recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/telnet_banners.xml
CHANGED
@@ -17,30 +17,45 @@
|
|
17
17
|
Ruby, Python, Java, and Golang.
|
18
18
|
-->
|
19
19
|
|
20
|
-
<fingerprint pattern="
|
20
|
+
<fingerprint pattern="(?i)\A(?:\r|\n)*login:\s*$">
|
21
21
|
<description>bare 'login:' -- assert nothing.</description>
|
22
22
|
<example>login:</example>
|
23
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
24
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
25
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
23
26
|
</fingerprint>
|
24
27
|
|
25
|
-
<fingerprint pattern="
|
28
|
+
<fingerprint pattern="(?i)\A(?:\r|\n)*User(?:name)?\s*:\s*$">
|
26
29
|
<description>bare 'Username:' -- assert nothing.</description>
|
27
30
|
<example>Username:</example>
|
28
31
|
<example>User:</example>
|
32
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
33
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
34
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
29
35
|
</fingerprint>
|
30
36
|
|
31
|
-
<fingerprint pattern="
|
37
|
+
<fingerprint pattern="(?i)\A(?:\r|\n)*Password:\s*$">
|
32
38
|
<description>bare 'Password:' -- assert nothing.</description>
|
33
39
|
<example>Password:</example>
|
40
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
41
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
42
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
34
43
|
</fingerprint>
|
35
44
|
|
36
|
-
<fingerprint pattern="
|
45
|
+
<fingerprint pattern="(?i)\A(?:\r|\n)*Account:\s*$">
|
37
46
|
<description>bare 'Account:' -- assert nothing.</description>
|
38
47
|
<example>Account:</example>
|
48
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
49
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
50
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
39
51
|
</fingerprint>
|
40
52
|
|
41
|
-
<fingerprint pattern="
|
53
|
+
<fingerprint pattern="(?i)\AConnection refused(?:\r|\n)*$">
|
42
54
|
<description>bare 'Connection refused' -- assert nothing.</description>
|
43
55
|
<example>Connection refused</example>
|
56
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
57
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
58
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
44
59
|
</fingerprint>
|
45
60
|
|
46
61
|
<!-- end of assert nothing block -->
|
@@ -424,7 +439,7 @@
|
|
424
439
|
<param pos="4" name="host.name"/>
|
425
440
|
</fingerprint>
|
426
441
|
|
427
|
-
<fingerprint pattern="
|
442
|
+
<fingerprint pattern="(?m)^TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
428
443
|
<description>ALCATEL Service Router running TiMOS</description>
|
429
444
|
<!-- TiMOS-C-12.0.R12 cpm/hops64 ALCATEL SR 7750 Copyright (c) 2000-2015 Alcatel-Lucent.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
430
445
|
|
@@ -446,7 +461,7 @@
|
|
446
461
|
|
447
462
|
<!-- Nokia purchased Alcatel Lucent, finalized in Nov 2016 -->
|
448
463
|
|
449
|
-
<fingerprint pattern="
|
464
|
+
<fingerprint pattern="(?m)^TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
450
465
|
<description>Nokia Service Router running TiMOS</description>
|
451
466
|
<!-- TiMOS-C-14.0.R5 cpm/hops64 Nokia 7750 SR Copyright (c) 2000-2016 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
