>
|
57
57
|
<param pos="0" name="service.family" value="Qpopper"/>
|
58
58
|
<param pos="0" name="service.product" value="Qpopper"/>
|
@@ -60,9 +60,9 @@
|
|
60
60
|
<param pos="2" name="host.domain"/>
|
61
61
|
</fingerprint>
|
62
62
|
|
63
|
-
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting
|
63
|
+
<fingerprint pattern="^Qpopper \(version (\d+\.\d+\.\d+)-mysql-(.+)\) at (.+) starting\.">
|
64
64
|
<description>Qpopper with MySQL auth module</description>
|
65
|
-
<example>Qpopper (version 4.0.3-mysql-0.13) at domain starting. <xxx@domain></example>
|
65
|
+
<example service.version="4.0.3" service.component.version="0.13" host.domain="domain">Qpopper (version 4.0.3-mysql-0.13) at domain starting. <xxx@domain></example>
|
66
66
|
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
67
67
|
<param pos="0" name="service.family" value="Qpopper"/>
|
68
68
|
<param pos="0" name="service.product" value="Qpopper"/>
|
@@ -73,11 +73,11 @@
|
|
73
73
|
<param pos="3" name="host.domain"/>
|
74
74
|
</fingerprint>
|
75
75
|
|
76
|
-
<fingerprint pattern="(?i)^Qpop(?:per)? \(version ([\d\.]+)\) at (
|
76
|
+
<fingerprint pattern="(?i)^Qpop(?:per)? \(version ([\d\.]+)\) at (\S{1,512})(?: starting\.)?">
|
77
77
|
<description>Qpopper missing version info</description>
|
78
|
-
<example>Qpopper (version 4.0.16) at foo.example.com</example>
|
79
|
-
<example>QPOP (version 2.53) at domain starting. <xxx@domain></example>
|
80
|
-
<example>Qpopper (version 4.0.3) at domain starting. <xxx@domain></example>
|
78
|
+
<example service.version="4.0.16" host.domain="foo.example.com">Qpopper (version 4.0.16) at foo.example.com</example>
|
79
|
+
<example service.version="2.53" host.domain="domain">QPOP (version 2.53) at domain starting. <xxx@domain></example>
|
80
|
+
<example service.version="4.0.3" host.domain="domain">Qpopper (version 4.0.3) at domain starting. <xxx@domain></example>
|
81
81
|
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
82
82
|
<param pos="0" name="service.family" value="Qpopper"/>
|
83
83
|
<param pos="0" name="service.product" value="Qpopper"/>
|
@@ -85,9 +85,9 @@
|
|
85
85
|
<param pos="2" name="host.domain"/>
|
86
86
|
</fingerprint>
|
87
87
|
|
88
|
-
<fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting
|
88
|
+
<fingerprint pattern="^QPOP \(version (.*)\) at (.+) starting\.">
|
89
89
|
<description>Qpopper with missing version info</description>
|
90
|
-
<example>QPOP (version ?) at domain starting. <xxx@domain></example>
|
90
|
+
<example qpopper.version="?" host.domain="domain">QPOP (version ?) at domain starting. <xxx@domain></example>
|
91
91
|
<param pos="0" name="service.vendor" value="Qualcomm"/>
|
92
92
|
<param pos="0" name="service.family" value="Qpopper"/>
|
93
93
|
<param pos="0" name="service.product" value="Qpopper"/>
|
@@ -97,7 +97,7 @@
|
|
97
97
|
|
98
98
|
<fingerprint pattern="^Microsoft Exchange Server 2003 POP3 server version (\d+\.\d+\.\d+\.\d+) (.+) ready.$">
|
99
99
|
<description>Microsoft Exchange Server 2003</description>
|
100
|
-
<example>Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
|
100
|
+
<example service.version="6.5.6944.0" host.name="(host)">Microsoft Exchange Server 2003 POP3 server version 6.5.6944.0 (host) ready.</example>
|
101
101
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
102
102
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
103
103
|
<param pos="0" name="service.product" value="Exchange 2003 Server"/>
|
@@ -110,9 +110,9 @@
|
|
110
110
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
111
111
|
</fingerprint>
|
112
112
|
|
113
|
-
<fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) (
|
113
|
+
<fingerprint pattern="^Microsoft Exchange 2000 POP3 server version (\d+\.\d+\.\d+\.\d+) \((\S{1,512})\) ready\.$">
|
114
114
|
<description>Microsoft Exchange Server 2000</description>
|
115
|
-
<example>Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
|
115
|
+
<example service.version="6.0.6603.0" host.name="host">Microsoft Exchange 2000 POP3 server version 6.0.6603.0 (host) ready.</example>
|
116
116
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
117
117
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
118
118
|
<param pos="0" name="service.product" value="Exchange 2000 Server"/>
|
@@ -127,7 +127,7 @@
|
|
127
127
|
|
128
128
|
<fingerprint pattern="^Microsoft Exchange POP3 server version (\d+\.\d+\.\d+\.\d+) ready$">
|
129
129
|
<description>Microsoft Exchange Server</description>
|
130
|
-
<example>Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
|
130
|
+
<example service.version="5.5.2654.50">Microsoft Exchange POP3 server version 5.5.2654.50 ready</example>
|
131
131
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
132
132
|
