RubyGems - recog - Versions diffs - 2.3.20 → 2.3.23 - Mend

recog 2.3.20 → 2.3.23

Files changed (83) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +8 -0
data/.github/workflows/ci.yml +1 -1
data/.github/workflows/verify.yml +89 -0
data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
data/.vscode/extensions.json +5 -0
data/.vscode/settings.json +8 -0
data/.vscode/tasks.json +77 -0
data/CONTRIBUTING.md +8 -0
data/README.md +17 -0
data/bin/recog_standardize +28 -13
data/bin/recog_verify +42 -8
data/cpe-remap.yaml +62 -3
data/features/data/schema_failure.xml +4 -0
data/features/data/tests_with_failures.xml +6 -0
data/features/support/hooks.rb +9 -0
data/features/verify.feature +85 -21
data/identifiers/fields.txt +6 -5
data/identifiers/hw_device.txt +8 -0
data/identifiers/hw_family.txt +8 -0
data/identifiers/hw_product.txt +54 -0
data/identifiers/os_device.txt +2 -0
data/identifiers/os_family.txt +2 -0
data/identifiers/os_product.txt +18 -2
data/identifiers/service_product.txt +26 -0
data/identifiers/vendor.txt +62 -1
data/lib/recog/db.rb +2 -1
data/lib/recog/fingerprint.rb +33 -6
data/lib/recog/fingerprint_parse_error.rb +10 -0
data/lib/recog/nizer.rb +1 -82
data/lib/recog/verifier.rb +9 -9
data/lib/recog/verify_reporter.rb +17 -6
data/lib/recog/version.rb +1 -1
data/requirements.txt +1 -1
data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
data/spec/data/external_example_fingerprint.xml +8 -0
data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
data/spec/lib/fingerprint_self_test_spec.rb +1 -0
data/spec/lib/recog/db_spec.rb +84 -61
data/spec/lib/recog/fingerprint_spec.rb +4 -4
data/spec/lib/recog/verify_reporter_spec.rb +73 -4
data/tools/dev/hooks/pre-commit +21 -0
data/update_cpes.py +130 -37
data/xml/apache_os.xml +98 -56
data/xml/architecture.xml +15 -1
data/xml/dhcp_vendor_class.xml +206 -0
data/xml/dns_versionbind.xml +26 -13
data/xml/favicons.xml +236 -47
data/xml/fingerprints.xsd +9 -1
data/xml/ftp_banners.xml +213 -197
data/xml/h323_callresp.xml +101 -101
data/xml/hp_pjl_id.xml +84 -84
data/xml/html_title.xml +715 -45
data/xml/http_cookies.xml +143 -80
data/xml/http_servers.xml +510 -310
data/xml/http_wwwauth.xml +177 -75
data/xml/imap_banners.xml +10 -10
data/xml/mdns_device-info_txt.xml +421 -26
data/xml/mysql_banners.xml +3 -2
data/xml/nntp_banners.xml +12 -9
data/xml/ntp_banners.xml +97 -97
data/xml/operating_system.xml +98 -83
data/xml/pop_banners.xml +27 -27
data/xml/rsh_resp.xml +3 -3
data/xml/sip_banners.xml +46 -8
data/xml/sip_user_agents.xml +180 -27
data/xml/smb_native_lm.xml +5 -5
data/xml/smb_native_os.xml +28 -25
data/xml/smtp_banners.xml +258 -254
data/xml/smtp_ehlo.xml +1 -1
data/xml/smtp_help.xml +11 -11
data/xml/smtp_noop.xml +2 -2
data/xml/snmp_sysdescr.xml +1554 -1429
data/xml/snmp_sysobjid.xml +27 -27
data/xml/ssh_banners.xml +27 -20
data/xml/telnet_banners.xml +256 -57
data/xml/tls_jarm.xml +48 -6
data/xml/x11_banners.xml +3 -3
data/xml/x509_issuers.xml +69 -2
data/xml/x509_subjects.xml +144 -33
metadata +24 -4
data/lib/recog/verifier_factory.rb +0 -13

