RubyGems - recog - Versions diffs - 2.3.20 → 2.3.23 - Mend

recog 2.3.20 → 2.3.23

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (83) hide show

checksums.yaml +4 -4
data/.github/dependabot.yml +8 -0
data/.github/workflows/ci.yml +1 -1
data/.github/workflows/verify.yml +89 -0
data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
data/.vscode/extensions.json +5 -0
data/.vscode/settings.json +8 -0
data/.vscode/tasks.json +77 -0
data/CONTRIBUTING.md +8 -0
data/README.md +17 -0
data/bin/recog_standardize +28 -13
data/bin/recog_verify +42 -8
data/cpe-remap.yaml +62 -3
data/features/data/schema_failure.xml +4 -0
data/features/data/tests_with_failures.xml +6 -0
data/features/support/hooks.rb +9 -0
data/features/verify.feature +85 -21
data/identifiers/fields.txt +6 -5
data/identifiers/hw_device.txt +8 -0
data/identifiers/hw_family.txt +8 -0
data/identifiers/hw_product.txt +54 -0
data/identifiers/os_device.txt +2 -0
data/identifiers/os_family.txt +2 -0
data/identifiers/os_product.txt +18 -2
data/identifiers/service_product.txt +26 -0
data/identifiers/vendor.txt +62 -1
data/lib/recog/db.rb +2 -1
data/lib/recog/fingerprint.rb +33 -6
data/lib/recog/fingerprint_parse_error.rb +10 -0
data/lib/recog/nizer.rb +1 -82
data/lib/recog/verifier.rb +9 -9
data/lib/recog/verify_reporter.rb +17 -6
data/lib/recog/version.rb +1 -1
data/requirements.txt +1 -1
data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
data/spec/data/external_example_fingerprint.xml +8 -0
data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
data/spec/lib/fingerprint_self_test_spec.rb +1 -0
data/spec/lib/recog/db_spec.rb +84 -61
data/spec/lib/recog/fingerprint_spec.rb +4 -4
data/spec/lib/recog/verify_reporter_spec.rb +73 -4
data/tools/dev/hooks/pre-commit +21 -0
data/update_cpes.py +130 -37
data/xml/apache_os.xml +98 -56
data/xml/architecture.xml +15 -1
data/xml/dhcp_vendor_class.xml +206 -0
data/xml/dns_versionbind.xml +26 -13
data/xml/favicons.xml +236 -47
data/xml/fingerprints.xsd +9 -1
data/xml/ftp_banners.xml +213 -197
data/xml/h323_callresp.xml +101 -101
data/xml/hp_pjl_id.xml +84 -84
data/xml/html_title.xml +715 -45
data/xml/http_cookies.xml +143 -80
data/xml/http_servers.xml +510 -310
data/xml/http_wwwauth.xml +177 -75
data/xml/imap_banners.xml +10 -10
data/xml/mdns_device-info_txt.xml +421 -26
data/xml/mysql_banners.xml +3 -2
data/xml/nntp_banners.xml +12 -9
data/xml/ntp_banners.xml +97 -97
data/xml/operating_system.xml +98 -83
data/xml/pop_banners.xml +27 -27
data/xml/rsh_resp.xml +3 -3
data/xml/sip_banners.xml +46 -8
data/xml/sip_user_agents.xml +180 -27
data/xml/smb_native_lm.xml +5 -5
data/xml/smb_native_os.xml +28 -25
data/xml/smtp_banners.xml +258 -254
data/xml/smtp_ehlo.xml +1 -1
data/xml/smtp_help.xml +11 -11
data/xml/smtp_noop.xml +2 -2
data/xml/snmp_sysdescr.xml +1554 -1429
data/xml/snmp_sysobjid.xml +27 -27
data/xml/ssh_banners.xml +27 -20
data/xml/telnet_banners.xml +256 -57
data/xml/tls_jarm.xml +48 -6
data/xml/x11_banners.xml +3 -3
data/xml/x509_issuers.xml +69 -2
data/xml/x509_subjects.xml +144 -33
metadata +24 -4
data/lib/recog/verifier_factory.rb +0 -13