<param pos="0" name="service.family" value="Exchange Server"/>
|
133
133
|
<param pos="0" name="service.product" value="Exchange Server"/>
|
@@ -141,7 +141,7 @@
|
|
141
141
|
|
142
142
|
<fingerprint pattern="^Microsoft Windows POP3 Service Version 1.0 <.+@(.+)> ready.$">
|
143
143
|
<description>Microsoft POP3 Services on Windows 2003</description>
|
144
|
-
<example>Microsoft Windows POP3 Service Version 1.0 <xxx@host> ready.</example>
|
144
|
+
<example host.name="host">Microsoft Windows POP3 Service Version 1.0 <xxx@host> ready.</example>
|
145
145
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
146
146
|
<param pos="0" name="service.family" value="E-mail Services"/>
|
147
147
|
<param pos="0" name="service.product" value="E-mail Services"/>
|
@@ -229,7 +229,7 @@
|
|
229
229
|
<param pos="0" name="hw.product" value="Raspberry Pi"/>
|
230
230
|
</fingerprint>
|
231
231
|
|
232
|
-
<fingerprint pattern="^(\S
|
232
|
+
<fingerprint pattern="^(\S{1,512}) Zimbra POP3 server ready\.?$">
|
233
233
|
<description>VMware Zimbra POP</description>
|
234
234
|
<example host.name="foo.bar">foo.bar Zimbra POP3 server ready</example>
|
235
235
|
<param pos="0" name="service.vendor" value="VMware"/>
|
@@ -238,9 +238,9 @@
|
|
238
238
|
<param pos="1" name="host.name"/>
|
239
239
|
</fingerprint>
|
240
240
|
|
241
|
-
<fingerprint pattern="^(\S
|
241
|
+
<fingerprint pattern="^(\S{1,512}) Zimbra (\S+) POP3 server ready\.?$">
|
242
242
|
<description>VMware Zimbra POP with version</description>
|
243
|
-
<example host.name="foo.bar">foo.bar Zimbra 7.0.0_GA_3079 POP3 server ready</example>
|
243
|
+
<example host.name="foo.bar" service.version="7.0.0_GA_3079">foo.bar Zimbra 7.0.0_GA_3079 POP3 server ready</example>
|
244
244
|
<param pos="0" name="service.vendor" value="VMware"/>
|
245
245
|
<param pos="0" name="service.product" value="Zimbra"/>
|
246
246
|
<param pos="2" name="service.version"/>
|
@@ -250,15 +250,15 @@
|
|
250
250
|
|
251
251
|
<fingerprint pattern="^(?:S?POP3? server ready |Hello there.? )?<.*@([^>]+)>$">
|
252
252
|
<description>Generic masked POP3 server</description>
|
253
|
-
<example>POP3 server ready <58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com></example>
|
254
|
-
<example><84427.1298535083@foo.example.com></example>
|
253
|
+
<example host.name="foo.example.com">POP3 server ready <58c29ae4-7316-429e-8109-060444ab1a28@foo.example.com></example>
|
254
|
+
<example host.name="foo.example.com"><84427.1298535083@foo.example.com></example>
|
255
255
|
<param pos="1" name="host.name"/>
|
256
256
|
</fingerprint>
|
257
257
|
|
258
258
|
<fingerprint pattern="^ApplePasswordServer ([\d\.]+) password">
|
259
259
|
<description>Apple Open Directory</description>
|
260
|
-
<example>ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
|
261
|
-
<example>ApplePasswordServer 10.5.0.1 password serv</example>
|
260
|
+
<example os.version="10.6.0.0">ApplePasswordServer 10.6.0.0 password server at 10.2.90.228 ready.</example>
|
261
|
+
<example os.version="10.5.0.1">ApplePasswordServer 10.5.0.1 password serv</example>
|
262
262
|
<param pos="0" name="service.vendor" value="Apple"/>
|
263
263
|
<param pos="0" name="service.product" value="Open Directory"/>
|
264
264
|
<param pos="0" name="os.vendor" value="Apple"/>
|
@@ -269,7 +269,7 @@
|
|
269
269
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
270
270
|
</fingerprint>
|
271
271
|
|
272
|
-
<fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+),
|
272
|
+
<fingerprint pattern="^TCPIP POP server V\d\.\d\S-\S{3}, OpenVMS V(\d\.\d-\d)(?:\s+\S+)?\s+at\s+(\S+),">
|
273
273
|
<description>TCP/IP Services for OpenVMS POP server</description>
|
274
274
|
<example os.version="7.3-2" host.name="example.com">TCPIP POP server V5.4J-15A, OpenVMS V7.3-2 Alpha at example.com, up since 2015-02-12 08:44:53 20400434.2</example>
|
275
275
|
<param pos="0" name="service.family" value="OpenVMS"/>
|
data/xml/rsh_resp.xml
CHANGED
@@ -41,7 +41,7 @@
|
|
41
41
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:-"/>
|
42
42
|
</fingerprint>
|
43
43
|
|
44
|
-
<fingerprint pattern="^.rlogind: Host name for your address \([\d.]+\) unknown
|
44
|
+
<fingerprint pattern="^.rlogind: Host name for your address \([\d.]+\) unknown\." flags="REG_DOT_NEWLINE">
|
45
45
|
<description>A/UX rlogind</description>
|
46
46
|
<example>xrlogind: Host name for your address (127.0.0.1) unknown.
|
47
47
|
</example>
|
@@ -49,7 +49,7 @@
|
|
49
49
|
<param pos="0" name="os.family" value="A/UX"/>
|
50
50
|
</fingerprint>
|
51
51
|
|
52
|
-
<fingerprint pattern="^.rexecd: Login incorrect
|
52
|
+
<fingerprint pattern="^.rexecd: Login incorrect\." flags="REG_DOT_NEWLINE">
|
53
53
|
<description>HP-UX rexecd</description>
|
54
54
|
<example>xrexecd: Login incorrect.