452
467
|
|
@@ -473,7 +488,7 @@
|
|
473
488
|
<param pos="3" name="hw.product"/>
|
474
489
|
</fingerprint>
|
475
490
|
|
476
|
-
<fingerprint pattern="
|
491
|
+
<fingerprint pattern="(?m)^TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
477
492
|
<description>Nokia Service Access Switch running TiMOS</description>
|
478
493
|
<!-- TiMOS-B-8.0.R12 both/hops Nokia SAS-Mxp 22F2C 4SFP+ 7210 Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
479
494
|
|
@@ -540,7 +555,7 @@
|
|
540
555
|
<param pos="1" name="hw.product"/>
|
541
556
|
</fingerprint>
|
542
557
|
|
543
|
-
<fingerprint pattern="^(?:\r|\n|\s)
|
558
|
+
<fingerprint pattern="^(?:\r|\n|\s){0,256}Grandstream (GXV[\w-]+)\s+(?:V\d\.\d\w?\s+)?Shell Command.Copyight \d\d\d\d-\d\d\d\d(?:\r|\n)+Username:\s*$">
|
544
559
|
<description>Grandstream IP Cameras</description>
|
545
560
|
<!-- Grandstream GXV3674_FHD_VF Shell Command.Copyight 2011-2014\r\nUsername: -->
|
546
561
|
|
@@ -578,7 +593,7 @@
|
|
578
593
|
<description>Polycom Video Conferencing - VSX Family</description>
|
579
594
|
<!-- Hi, my name is : Something Pity\r\nHere is what I know about myself:\r\nModel: VSX 6000A\r\nSerial Number: 00070906FC34F6\r\nSoftware Version: Release 9.0.6.2-103 - 04Sep2011 21:27\r\nBuild Information: ecomman -->
|
580
595
|
|
581
|
-
<example _encoding="base64" hw.product="6000A"
|
596
|
+
<example _encoding="base64" hw.product="6000A" hw.serial_number="00070906FC34F6" os.version="9.0.6.2-103">
|
582
597
|
SGksIG15IG5hbWUgaXMgOiAgICAgU29tZXRoaW5nIFBpdHkNCkhlcmUgaXMgd2hhdCBJIGtub
|
583
598
|
3cgYWJvdXQgbXlzZWxmOg0KTW9kZWw6ICAgICAgICAgICAgICAgVlNYIDYwMDBBDQpTZXJpYW
|
584
599
|
wgTnVtYmVyOiAgICAgICAwMDA3MDkwNkZDMzRGNg0KU29mdHdhcmUgVmVyc2lvbjogICAgUmV
|
@@ -589,7 +604,7 @@
|
|
589
604
|
<param pos="0" name="hw.family" value="VSX"/>
|
590
605
|
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
591
606
|
<param pos="1" name="hw.product"/>
|
592
|
-
<param pos="2" name="
|
607
|
+
<param pos="2" name="hw.serial_number"/>
|
593
608
|
<param pos="3" name="os.version"/>
|
594
609
|
</fingerprint>
|
595
610
|
|
@@ -640,7 +655,7 @@
|
|
640
655
|
<param pos="1" name="host.name"/>
|
641
656
|
</fingerprint>
|
642
657
|
|
643
|
-
<fingerprint pattern="^(?:\r|\n)*HP JetDirect(?:\r|\n)
|
658
|
+
<fingerprint pattern="^(?:\r|\n)*HP JetDirect(?:\r|\n)+">
|
644
659
|
<description>HP Printer - Jet Direct</description>
|
645
660
|
<!-- HP JetDirect\r\nPassword is not set\r\n\r\nPlease type "menu" for the MENU system, \r\nor "?" for help, or "/" for current settings.\r\n> -->
|
646
661
|
|
@@ -721,13 +736,13 @@
|
|
721
736
|
<param pos="0" name="hw.device" value="Router"/>
|
722
737
|
</fingerprint>
|
723
738
|
|
724
|
-
<fingerprint pattern="
|
739
|
+
<fingerprint pattern="(?m)^(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply" flags="REG_MULTILINE">
|
725
740
|
<description>Cisco Catalyst 1900</description>
|
726
741
|
<!-- Catalyst 1900, unlike other Catalyst models, didn't run CatOS or IOS -->
|
727
742
|
|
728
743
|
