recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/smb_native_lm.xml
CHANGED
@@ -39,12 +39,12 @@
|
|
39
39
|
|
40
40
|
<fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
|
41
41
|
<description>Samba</description>
|
42
|
-
<example>Samba 3.0.24</example>
|
42
|
+
<example service.version="3.0.24">Samba 3.0.24</example>
|
43
43
|
<example service.version="3.0.28a">Samba 3.0.28a</example>
|
44
|
-
<example>Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
|
45
|
-
<example>Samba 3.6.3</example>
|
46
|
-
<example>Samba 3.6.6</example>
|
47
|
-
<example>Samba 3.6.9-151.el6_4.1</example>
|
44
|
+
<example service.version="3.0.32">Samba 3.0.32-0.2-2210-SUSE-SL10.3</example>
|
45
|
+
<example service.version="3.6.3">Samba 3.6.3</example>
|
46
|
+
<example service.version="3.6.6">Samba 3.6.6</example>
|
47
|
+
<example service.version="3.6.9">Samba 3.6.9-151.el6_4.1</example>
|
48
48
|
<param pos="0" name="service.vendor" value="Samba"/>
|
49
49
|
<param pos="0" name="service.product" value="Samba"/>
|
50
50
|
<param pos="1" name="service.version"/>
|
data/xml/smb_native_os.xml
CHANGED
@@ -45,6 +45,9 @@
|
|
45
45
|
<fingerprint pattern="^Windows 6.1$">
|
46
46
|
<description>Spoofed value often used by Samba -- assert nothing.</description>
|
47
47
|
<example>Windows 6.1</example>
|
48
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
49
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
50
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
48
51
|
</fingerprint>
|
49
52
|
|
50
53
|
<fingerprint pattern="^Windows XP (\d+) (Service Pack \d+)$">
|
@@ -153,8 +156,8 @@
|
|
153
156
|
|
154
157
|
<fingerprint pattern="^Windows Server \(R\) 2008 (\w+|\w+ \w+|\w+ \w+ \w+)(?: (?:with|without) Hyper-V|) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
155
158
|
<description>Windows Server 2008</description>
|
156
|
-
<example os.edition="Enterprise" os.version="Service Pack 1">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
|
157
|
-
<example os.edition="Enterprise" os.version="Service Pack 2">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
|
159
|
+
<example os.edition="Enterprise" os.version="Service Pack 1" os.build="6001">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
|
160
|
+
<example os.edition="Enterprise" os.version="Service Pack 2" os.build="6002">Windows Server (R) 2008 Enterprise 6002 Service Pack 2, v.275</example>
|
158
161
|
<param pos="0" name="os.certainty" value="1.0"/>
|
159
162
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
160
163
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -166,7 +169,7 @@
|
|
166
169
|
|
167
170
|
<fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+) (Service Pack \d+)$">
|
168
171
|
<description>Windows Web Server 2008 (SP)</description>
|
169
|
-
<example os.edition="Web" os.version="Service Pack 2">Windows (R) Web Server 2008 6002 Service Pack 2</example>
|
172
|
+
<example os.edition="Web" os.version="Service Pack 2" os.build="6002">Windows (R) Web Server 2008 6002 Service Pack 2</example>
|
170
173
|
<param pos="0" name="os.certainty" value="1.0"/>
|
171
174
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
172
175
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -178,7 +181,7 @@
|
|
178
181
|
|
179
182
|
<fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+)$">
|
180
183
|
<description>Windows Web Server 2008</description>
|
181
|
-
<example>Windows (R) Web Server 2008 6002</example>
|
184
|
+
<example os.build="6002">Windows (R) Web Server 2008 6002</example>
|
182
185
|
<param pos="0" name="os.certainty" value="1.0"/>
|
183
186
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
184
187
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -214,7 +217,7 @@
|
|
214
217
|
|
215
218
|
<fingerprint pattern="^Windows Server 2008 HPC Edition (\d+) (Service Pack \d+)$">
|
216
219
|
<description>Windows Server 2008 HPC</description>
|
217
|
-
<example>Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
|
220
|
+
<example os.build="7601" os.version="Service Pack 1">Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
|
218
221
|
<param pos="0" name="os.certainty" value="1.0"/>
|
219
222
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
220
223
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -226,7 +229,7 @@