|
55
55
|
</example>
|
@@ -59,7 +59,7 @@
|
|
59
59
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:hp-ux:-"/>
|
60
60
|
</fingerprint>
|
61
61
|
|
62
|
-
<fingerprint pattern="^.rexecd: [-\d]
|
62
|
+
<fingerprint pattern="^.rexecd: [-\d]+" flags="REG_DOT_NEWLINE">
|
63
63
|
<description>AIX rexecd</description>
|
64
64
|
<example>xrexecd: 0-1 The login is not correct.
|
65
65
|
</example>
|
data/xml/sip_banners.xml
CHANGED
@@ -62,7 +62,7 @@
|
|
62
62
|
|
63
63
|
<!-- The next few Linksys fingerprints could be merged but are split to enable CPEs -->
|
64
64
|
|
65
|
-
<fingerprint pattern="^(?:[\dA-F]
|
65
|
+
<fingerprint pattern="^(?:[\dA-F]{1,64} )?Linksys/RT31P2-([\d.]+)\(\w+\)$">
|
66
66
|
<description>Linksys RT31P2</description>
|
67
67
|
<example os.version="3.1.9">Linksys/RT31P2-3.1.9(LId)</example>
|
68
68
|
<example os.version="3.1.6">Linksys/RT31P2-3.1.6(LI)</example>
|
@@ -184,7 +184,7 @@
|
|
184
184
|
<description>Cisco/Tandberg TelePresence</description>
|
185
185
|
<example os.version="TC7.0.2.aecf2d9" tandberg.model="519" hw.product="TANDBERG/519">TANDBERG/519 (TC7.0.2.aecf2d9)</example>
|
186
186
|
<example os.version="X12.5.2" tandberg.model="4137" hw.product="TANDBERG/4137">TANDBERG/4137 (X12.5.2 (TEST SW))</example>
|
187
|
-
<example os.version="X8.2.1" hw.product="TANDBERG/4130">TANDBERG/4130 (X8.2.1)</example>
|
187
|
+
<example os.version="X8.2.1" hw.product="TANDBERG/4130" tandberg.model="4130">TANDBERG/4130 (X8.2.1)</example>
|
188
188
|
<example os.version="XC2.2.1-b2bua-1.0" hw.product="TANDBERG/4353" tandberg.model="4353">TANDBERG/4353 (XC2.2.1-b2bua-1.0)</example>
|
189
189
|
<example os.version="TC5.1.4.295090" hw.product="TANDBERG/516" tandberg.model="516">TANDBERG/516 (TC5.1.4.295090)</example>
|
190
190
|
<example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
|
@@ -312,9 +312,9 @@
|
|
312
312
|
|
313
313
|
<fingerprint pattern="^Grandstream (UCM6\d\d\d)V(\d\.\d\w) ([\d.]+)$">
|
314
314
|
<description>Grandstream UCM 6xxx series generic</description>
|
315
|
-
<example hw.product="UCM6102" os.version="1.0.6.10">Grandstream UCM6102V1.5A 1.0.6.10</example>
|
316
|
-
<example hw.product="UCM6302" hw.version="1.2B">Grandstream UCM6302V1.2B 1.0.3.10</example>
|
317
|
-
<example hw.product="UCM6510">Grandstream UCM6510V1.4B 1.0.14.23</example>
|
315
|
+
<example hw.product="UCM6102" os.version="1.0.6.10" hw.version="1.5A">Grandstream UCM6102V1.5A 1.0.6.10</example>
|
316
|
+
<example hw.product="UCM6302" hw.version="1.2B" os.version="1.0.3.10">Grandstream UCM6302V1.2B 1.0.3.10</example>
|
317
|
+
<example hw.product="UCM6510" os.version="1.0.14.23" hw.version="1.4B">Grandstream UCM6510V1.4B 1.0.14.23</example>
|
318
318
|
<param pos="0" name="os.vendor" value="Grandstream"/>
|
319
319
|
<param pos="3" name="os.version"/>
|
320
320
|
<param pos="0" name="os.device" value="SIP Gateway"/>
|
@@ -418,7 +418,7 @@
|
|
418
418
|
<param pos="1" name="hw.product"/>
|
419
419
|
</fingerprint>
|
420
420
|
|
421
|
-
<fingerprint pattern="^(?:Audiocodes-Sip-Gateway-)?(\S
|
421
|
+
<fingerprint pattern="^(?:Audiocodes-Sip-Gateway-)?(\S{1,64}) FX[A-Z_]+/v.(\S+)$">
|
422
422
|
<description>Audiocodes-Sip-Gateway</description>
|
423
423
|
<example hw.product="MP-124" os.version="6.00A.034.003">Audiocodes-Sip-Gateway-MP-124 FXS/v.6.00A.034.003</example>
|
424
424
|
<example hw.product="MP-124" os.version="6.60A.342.003">MP-124 FXS/v.6.60A.342.003</example>
|
@@ -575,7 +575,7 @@
|
|
575
575
|
<param pos="0" name="os.arch" value="ARM"/>
|
576
576
|
</fingerprint>
|
577
577
|
|
578
|
-
<fingerprint pattern="
|
578
|
+
<fingerprint pattern="(?i)^OpenSER \(([\d.]+)(?:-tls|-notls)? \(sh4/linux\)\)$">
|
579
579
|
<description>OpenSER OpenSER - Linux on Renesas SH4</description>
|
580
580
|
<example service.version="1.3.2">OpenSER (1.3.2-notls (sh4/linux))</example>
|
581
581
|
<param pos="0" name="service.vendor" value="OpenSER"/>
|
@@ -668,7 +668,7 @@
|
|
668
668
|
<description>Fortinet FortiVoice</description>
|
669
669
|
<example hw.product="200D">FortiVoice-200D</example>
|
670
670
|
<example hw.product="VM-Azure">FortiVoice-VM-Azure</example>
|
671
|
-
<example>FortiVoice-1000E</example>
|
671
|
+
<example hw.product="1000E">FortiVoice-1000E</example>
|
672
672
|
<param pos="0" name="service.vendor" value="Fortinet"/>
|
673
673
|
<param pos="0" name="service.product" value="FortiVoice"/>
|
674
674
|
<param pos="0" name="service.device" value="SIP Gateway"/>
|
@@ -689,4 +689,42 @@
|
|
689
689
|
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
690
690
|
</fingerprint>
|
691
691
|
|
692
|
+
<fingerprint pattern="^(OpenStage|OpenScape)_(\d+)_(V\d \S+) ">