<!-- Catalyst 1900 Management Console\r\nCopyright (c) Cisco Systems, Inc. 1993-1998\r\nAll rights reserved.\r\nEnterprise Edition Software\r\nEthernet Address: 00-AA-19-38-AA-00\r\n\r\nPCA Number: 73-31AA-AA\r\nPCA Serial Number: FAB033AAAAA\r\nModel Number: WS-C1924-EN\r\nSystem Serial Number: FAB0341AAAA\r\nPower Supply S/N: -->
|
729
744
|
|
730
|
-
<example _encoding="base64" host.mac="00-AA-19-38-AA-00" hw.model="WS-C1924-EN"
|
745
|
+
<example _encoding="base64" host.mac="00-AA-19-38-AA-00" hw.model="WS-C1924-EN" hw.serial_number="FAB0341AAAA">
|
731
746
|
Q2F0YWx5c3QgMTkwMCBNYW5hZ2VtZW50IENvbnNvbGUNCkNvcHlyaWdodCAoYykgQ2lzY28gU
|
732
747
|
3lzdGVtcywgSW5jLiAgMTk5My0xOTk4DQpBbGwgcmlnaHRzIHJlc2VydmVkLg0KRW50ZXJwcm
|
733
748
|
lzZSBFZGl0aW9uIFNvZnR3YXJlDQpFdGhlcm5ldCBBZGRyZXNzOiAgICAgIDAwLUFBLTE5LTM
|
@@ -744,7 +759,7 @@
|
|
744
759
|
<param pos="0" name="hw.device" value="Switch"/>
|
745
760
|
<param pos="1" name="host.mac"/>
|
746
761
|
<param pos="2" name="hw.model"/>
|
747
|
-
<param pos="3" name="
|
762
|
+
<param pos="3" name="hw.serial_number"/>
|
748
763
|
</fingerprint>
|
749
764
|
|
750
765
|
<fingerprint pattern="^192.0.0.64 login:\s*$">
|
@@ -855,7 +870,7 @@
|
|
855
870
|
<param pos="1" name="hw.product"/>
|
856
871
|
</fingerprint>
|
857
872
|
|
858
|
-
<fingerprint pattern="
|
873
|
+
<fingerprint pattern="(?m)^(BCM\d+) Broadband Router\r\n.*Please input the verification code:$" flags="REG_MULTILINE">
|
859
874
|
<description>OEM'd Broadcom Router - input validation code</description>
|
860
875
|
<!-- BCM96318 Broadband Router\r\n====================================================\r\n * * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * * * * \r\n====================================================\r\nPlease input the verification code: -->
|
861
876
|
|
@@ -919,7 +934,7 @@
|
|
919
934
|
<description>Moxa NPort Device Server - IA Series</description>
|
920
935
|
<!-- Model name : NPort IA-5250\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 281\r\u0000\nFirmware version : 1.6 Build 17060616\r\u0000\nSystem uptime : 31 days, 06h:03m:45s\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
921
936
|
|
922
|
-
<example _encoding="base64" hw.product="IA-5250" host.mac="00:90:E8:AA:AA:AA"
|
937
|
+
<example _encoding="base64" hw.product="IA-5250" host.mac="00:90:E8:AA:AA:AA" hw.serial_number="281" os.version="1.6" os.version.version="17060616">
|
923
938
|
TW9kZWwgbmFtZSAgICAgICA6IE5Qb3J0IElBLTUyNTANAApNQUMgYWRkcmVzcyAgICAgIDogM
|
924
939
|
DA6OTA6RTg6QUE6QUE6QUENAApTZXJpYWwgTm8uICAgICAgIDogMjgxDQAKRmlybXdhcmUgdm
|
925
940
|
Vyc2lvbiA6IDEuNiBCdWlsZCAxNzA2MDYxNg0AClN5c3RlbSB1cHRpbWUgICAgOiAzMSBkYXl
|
@@ -930,7 +945,7 @@
|
|
930
945
|
<param pos="0" name="hw.device" value="Device Server"/>
|
931
946
|
<param pos="1" name="hw.product"/>
|
932
947
|
<param pos="2" name="host.mac"/>
|
933
|
-
<param pos="3" name="
|
948
|
+
<param pos="3" name="hw.serial_number"/>
|
934
949
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
935
950
|
<param pos="4" name="os.version"/>
|
936
951
|
<param pos="5" name="os.version.version"/>
|
@@ -942,7 +957,7 @@
|
|
942
957
|
|
943
958
|
<!-- Model name : NPort 5610-8-DT\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9522\r\u0000\nFirmware version : 2.2 Build 11090613\r\u0000\nSystem uptime : 8 days, 02h:11m:44s\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