data/xml/smb_native_lm.xml CHANGED Viewed

@@ -39,12 +39,12 @@
   <fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
     <description>Samba</description>
-    <example>Samba 3.0.24</example>
+    <example service.version="3.0.24">Samba 3.0.24</example>
     <example service.version="3.0.28a">Samba 3.0.28a</example>
-    <example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
-    <example>Samba 3.6.3</example>
-    <example>Samba 3.6.6</example>
-    <example>Samba 3.6.9-151.el6_4.1</example>
+    <example service.version="3.0.32">Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
+    <example service.version="3.6.3">Samba 3.6.3</example>
+    <example service.version="3.6.6">Samba 3.6.6</example>
+    <example service.version="3.6.9">Samba 3.6.9-151.el6_4.1</example>
     <param pos="0" name="service.vendor" value="Samba"/>
     <param pos="0" name="service.product" value="Samba"/>
     <param pos="1" name="service.version"/>

data/xml/smb_native_os.xml CHANGED Viewed

@@ -45,6 +45,9 @@
   <fingerprint pattern="^Windows 6.1$">
     <description>Spoofed value often used by Samba -- assert nothing.</description>
     <example>Windows 6.1</example>
+    <param pos="0" name="hw.certainty" value="0.0"/>
+    <param pos="0" name="os.certainty" value="0.0"/>
+    <param pos="0" name="service.certainty" value="0.0"/>
   </fingerprint>
   <fingerprint pattern="^Windows XP (\d+) (Service Pack \d+)$">
@@ -153,8 +156,8 @@
   <fingerprint pattern="^Windows Server \(R\) 2008 (\w+|\w+ \w+|\w+ \w+ \w+)(?: (?:with|without) Hyper-V|) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows Server 2008</description>
-    <example os.edition="Enterprise" os.version="Service Pack 1">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
-    <example os.edition="Enterprise" os.version="Service Pack 2">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
+    <example os.edition="Enterprise" os.version="Service Pack 1" os.build="6001">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
+    <example os.edition="Enterprise" os.version="Service Pack 2" os.build="6002">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -166,7 +169,7 @@
   <fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+) (Service Pack \d+)$">
     <description>Windows Web Server 2008 (SP)</description>
-    <example os.edition="Web" os.version="Service Pack 2">Windows (R) Web Server 2008 6002 Service Pack 2</example>
+    <example os.edition="Web" os.version="Service Pack 2" os.build="6002">Windows (R) Web Server 2008 6002 Service Pack 2</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -178,7 +181,7 @@
   <fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+)$">
     <description>Windows Web Server 2008</description>
-    <example>Windows (R) Web Server 2008 6002</example>
+    <example os.build="6002">Windows (R) Web Server 2008 6002</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -214,7 +217,7 @@
   <fingerprint pattern="^Windows Server 2008 HPC Edition (\d+) (Service Pack \d+)$">
     <description>Windows Server 2008 HPC</description>
-    <example>Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
+    <example os.build="7601" os.version="Service Pack 1">Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -226,7 +229,7 @@
   <fingerprint pattern="^Windows Server 2008 HPC Edition (\d+)$">
     <description>Windows Web Server 2008 HPC</description>
-    <example>Windows Server 2008 HPC Edition 7600</example>
+    <example os.build="7600">Windows Server 2008 HPC Edition 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008"/>
@@ -239,8 +242,8 @@
   <fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows Server 2008 R2</description>
-    <example>Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
-    <example>Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
+    <example os.edition="Enterprise" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
+    <example os.edition="Standard" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -252,9 +255,9 @@
   <fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Server 2008 R2 without Service Pack</description>
-    <example os.edition="Enterprise">Windows Server 2008 R2 Enterprise 7600</example>
-    <example os.edition="Standard">Windows Server 2008 R2 Standard 7600</example>
-    <example os.edition="Datacenter">Windows Server 2008 R2 Datacenter 7600</example>
+    <example os.edition="Enterprise" os.build="7600">Windows Server 2008 R2 Enterprise 7600</example>
+    <example os.edition="Standard" os.build="7600">Windows Server 2008 R2 Standard 7600</example>