|
|
226
229
|
|
227
230
|
<fingerprint pattern="^Windows Server 2008 HPC Edition (\d+)$">
|
228
231
|
<description>Windows Web Server 2008 HPC</description>
|
229
|
-
<example>Windows Server 2008 HPC Edition 7600</example>
|
232
|
+
<example os.build="7600">Windows Server 2008 HPC Edition 7600</example>
|
230
233
|
<param pos="0" name="os.certainty" value="1.0"/>
|
231
234
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
232
235
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
@@ -239,8 +242,8 @@
|
|
239
242
|
|
240
243
|
<fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
241
244
|
<description>Windows Server 2008 R2</description>
|
242
|
-
<example>Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
|
243
|
-
<example>Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
|
245
|
+
<example os.edition="Enterprise" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
|
246
|
+
<example os.edition="Standard" os.build="7601" os.version="Service Pack 1">Windows Server 2008 R2 Standard 7601 Service Pack 1</example>
|
244
247
|
<param pos="0" name="os.certainty" value="1.0"/>
|
245
248
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
246
249
|
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
@@ -252,9 +255,9 @@
|
|
252
255
|
|
253
256
|
<fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
254
257
|
<description>Windows Server 2008 R2 without Service Pack</description>
|
255
|
-
<example os.edition="Enterprise">Windows Server 2008 R2 Enterprise 7600</example>
|
256
|
-
<example os.edition="Standard">Windows Server 2008 R2 Standard 7600</example>
|
257
|
-
<example os.edition="Datacenter">Windows Server 2008 R2 Datacenter 7600</example>
|
258
|
+
<example os.edition="Enterprise" os.build="7600">Windows Server 2008 R2 Enterprise 7600</example>
|
259
|
+
<example os.edition="Standard" os.build="7600">Windows Server 2008 R2 Standard 7600</example>
|
260
|
+
<example os.edition="Datacenter" os.build="7600">Windows Server 2008 R2 Datacenter 7600</example>
|
258
261
|
<param pos="0" name="os.certainty" value="1.0"/>
|
259
262
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
260
263
|
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
@@ -265,7 +268,7 @@
|
|
265
268
|
|
266
269
|
<fingerprint pattern="^Windows Web Server 2008 R2 (\d+) (Service Pack \d+)$">
|
267
270
|
<description>Windows Server 2008 R2 Web</description>
|
268
|
-
<example os.version="Service Pack 1">Windows Web Server 2008 R2 7601 Service Pack 1</example>
|
271
|
+
<example os.version="Service Pack 1" os.build="7601">Windows Web Server 2008 R2 7601 Service Pack 1</example>
|
269
272
|
<param pos="0" name="os.certainty" value="1.0"/>
|
270
273
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
271
274
|
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
@@ -277,7 +280,7 @@
|
|
277
280
|
|
278
281
|
<fingerprint pattern="^Windows Web Server 2008 R2 (\d+)$">
|
279
282
|
<description>Windows Web Server 2008 R2 Web</description>
|
280
|
-
<example>Windows Web Server 2008 R2 7600</example>
|
283
|
+
<example os.build="7600">Windows Web Server 2008 R2 7600</example>
|
281
284
|
<param pos="0" name="os.certainty" value="1.0"/>
|
282
285
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
283
286
|
<param pos="0" name="os.product" value="Windows Server 2008 R2"/>
|
@@ -375,7 +378,7 @@
|
|
375
378
|
|
376
379
|
<fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
377
380
|
<description>Windows Vista (SP)</description>
|
378
|
-
<example os.edition="Home Premium" os.version="Service Pack 2">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
|
381
|
+
<example os.edition="Home Premium" os.version="Service Pack 2" os.build="6002">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
|
379
382
|
<param pos="0" name="os.certainty" value="1.0"/>
|
380
383
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
381
384
|
<param pos="0" name="os.product" value="Windows Vista"/>
|
@@ -387,7 +390,7 @@
|
|
387
390
|
|
388
391
|
<fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
389
392
|
<description>Windows Vista</description>
|
390
|
-
<example os.edition="Home Premium">Windows Vista (TM) Home Premium 6000</example>
|
393
|
+