data/xml/snmp_sysobjid.xml CHANGED Viewed

@@ -13,7 +13,7 @@
       These are baseline patterns that map to sysObjectID with their associated sysDescr.
    -->
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0">
     <description>Windows NT 4 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE  - Software: Windows NT Version 4.0  (Build Number: 1381 Uniprocessor Free )</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE  - Software: Windows NT Version 4.0  (Build Number: 1381 Uniprocessor Free )</example>
@@ -25,7 +25,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0">
     <description>Windows 2000 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -35,7 +35,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0">
     <description>Windows 2000 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -45,7 +45,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2">
     <description>Windows Server 2003 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -55,7 +55,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2">
     <description>Windows Server 2003 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -65,7 +65,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2">
     <description>Windows Server 2003 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 15 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -76,7 +76,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2">
     <description>Windows Server 2003 Datacenter on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 6 Model 15 Stepping 6 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -87,10 +87,10 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
   </fingerprint>
-  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
+  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+)">
     <description>Windows CE</description>
-    <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
-    <example>Microsoft Windows CE Version 4.20 (Build 1088)</example>
+    <example os.version="4.20">Microsoft Windows CE Version 4.20 (Build 0)</example>
+    <example os.version="4.20">Microsoft Windows CE Version 4.20 (Build 1088)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
     <param pos="0" name="os.family" value="Windows"/>
     <param pos="0" name="os.product" value="Windows CE"/>
@@ -98,7 +98,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001">
     <description>Windows Server 2008 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -108,7 +108,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001">
     <description>Windows Server 2008 Datacenter on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -118,7 +118,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001">
     <description>Windows Server 2008 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -129,7 +129,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001">
     <description>Windows Server 2008 Datacenter on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -140,7 +140,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002">
     <description>Windows Server 2008 SP2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -151,7 +151,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002">
     <description>Windows Server 2008 Datacenter SP2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -162,7 +162,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002">
     <description>Windows Server 2008 SP2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -174,7 +174,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002">
     <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -186,7 +186,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600">
     <description>Windows Server 2008 R2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -196,7 +196,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600">
     <description>Windows Server 2008 Datacenter R2 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -206,7 +206,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600">
     <description>Windows Server 2008 R2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -217,7 +217,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600">
     <description>Windows Server 2008 Datacenter R2 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -228,7 +228,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601">
     <description>Windows Server 2008 R2 SP1 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -239,7 +239,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601">
     <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -250,7 +250,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601">
     <description>Windows Server 2008 R2 SP1 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -262,7 +262,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601">
     <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
     <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: Intel64 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -274,7 +274,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
   </fingerprint>
-  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
+  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200">
     <description>Windows Server 2012 on x86_64</description>
     <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>