|
693
|
+
<description>Unify OpenStage VoIP Phone 1</description>
|
694
|
+
<example hw.family="OpenStage" unify.model="40" os.version="V3 R5.13.0">OpenStage_40_V3 R5.13.0 SIP 190111</example>
|
695
|
+
<param pos="0" name="os.vendor" value="Unify"/>
|
696
|
+
<param pos="0" name="os.product" value="{hw.family} {unify.model} Firmware"/>
|
697
|
+
<param pos="0" name="hw.vendor" value="Unify"/>
|
698
|
+
<param pos="0" name="hw.product" value="{hw.family} {unify.model}"/>
|
699
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
700
|
+
<param pos="1" name="hw.family"/>
|
701
|
+
<param pos="2" name="unify.model"/>
|
702
|
+
<param pos="3" name="os.version"/>
|
703
|
+
</fingerprint>
|
704
|
+
|
705
|
+
<fingerprint pattern="^Desk_Phone_IP_(CP\d+[EXT]?)_(V\d \S+) ">
|
706
|
+
<description>Unify OpenStage VoIP Phone 2</description>
|
707
|
+
<example unify.model="CP200" os.version="V1 R6.14.0">Desk_Phone_IP_CP200_V1 R6.14.0 SIP 190802</example>
|
708
|
+
<example unify.model="CP400" os.version="V1 R6.14.0">Desk_Phone_IP_CP400_V1 R6.14.0 SIP 190802</example>
|
709
|
+
<example unify.model="CP600" os.version="V1 R6.14.0">Desk_Phone_IP_CP600_V1 R6.14.0 SIP 190802</example>
|
710
|
+
<param pos="0" name="os.vendor" value="Unify"/>
|
711
|
+
<param pos="0" name="hw.vendor" value="Unify"/>
|
712
|
+
<param pos="0" name="hw.family" value="OpenScape Desk Phone"/>
|
713
|
+
<param pos="0" name="hw.product" value="{hw.family} {unify.model}"/>
|
714
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
715
|
+
<param pos="1" name="unify.model"/>
|
716
|
+
<param pos="2" name="os.version"/>
|
717
|
+
</fingerprint>
|
718
|
+
|
719
|
+
<fingerprint pattern="^Eltex (ESR-\d\w{1,4})$">
|
720
|
+
<description>Eltex ESR model service gateway</description>
|
721
|
+
<example hw.product="ESR-12V">Eltex ESR-12V</example>
|
722
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
723
|
+
<param pos="0" name="os.device" value="Router"/>
|
724
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
725
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
726
|
+
<param pos="1" name="hw.product"/>
|
727
|
+
<param pos="0" name="hw.device" value="Router"/>
|
728
|
+
</fingerprint>
|
729
|
+
|
692
730
|
</fingerprints>
|
data/xml/sip_user_agents.xml
CHANGED
@@ -9,6 +9,9 @@
|
|
9
9
|
<fingerprint pattern="^SIP/2.0$">
|
10
10
|
<description>Generic SIP/2.0 response -- assert nothing.</description>
|
11
11
|
<example>SIP/2.0</example>
|
12
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
13
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
14
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
12
15
|
</fingerprint>
|
13
16
|
|
14
17
|
<fingerprint pattern="^TP-Link SIP Stack V1.0.0$">
|
@@ -25,7 +28,7 @@
|
|
25
28
|
|
26
29
|
<fingerprint pattern="^Home&Life HUB/([\d.]+)$">
|
27
30
|
<description>Zyxel home routers</description>
|
28
|
-
<example>Home&Life HUB/1.1.26.00</example>
|
31
|
+
<example os.version="1.1.26.00">Home&Life HUB/1.1.26.00</example>
|
29
32
|
<param pos="0" name="os.vendor" value="Zyxel"/>
|
30
33
|
<param pos="1" name="os.version"/>
|
31
34
|
<param pos="0" name="os.device" value="Router"/>
|
@@ -44,6 +47,7 @@
|
|
44
47
|
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
45
48
|
<param pos="0" name="hw.product" value="TG789vac"/>
|
46
49
|
<param pos="0" name="hw.device" value="Router"/>
|
50
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
47
51
|
</fingerprint>
|
48
52
|
|
49
53
|
<fingerprint pattern="^Technicolor / VANT-6$">
|
@@ -54,17 +58,18 @@
|
|
54
58
|
<param pos="0" name="hw.vendor" value="Technicolor"/>
|
55
59
|
<param pos="0" name="hw.product" value="TG789vac"/>
|
56
60
|
<param pos="0" name="hw.device" value="Router"/>
|
61
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:technicolor:tg789vac:-"/>
|
57
62
|
</fingerprint>
|
58
63
|
|
59
64
|
<fingerprint pattern="^(?:Technicolor|MediaAccess) (TG[\w]+) (?:v\d )?Build (\d+\.[\w.-]+)(?: CP\w+)?$">
|
60
65
|
<description>Technicolor TGxxx Router with build info</description>
|
61
66
|
<example hw.product="TG784n" os.version="10.2.1.O">Technicolor TG784n v3 Build 10.2.1.O</example>
|
62
67
|
<example hw.product="TG789vn" os.version="10.5.2.Z.EC">Technicolor TG789vn v3 Build 10.5.2.Z.EC</example>
|
63
|
-
<example>MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
68
|
+
<example os.version="10.5.8.Y.GX" hw.product="TG789vac">MediaAccess TG789vac v2 Build 10.5.8.Y.GX CP1916SAQHD</example>
|
64
69
|
<example hw.product="TG799vn" os.version="10.5.2.T.JF">Technicolor TG799vn v2 Build 10.5.2.T.JF</example>
|
65
70
|
<example hw.product="TG788vn" os.version="10.5.2.S.GD">MediaAccess TG788vn v2 Build 10.5.2.S.GD</example>