<example os.edition="Home Premium" os.build="6000">Windows Vista (TM) Home Premium 6000</example>
|
391
394
|
<param pos="0" name="os.certainty" value="1.0"/>
|
392
395
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
393
396
|
<param pos="0" name="os.product" value="Windows Vista"/>
|
@@ -398,9 +401,9 @@
|
|
398
401
|
|
399
402
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
400
403
|
<description>Windows 7/8 (SP + Edition)</description>
|
401
|
-
<example os.edition="Enterprise" os.version="Service Pack 1">Windows 7 Enterprise 7601 Service Pack 1</example>
|
402
|
-
<example os.edition="Starter" os.version="Service Pack 1">Windows 7 Starter 7601 Service Pack 1</example>
|
403
|
-
<example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
|
404
|
+
<example os.edition="Enterprise" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Enterprise 7601 Service Pack 1</example>
|
405
|
+
<example os.edition="Starter" os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 Starter 7601 Service Pack 1</example>
|
406
|
+
<example os.edition="Ultimate" os.build="7601" os.version="Service Pack 1" os.product="Windows 7">Windows 7 Ultimate 7601 Service Pack 1, v.178</example>
|
404
407
|
<param pos="0" name="os.certainty" value="1.0"/>
|
405
408
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
406
409
|
<param pos="1" name="os.product"/>
|
@@ -411,7 +414,7 @@
|
|
411
414
|
|
412
415
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
|
413
416
|
<description>Windows 7/8 (SP)</description>
|
414
|
-
<example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
|
417
|
+
<example os.version="Service Pack 1" os.product="Windows 7" os.build="7601">Windows 7 7601 Service Pack 1</example>
|
415
418
|
<param pos="0" name="os.certainty" value="1.0"/>
|
416
419
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
417
420
|
<param pos="1" name="os.product"/>
|
@@ -421,9 +424,9 @@
|
|
421
424
|
|
422
425
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
423
426
|
<description>Windows 7/8 (Edition)</description>
|
424
|
-
<example os.edition="Enterprise">Windows 7 Enterprise 7600</example>
|
425
|
-
<example os.edition="Enterprise">Windows 8.1 Enterprise 9600</example>
|
426
|
-
<example os.edition="Enterprise">Windows 8 Enterprise 9200</example>
|
427
|
+
<example os.edition="Enterprise" os.product="Windows 7" os.build="7600">Windows 7 Enterprise 7600</example>
|
428
|
+
<example os.edition="Enterprise" os.product="Windows 8.1" os.build="9600">Windows 8.1 Enterprise 9600</example>
|
429
|
+
<example os.edition="Enterprise" os.product="Windows 8" os.build="9200">Windows 8 Enterprise 9200</example>
|
427
430
|
<param pos="0" name="os.certainty" value="1.0"/>
|
428
431
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
429
432
|
<param pos="1" name="os.product"/>
|
@@ -433,7 +436,7 @@
|
|
433
436
|
|
434
437
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+)$">
|
435
438
|
<description>Windows 7/8</description>
|
436
|
-
<example>Windows 8 9200</example>
|
439
|
+
<example os.product="Windows 8" os.build="9200">Windows 8 9200</example>
|
437
440
|
<param pos="0" name="os.certainty" value="1.0"/>
|
438
441
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
439
442
|
<param pos="1" name="os.product"/>
|
@@ -505,7 +508,7 @@
|
|
505
508
|
|
506
509
|
<fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
507
510
|
<description>Windows Server 2012</description>
|
508
|
-
<example>Windows Server 2012 Standard 9200</example>
|
511
|
+
<example os.edition="Standard" os.build="9200">Windows Server 2012 Standard 9200</example>
|
509
512
|
<param pos="0" name="os.certainty" value="1.0"/>
|
510
513
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
511
514
|
<param pos="0" name="os.product" value="Windows Server 2012"/>
|
@@ -634,7 +637,7 @@
|
|
634
637
|
|
635
638
|
<fingerprint pattern="^EMC-SNAS:T([\d\.]+)?$">
|
636
639
|
<description>EMC Celerra</description>
|
637
|
-
<example service.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
|
640
|
+
<example service.version="7.1.80.7" os.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
|
638
641
|
<param pos="0" name="service.vendor" value="EMC"/>
|
639
642
|
<param pos="0" name="service.product" value="Celerra"/>
|
640
643
|
<param pos="1" name="service.version"/>
|