data/xml/ssh_banners.xml CHANGED Viewed

@@ -59,7 +59,7 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
   </fingerprint>
-  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
+  <fingerprint pattern="IPSSH[-_]([\d\.p]+)">
     <description>VxWorks with version information</description>
     <example os.version="6.9.0">IPSSH-6.9.0</example>
     <param pos="0" name="os.vendor" value="Wind River"/>
@@ -653,7 +653,7 @@
   <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
     <description>OpenSSH running on Ubuntu 6.04</description>
     <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
-    <example>OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
+    <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.2">OpenSSH_4.2p1 Debian-7ubuntu3.2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -686,9 +686,9 @@
   <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
     <description>OpenSSH running on Ubuntu 7.10</description>
     <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
-    <example>OpenSSH_4.6p1 Debian-5ubuntu0</example>
+    <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.5">OpenSSH_4.6p1 Debian-5ubuntu0.5</example>
+    <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.6">OpenSSH_4.6p1 Debian-5ubuntu0.6</example>
+    <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0">OpenSSH_4.6p1 Debian-5ubuntu0</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -858,7 +858,7 @@
   <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
     <description>OpenSSH running on Ubuntu 12.10</description>
     <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
-    <example>OpenSSH_6.0p1 Debian-3ubuntu1.2</example>
+    <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1.2">OpenSSH_6.0p1 Debian-3ubuntu1.2</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1491,6 +1491,7 @@
   <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
     <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
     <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
+    <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u7">OpenSSH_7.4p1 Raspbian-10+deb9u7</example>
     <example service.version="7.4p1" openssh.comment="Raspbian-9+deb9u1">OpenSSH_7.4p1 Raspbian-9+deb9u1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
@@ -1505,10 +1506,11 @@
     <param pos="0" name="hw.product" value="Raspberry Pi"/>
   </fingerprint>
-  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
+  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+)(?:\+rpt\d)?)$">
     <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
     <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
     <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u1">OpenSSH_7.9p1 Raspbian-10+deb10u1</example>
+    <example service.version="7.9p1" openssh.comment="Raspbian-10+deb10u2+rpt1">OpenSSH_7.9p1 Raspbian-10+deb10u2+rpt1</example>
     <param pos="1" name="service.version"/>
     <param pos="2" name="openssh.comment"/>
     <param pos="0" name="service.vendor" value="OpenBSD"/>
@@ -1730,6 +1732,7 @@
   <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
     <description>Netscreen with version</description>
+    <example service.version="2.0">SSH Protocol Compatible Server SCS 2.0</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="Juniper"/>
     <param pos="0" name="service.family" value="NetScreen"/>
@@ -1784,7 +1787,7 @@
     <param pos="1" name="os.version"/>
   </fingerprint>
-  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
+  <fingerprint pattern="^([\d.]{1,8})[ _]sshlib:? (?i:GlobalScape)$">
     <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
     <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
     <example service.component.version="1.82">1.82_sshlib Globalscape</example>
@@ -1802,7 +1805,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
+  <fingerprint pattern="^([\d.]{1,8}) sshlib: WinSSHD ([\w.-]*)$">
     <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
     <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
     <param pos="1" name="service.component.version"/>
@@ -1819,7 +1822,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
+  <fingerprint pattern="^([\d.]{1,8}) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
     <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
     <example service.version="5.20" service.component.version="1.07">1.07 FlowSsh: WinSSHD 5.20: free only for personal non-commercial use</example>
@@ -1838,7 +1841,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
+  <fingerprint pattern="^([\d.]{1,8}) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
     <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
     <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
     <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD) : free only for personal non-commercial use</example>
@@ -1855,8 +1858,9 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
+  <fingerprint pattern="^([\d.]{1,8}) sshlib: MOVEit DMZ SSH (.*)$">
     <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
+    <example service.component.version="1.29" service.version="3.0.5.0">1.29 sshlib: MOVEit DMZ SSH 3.0.5.0</example>
     <param pos="1" name="service.component.version"/>
     <param pos="2" name="service.version"/>
     <param pos="0" name="service.component.vendor" value="Bitvise"/>
@@ -1872,7 +1876,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
   </fingerprint>
-  <fingerprint pattern="^paramiko_([\d\.]+).*$">
+  <fingerprint pattern="^paramiko_([\d\.]+)">
     <description>Paramiko</description>
     <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
     <example service.version="2.1.4">paramiko_2.1.4</example>
@@ -1884,6 +1888,7 @@
   <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
     <description>Pragma SecureShell</description>
+    <example service.version="3.0">Pragma SecureShell 3.0</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="Pragma Systems"/>
     <param pos="0" name="service.family" value="FortressSSH Server"/>
@@ -1938,8 +1943,9 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
   </fingerprint>
-  <fingerprint pattern="^([\s]*)\s*VShell$">
+  <fingerprint pattern="^([\d.]{0,8})\s{1,8}VShell$">
     <description>VanDyke VShell</description>
+    <example service.version="1.0.2">1.0.2 VShell</example>
     <param pos="1" name="service.version"/>
     <param pos="0" name="service.vendor" value="VanDyke Software"/>
     <param pos="0" name="service.family" value="VShell"/>
@@ -1958,7 +1964,7 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:attachmate:reflection_for_secure_it:{service.version}"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
+  <fingerprint pattern="^(\S{0,256})\s{0,256}F-Secure SSH ">
     <description>Attachmate Reflection (formerly F-Secure SSH)</description>
     <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
     <param pos="1" name="service.version"/>
@@ -1967,7 +1973,7 @@
     <param pos="0" name="service.product" value="Reflection"/>
   </fingerprint>
-  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
+  <fingerprint pattern="^(\S{0,256})\s{0,256}SSH Tectia Server$">
     <description>SSH Communications Security Tectia Server - branded</description>
     <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
     <param pos="1" name="service.version"/>
@@ -1977,7 +1983,7 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
   </fingerprint>
-  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
+  <fingerprint pattern="^([0-9\.]{1,8}) SSH Secure Shell(?: \(non-commercial\))?$">
     <description>SSH Communications Security Tectia Server</description>
     <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
     <example service.version="4.0.3">4.0.3 SSH Secure Shell</example>
@@ -1989,7 +1995,7 @@
     <param pos="0" name="service.cpe23" value="cpe:/a:ssh:tectia_server:{service.version}"/>
   </fingerprint>
-  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
+  <fingerprint pattern="^([0-9\.]{1,8}) SSH Secure Shell Windows NT Server$">
     <description>Unknown Windows SSH server</description>
     <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
     <param pos="0" name="os.vendor" value="Microsoft"/>
@@ -2042,8 +2048,9 @@
     <param pos="0" name="os.product" value="NetVanta"/>
   </fingerprint>
-  <fingerprint pattern="^.*MultiNet.*$">
+  <fingerprint pattern="MultiNet">
     <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
+    <example>Process Software SSH 6.1.5.0 MultiNet</example>
     <param pos="0" name="service.vendor" value="Process Software"/>
     <param pos="0" name="service.family" value="MultiNet"/>
     <param pos="0" name="service.product" value="MultiNet"/>
@@ -2157,7 +2164,7 @@
     <param pos="0" name="os.certainty" value="0.75"/>
   </fingerprint>
-  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
+  <fingerprint pattern="^\S{1,16} SSH Secure Shell Tru64 UNIX$">
     <description>Digital/Compaq/HP Tru64 Unix</description>
     <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
     <param pos="0" name="os.vendor" value="HP"/>