|
66
71
|
<example hw.product="TG799vac" os.version="17.2.0405-1021">MediaAccess TG799vac Build 17.2.0405-1021</example>
|
67
|
-
<example hw.product="TG389">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
72
|
+
<example hw.product="TG389" os.version="10.5.2.T.AQ">MediaAccess TG389 Build 10.5.2.T.AQ</example>
|
68
73
|
<param pos="0" name="os.vendor" value="Technicolor"/>
|
69
74
|
<param pos="0" name="os.device" value="Router"/>
|
70
75
|
<param pos="2" name="os.version"/>
|
@@ -117,13 +122,42 @@
|
|
117
122
|
|
118
123
|
<fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
|
119
124
|
<description>Cisco SIPGateway</description>
|
120
|
-
<example>Cisco-SIPGateway/IOS-12.x</example>
|
125
|
+
<example os.version="12.x">Cisco-SIPGateway/IOS-12.x</example>
|
121
126
|
<param pos="0" name="os.vendor" value="Cisco"/>
|
122
127
|
<param pos="0" name="os.product" value="IOS"/>
|
123
128
|
<param pos="1" name="os.version"/>
|
124
129
|
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
|
125
130
|
</fingerprint>
|
126
131
|
|
132
|
+
<fingerprint pattern="^Cisco-CP(39\d{2})/([\d.]+)$">
|
133
|
+
<description>Cisco Unified SIP Phone 3900 Series</description>
|
134
|
+
<example cisco.model="3905" hw.product="Unified SIP Phone 3905" os.version="9.4.1">Cisco-CP3905/9.4.1</example>
|
135
|
+
<param pos="1" name="cisco.model"/>
|
136
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
137
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
138
|
+
<param pos="0" name="hw.product" value="Unified SIP Phone {cisco.model}"/>
|
139
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
140
|
+
<param pos="0" name="os.product" value="Unified SIP Phone 3900 Firmware"/>
|
141
|
+
<param pos="2" name="os.version"/>
|
142
|
+
<param pos="0" name="hw.certainty" value="0.95"/>
|
143
|
+
<param pos="0" name="os.certainty" value="0.95"/>
|
144
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:unified_sip_phone_3900_firmware:{os.version}"/>
|
145
|
+
</fingerprint>
|
146
|
+
|
147
|
+
<fingerprint pattern="^Cisco-ATA(\d{3})/([\d.]+)$">
|
148
|
+
<description>Cisco Analog Telephone Adapters (ATA)</description>
|
149
|
+
<example cisco.model="187" hw.product="ATA 187" os.version="9.2.3">Cisco-ATA187/9.2.3</example>
|
150
|
+
<param pos="1" name="cisco.model"/>
|
151
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
152
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
153
|
+
<param pos="0" name="hw.product" value="ATA {cisco.model}"/>
|
154
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
155
|
+
<param pos="0" name="os.product" value="ATA {cisco.model} Firmware"/>
|
156
|
+
<param pos="2" name="os.version"/>
|
157
|
+
<param pos="0" name="hw.certainty" value="0.9"/>
|
158
|
+
<param pos="0" name="os.certainty" value="0.9"/>
|
159
|
+
</fingerprint>
|
160
|
+
|
127
161
|
<!-- AVM.DE Devices -->
|
128
162
|
|
129
163
|
<fingerprint pattern="^FRITZ!OS$">
|
@@ -137,18 +171,18 @@
|
|
137
171
|
|
138
172
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
139
173
|
<description>AVM FritzBox</description>
|
140
|
-
<example>AVM FRITZ!Box Fon 06.03.13</example>
|
141
|
-
<example>AVM FRITZ!Box Fon 06.03.65 (Jun 7 2005)</example>
|
142
|
-
<example>AVM FRITZ!Box Fon 5010 Annex A (ITA) 48.04.46 (Sep 14 2007)</example>
|
143
|
-
<example>AVM FRITZ!Box Fon 5012 (UI) 25.03.90 (3.01.03 tested by accredited T-Com test lab) (Oct 28 2005)</example>
|
144
|
-
<example>AVM FRITZ!Box Fon 5113 Annex A 83.04.69 (Dec 2 2008)</example>
|
145
|
-
<example>AVM FRITZ!Box Fon 5124 56.04.77 (Feb 14 2014)</example>
|
146
|
-
<example>AVM FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V 58.04.67 (Dec 18 2008)</example>
|
147
|
-
<example>AVM FRITZ!Box 3272 126.05.50 (Feb 27 2013)</example>
|
148
|
-
<example>AVM FRITZ!Box 7170 Annex A 58.04.85 (Apr 4 2011)</example>
|
149
|
-
<example>AVM FRITZ!Box 7312 117.05.23 TAL (Jun 1 2012)</example>
|
150
|
-
<example>AVM FRITZ!Box WLAN 3270 v3 Edition Italia 125.05.52 (Feb 7 2014)</example>
|
151
|
-
<example>AVM FRITZ!Box Speedport W701V Annex A 58.04.82 (May 12 2010)</example>
|
174
|
+
<example os.product="FRITZ!Box Fon" os.version="06.03.13">AVM FRITZ!Box Fon 06.03.13</example>
|
175
|
+
<example os.product="FRITZ!Box Fon" os.version="06.03.65">AVM FRITZ!Box Fon 06.03.65 (Jun 7 2005)</example>
|
176
|
+
<example os.product="FRITZ!Box Fon 5010 Annex A (ITA)" os.version="48.04.46">AVM FRITZ!Box Fon 5010 Annex A (ITA) 48.04.46 (Sep 14 2007)</example>
|
177
|
+
<example os.product="FRITZ!Box Fon 5012 (UI)" os.version="25.03.90">AVM FRITZ!Box Fon 5012 (UI) 25.03.90 (3.01.03 tested by accredited T-Com test lab) (Oct 28 2005)</example>