+    <example os.edition="Datacenter" os.build="7600">Windows Server 2008 R2 Datacenter 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -265,7 +268,7 @@
   <fingerprint pattern="^Windows Web Server 2008 R2 (\d+) (Service Pack \d+)$">
     <description>Windows Server 2008 R2 Web</description>
-    <example os.version="Service Pack 1">Windows Web Server 2008 R2 7601 Service Pack 1</example>
+    <example os.version="Service Pack 1" os.build="7601">Windows Web Server 2008 R2 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -277,7 +280,7 @@
   <fingerprint pattern="^Windows Web Server 2008 R2 (\d+)$">
     <description>Windows Web Server 2008 R2 Web</description>
-    <example>Windows Web Server 2008 R2 7600</example>
+    <example os.build="7600">Windows Web Server 2008 R2 7600</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2008 R2"/>
@@ -375,7 +378,7 @@
   <fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
     <description>Windows Vista (SP)</description>
-    <example os.edition="Home Premium" os.version="Service Pack 2">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
+    <example os.edition="Home Premium" os.version="Service Pack 2" os.build="6002">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Vista"/>
@@ -387,7 +390,7 @@
   <fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Vista</description>
-    <example os.edition="Home Premium">Windows Vista (TM) Home Premium 6000</example>
+    <example os.edition="Home Premium" os.build="6000">Windows Vista (TM) Home Premium 6000</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Vista"/>
@@ -398,9 +401,9 @@
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
     <description>Windows 7/8 (SP + Edition)</description>
-    <example os.edition="Enterprise" os.version="Service Pack 1">Windows 7 Enterprise 7601 Service Pack 1</example>
-    <example os.edition="Starter" os.version="Service Pack 1">Windows 7 Starter 7601 Service Pack 1</example>
-    <example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
+    <example os.edition="Enterprise" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Enterprise 7601 Service Pack 1</example>
+    <example os.edition="Starter" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Starter 7601 Service Pack 1</example>
+    <example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1" os.product="Windows 7">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -411,7 +414,7 @@
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
     <description>Windows 7/8 (SP)</description>
-    <example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
+    <example os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 7601 Service Pack 1</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -421,9 +424,9 @@
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows 7/8 (Edition)</description>
-    <example os.edition="Enterprise">Windows 7 Enterprise 7600</example>
-    <example os.edition="Enterprise">Windows 8.1 Enterprise 9600</example>
-    <example os.edition="Enterprise">Windows 8 Enterprise 9200</example>
+    <example os.edition="Enterprise" os.product="Windows 7" os.build="7600">Windows 7 Enterprise 7600</example>
+    <example os.edition="Enterprise" os.product="Windows 8.1" os.build="9600">Windows 8.1 Enterprise 9600</example>
+    <example os.edition="Enterprise" os.product="Windows 8" os.build="9200">Windows 8 Enterprise 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -433,7 +436,7 @@
   <fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+)$">
     <description>Windows 7/8</description>
-    <example>Windows 8 9200</example>
+    <example os.product="Windows 8" os.build="9200">Windows 8 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="1" name="os.product"/>
@@ -505,7 +508,7 @@
   <fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
     <description>Windows Server 2012</description>
-    <example>Windows Server 2012 Standard 9200</example>
+    <example os.edition="Standard" os.build="9200">Windows Server 2012 Standard 9200</example>
     <param pos="0" name="os.certainty" value="1.0"/>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.product" value="Windows Server 2012"/>
@@ -634,7 +637,7 @@
   <fingerprint pattern="^EMC-SNAS:T([\d\.]+)?$">
     <description>EMC Celerra</description>
-    <example service.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
+    <example service.version="7.1.80.7" os.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
     <param pos="0" name="service.vendor" value="EMC"/>
     <param pos="0" name="service.product" value="Celerra"/>
     <param pos="1" name="service.version"/>