|
178
|
+
<example os.product="FRITZ!Box Fon 5113 Annex A" os.version="83.04.69">AVM FRITZ!Box Fon 5113 Annex A 83.04.69 (Dec 2 2008)</example>
|
179
|
+
<example os.product="FRITZ!Box Fon 5124" os.version="56.04.77">AVM FRITZ!Box Fon 5124 56.04.77 (Feb 14 2014)</example>
|
180
|
+
<example os.product="FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V" os.version="58.04.67">AVM FRITZ!Box Fon 7170 Annex A.B ML Speedport W701V 58.04.67 (Dec 18 2008)</example>
|
181
|
+
<example os.product="FRITZ!Box 3272" os.version="126.05.50">AVM FRITZ!Box 3272 126.05.50 (Feb 27 2013)</example>
|
182
|
+
<example os.product="FRITZ!Box 7170 Annex A" os.version="58.04.85">AVM FRITZ!Box 7170 Annex A 58.04.85 (Apr 4 2011)</example>
|
183
|
+
<example os.product="FRITZ!Box 7312" os.version="117.05.23">AVM FRITZ!Box 7312 117.05.23 TAL (Jun 1 2012)</example>
|
184
|
+
<example os.product="FRITZ!Box WLAN 3270 v3 Edition Italia" os.version="125.05.52">AVM FRITZ!Box WLAN 3270 v3 Edition Italia 125.05.52 (Feb 7 2014)</example>
|
185
|
+
<example os.product="FRITZ!Box Speedport W701V Annex A" os.version="58.04.82">AVM FRITZ!Box Speedport W701V Annex A 58.04.82 (May 12 2010)</example>
|
152
186
|
<param pos="0" name="os.vendor" value="AVM"/>
|
153
187
|
<param pos="0" name="os.family" value="FRITZ!Box"/>
|
154
188
|
<param pos="1" name="os.product"/>
|
@@ -159,8 +193,8 @@
|
|
159
193
|
|
160
194
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
161
195
|
<description>AVM FritzFon</description>
|
162
|
-
<example>AVM FRITZ!Fon 7150 (fs) 38.04.56 (Mar 31 2008)</example>
|
163
|
-
<example>AVM FRITZ!Fon WLAN 7150 Annex A 58.04.84 (Apr 4 2011)</example>
|
196
|
+
<example os.product="FRITZ!Fon 7150 (fs)" os.version="38.04.56">AVM FRITZ!Fon 7150 (fs) 38.04.56 (Mar 31 2008)</example>
|
197
|
+
<example os.product="FRITZ!Fon WLAN 7150 Annex A" os.version="58.04.84">AVM FRITZ!Fon WLAN 7150 Annex A 58.04.84 (Apr 4 2011)</example>
|
164
198
|
<param pos="0" name="os.vendor" value="AVM"/>
|
165
199
|
<param pos="0" name="os.family" value="FRITZ!Fon"/>
|
166
200
|
<param pos="1" name="os.product"/>
|
@@ -171,7 +205,7 @@
|
|
171
205
|
|
172
206
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
173
207
|
<description>AVM Multibox - Generic</description>
|
174
|
-
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
208
|
+
<example os.product="Multibox 7390 NGN" os.version="84.05.09" hw.product="Multibox 7390 NGN">AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
175
209
|
<param pos="0" name="os.vendor" value="AVM"/>
|
176
210
|
<param pos="0" name="os.family" value="Multibox"/>
|
177
211
|
<param pos="1" name="os.product"/>
|
@@ -235,10 +269,10 @@
|
|
235
269
|
|
236
270
|
<fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(SoundPoint|VVX|SoundStation)\S+_(\d+)-UA/([\d\.]+)(?:_(.{12}))?$">
|
237
271
|
<description>Polycom SoundPoint, SountdStation, VVX VoIP phones</description>
|
238
|
-
<example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
|
239
|
-
<example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
|
240
|
-
<example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
|
241
|
-
<example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
|
272
|
+
<example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350" hw.model="350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
|
273
|
+
<example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506" hw.model="400">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
|
274
|
+
<example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501" hw.model="501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
|
275
|
+
<example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670" hw.model="670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
|
242
276
|
<example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
|
243
277
|
<param pos="0" name="hw.vendor" value="Polycom"/>
|
244
278
|
<param pos="0" name="hw.device" value="VoIP"/>
|
@@ -251,9 +285,10 @@
|
|
251
285
|
|
252
286
|
<fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(?:RealPresenceTrio)-Trio_(\S+)-UA/([\d\.]+)(?:_(.{12}))?$">
|
253
287
|
<description>Polycom RealPresence Trio Phones</description>
|
254
|
-
<example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
|
255
|
-
<example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
|
256
|
-
<example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
|
288
|
+
<example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800" hw.model="8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
|
289
|
+
<example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+" hw.model="Visual+">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
|
290
|
+
<example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
|
291
|
+
<example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" host.mac="DEADBEEF0000">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389_DEADBEEF0000</example>
|
257
292
|
<param pos="0" name="hw.vendor" value="Polycom"/>
|
258
293
|
<param pos="0" name="hw.device" value="VoIP"/>
|
259
294
|
<param pos="0" name="hw.family" value="RealPresence"/>
|
@@ -298,10 +333,11 @@
|
|
298
333
|
<param pos="1" name="service.version"/>
|
299
334
|
</fingerprint>
|
300
335
|
|
301
|
-
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel \d+\)$">
|
336
|
+
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel [\d\.]+\)$">
|
302
337
|
<description>ShoreTel VoIP Switch</description>
|
303
338
|
<example hw.version="21.90.4128.0">ShoreGear/21.90.4128.0 (ShoreTel 15)</example>
|
304
339
|
<example hw.version="22.11.4900.0">ShoreGear/22.11.4900.0 (ShoreTel 15)</example>
|
340
|
+
<example hw.version="19.48.2600.0">ShoreGear/19.48.2600.0 (ShoreTel 14.2)</example>
|
305
341
|
<param pos="0" name="hw.vendor" value="ShoreTel"/>
|
306
342
|
<param pos="0" name="hw.device" value="VoIP Switch"/>
|
307
343
|
<param pos="1" name="hw.version"/>
|
@@ -559,4 +595,121 @@
|
|
559
595
|
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:{service.version}"/>
|
560
596
|
</fingerprint>
|
561
597
|
|
598
|
+
<fingerprint pattern="^Valcom (VIP-\w+) sw([\d.]+)">
|
599
|
+
<description>Valcom SIP device with version</description>
|
600
|
+
<example os.version="1.50.28" hw.product="VIP-204">Valcom VIP-204 sw1.50.28</example>
|
601
|
+
<param pos="0" name="os.vendor" value="Valcom"/>
|
602
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
603
|
+
<param pos="2" name="os.version"/>
|
604
|
+
<param pos="0" name="os.device" value="SIP Device"/>
|
605
|
+
<param pos="0" name="hw.vendor" value="Valcom"/>
|
606
|
+
<param pos="1" name="hw.product"/>
|
607
|
+
<param pos="0" name="hw.device" value="SIP Device"/>
|
608
|
+
</fingerprint>
|
609
|
+
|
610
|
+
<fingerprint pattern="^DX800A/([\d.]+)$">
|
611
|
+
<description>Gigaset SIP Phones</description>
|
612
|
+
<example os.version="41.175.00.000.000">DX800A/41.175.00.000.000</example>
|
613
|
+
<param pos="0" name="hw.vendor" value="Gigaset"/>
|
614
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
615
|
+
<param pos="0" name="hw.product" value="DX800A"/>
|
616
|
+
<param pos="0" name="os.vendor" value="Gigaset"/>
|
617
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
618
|
+
<param pos="1" name="os.version"/>
|
619
|
+
</fingerprint>
|
620
|
+
|
621
|
+
<fingerprint pattern="^(TAU-\d+[A-Z]*(?:\.IP)?)/([\d.]+) SN/(VI[0-9A-Z]+)$">
|
622
|
+
<description>Eltex TAU model VoIP gateway - with serial number</description>
|
623
|
+
<example hw.product="TAU-8.IP" os.version="2.6.3">TAU-8.IP/2.6.3 SN/VI12345678</example>
|
624
|
+
<example os.version="2.0.0.229" hw.serial_number="VI4D012345">TAU-4M.IP/2.0.0.229 SN/VI4D012345</example>
|
625
|
+
<example hw.product="TAU-2M.IP" os.version="2.3.1.11" hw.serial_number="VI12345678">TAU-2M.IP/2.3.1.11 SN/VI12345678</example>
|
626
|
+
<example hw.product="TAU-1M.IP" os.version="2.0.0.229" hw.serial_number="VI3A012345">TAU-1M.IP/2.0.0.229 SN/VI3A012345</example>
|
627
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
628
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
629
|
+
<param pos="2" name="os.version"/>
|
630
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
631
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
632
|
+
<param pos="1" name="hw.product"/>
|
633
|
+
<param pos="3" name="hw.serial_number"/>
|
634
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
635
|
+
</fingerprint>
|
636
|
+
|
637
|
+
<fingerprint pattern="^(TAU-\d+[A-Z]*(?:\.IP)?)/([\d.]+) SN/(VI[0-9A-Z]+) (?:SHA/[0-9a-f]+ )?sofia-sip/([\d.]+)$">
|
638
|
+
<description>Eltex TAU model VoIP gateway - with serial number and sofia version</description>
|
639
|
+
<example hw.product="TAU-8.IP" hw.serial_number="VI12345678">TAU-8.IP/2.3.0 SN/VI12345678 sofia-sip/1.12.10</example>
|
640
|
+
<example os.version="1.9.1" service.component.version="1.12.10">TAU-8.IP/1.9.1 SN/VI12345678 SHA/7404bd4 sofia-sip/1.12.10</example>
|
641
|
+
<example hw.product="TAU-2M.IP" os.version="1.13.3.5" hw.serial_number="VI12345678" service.component.version="1.12.10">TAU-2M.IP/1.13.3.5 SN/VI12345678 sofia-sip/1.12.10</example>
|
642
|
+
<example hw.product="TAU-1M.IP" os.version="1.9.3" hw.serial_number="VI3A012345" service.component.version="1.12.10">TAU-1M.IP/1.9.3 SN/VI3A012345 sofia-sip/1.12.10</example>
|
643
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
644
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
645
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
646
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
647
|
+
<param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
|
648
|
+
<param pos="0" name="service.component.product" value="sofia-sip"/>
|
649
|
+
<param pos="4" name="service.component.version"/>
|
650
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
651
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
652
|
+
<param pos="2" name="os.version"/>
|
653
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
654
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
655
|
+
<param pos="1" name="hw.product"/>
|
656
|
+
<param pos="3" name="hw.serial_number"/>
|
657
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
658
|
+
</fingerprint>
|
659
|
+
|
660
|
+
<fingerprint pattern="^(TAU-\d{1,2}) (?:build |v)([\d.]+) (?:with )?sofia-sip/([\d.]+)$">
|
661
|
+
<description>Eltex TAU model VoIP gateway - build variant with sofia version</description>
|
662
|
+
<example hw.product="TAU-72" os.version="2.18.0.35">TAU-72 build 2.18.0.35 sofia-sip/1.12.10</example>
|
663
|
+
<example service.component.version="1.12.10">TAU-1 v1.2 with sofia-sip/1.12.10</example>
|
664
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
665
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
666
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
667
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
668
|
+
<param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
|
669
|
+
<param pos="0" name="service.component.product" value="sofia-sip"/>
|
670
|
+
<param pos="3" name="service.component.version"/>
|
671
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
672
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
673
|
+
<param pos="2" name="os.version"/>
|
674
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
675
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
676
|
+
<param pos="1" name="hw.product"/>
|
677
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
678
|
+
</fingerprint>
|
679
|
+
|
680
|
+
<fingerprint pattern="^(?:Eltex )?(?:smg_pa_sip[ -]){1,2}([\d.]+)$">
|
681
|
+
<description>Eltex SMG model VoIP gateway - no model number</description>
|
682
|
+
<example os.version="3.9.1.50">Eltex smg_pa_sip smg_pa_sip-3.9.1.50</example>
|
683
|
+
<example os.version="3.10.1.22">smg_pa_sip smg_pa_sip-3.10.1.22</example>
|
684
|
+
<example os.version="3.18.0.67">smg_pa_sip 3.18.0.67</example>
|
685
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
686
|
+
<param pos="0" name="os.product" value="SMG Firmware"/>
|
687
|
+
<param pos="1" name="os.version"/>
|
688
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
689
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
690
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
691
|
+
</fingerprint>
|
692
|
+
|
693
|
+
<fingerprint pattern="^(RG-\d[\w-]+)/([\d.]+) SN/(VI\w+) (?:SHA/[0-9a-f]+ )?sofia-sip/([\d.]+)$">
|
694
|
+
<description>Eltex - NTP / NTU model broadband router - with serial number and sofia version</description>
|
695
|
+
<example hw.product="RG-5421G-Wac" hw.serial_number="VI12E45678">RG-5421G-Wac/2.4.2.87 SN/VI12E45678 sofia-sip/1.12.10</example>
|
696
|
+
<example os.version="1.11.0">RG-1404GF/1.11.0 SN/VI12E45678 sofia-sip/1.12.10</example>
|
697
|
+
<example service.component.version="1.12.1">RG-1404GF/1.8.0 SN/VI12E45678 SHA/0270864 sofia-sip/1.12.1</example>
|
698
|
+
<param pos="0" name="service.vendor" value="FreeSWITCH"/>
|
699
|
+
<param pos="0" name="service.product" value="FreeSWITCH"/>
|
700
|
+
<param pos="0" name="service.device" value="SIP Gateway"/>
|
701
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:freeswitch:freeswitch:-"/>
|
702
|
+
<param pos="0" name="service.component.vendor" value="FreeSWITCH"/>
|
703
|
+
<param pos="0" name="service.component.product" value="sofia-sip"/>
|
704
|
+
<param pos="4" name="service.component.version"/>
|
705
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
706
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
707
|
+
<param pos="2" name="os.version"/>
|
708
|
+
<param pos="0" name="os.device" value="Broadband Router"/>
|
709
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
710
|
+
<param pos="1" name="hw.product"/>
|
711
|
+
<param pos="3" name="hw.serial_number"/>
|
712
|
+
<param pos="0" name="hw.device" value="Broadband Router"/>
|
713
|
+
</fingerprint>
|
714
|
+
|
562
715
|
</fingerprints>
|