944
959
|
|
945
|
-
<example _encoding="base64" hw.product="5610-8-DT" host.mac="00:90:E8:AA:AA:AA"
|
960
|
+
<example _encoding="base64" hw.product="5610-8-DT" host.mac="00:90:E8:AA:AA:AA" hw.serial_number="9522" os.version="2.2" os.version.version="11090613">
|
946
961
|
TW9kZWwgbmFtZSAgICAgICA6IE5Qb3J0IDU2MTAtOC1EVA0ACk1BQyBhZGRyZXNzICAgICAgO
|
947
962
|
iAwMDo5MDpFODpBQTpBQTpBQQ0AClNlcmlhbCBOby4gICAgICAgOiA5NTIyDQAKRmlybXdhcm
|
948
963
|
UgdmVyc2lvbiA6IDIuMiBCdWlsZCAxMTA5MDYxMw0AClN5c3RlbSB1cHRpbWUgICAgOiA4IGR
|
@@ -953,7 +968,7 @@
|
|
953
968
|
<param pos="0" name="hw.device" value="Device Server"/>
|
954
969
|
<param pos="1" name="hw.product"/>
|
955
970
|
<param pos="2" name="host.mac"/>
|
956
|
-
<param pos="3" name="
|
971
|
+
<param pos="3" name="hw.serial_number"/>
|
957
972
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
958
973
|
<param pos="4" name="os.version"/>
|
959
974
|
<param pos="5" name="os.version.version"/>
|
@@ -976,7 +991,7 @@
|
|
976
991
|
<description>Moxa MGate Modbus Gateway</description>
|
977
992
|
<!-- Model name : MGate MB3180\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No. : 9474\r\u0000\nFirmware version : 1.2 Build 09101913\r\u0000\nSystem uptime : 15 days, 16h:37m:48s\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
978
993
|
|
979
|
-
<example _encoding="base64" hw.product="MB3180" host.mac="00:90:E8:AA:AA:AA"
|
994
|
+
<example _encoding="base64" hw.product="MB3180" host.mac="00:90:E8:AA:AA:AA" hw.serial_number="9474" os.version="1.2" os.version.version="09101913">
|
980
995
|
TW9kZWwgbmFtZSAgICAgICA6IE1HYXRlIE1CMzE4MA0ACk1BQyBhZGRyZXNzICAgICAgOiAwM
|
981
996
|
Do5MDpFODpBQTpBQTpBQQ0AClNlcmlhbCBOby4gICAgICAgOiA5NDc0DQAKRmlybXdhcmUgdm
|
982
997
|
Vyc2lvbiA6IDEuMiBCdWlsZCAwOTEwMTkxMw0AClN5c3RlbSB1cHRpbWUgICAgOiAxNSBkYXl
|
@@ -987,7 +1002,7 @@
|
|
987
1002
|
<param pos="0" name="hw.device" value="Industrial Control"/>
|
988
1003
|
<param pos="1" name="hw.product"/>
|
989
1004
|
<param pos="2" name="host.mac"/>
|
990
|
-
<param pos="3" name="
|
1005
|
+
<param pos="3" name="hw.serial_number"/>
|
991
1006
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
992
1007
|
<param pos="4" name="os.version"/>
|
993
1008
|
<param pos="5" name="os.version.version"/>
|
@@ -997,14 +1012,14 @@
|
|
997
1012
|
<description>Moxa NE Series Embedded device server</description>
|
998
1013
|
<!-- Model name : NE-4110S\r\u0000\nMAC address : 00:90:E8:AA:AA:AA\r\u0000\nSerial No : 3616\r\u0000\nFirmware version : 4.1 Build 07061517\r\u0000\n\r\u0000\nPlease keyin your password: -->
|
999
1014
|
|
1000
|
-
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA"
|
1015
|
+
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" hw.serial_number="3616" os.version="4.1" os.version.version="07061517">
|
1001
1016
|
TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQAKTUFDIGFkZHJlc3MgICAgICA6IDAwOjkwO
|
1002
1017
|
kU4OkFBOkFBOkFBDQAKU2VyaWFsIE5vICAgICAgICA6IDM2MTYNAApGaXJtd2FyZSB2ZXJzaW
|
1003
1018
|
9uIDogNC4xIEJ1aWxkIDA3MDYxNTE3DQAKDQAKUGxlYXNlIGtleWluIHlvdXIgcGFzc3dvcmQ6
|
1004
1019
|
</example>
|
1005
1020
|
<!-- Model name : NE-4110S\r\nMAC address : 00:90:E8:AA:AA:AA\r\nSerial No : 000\r\nFirmware version : 1.5.2\r\n\r\nPlease keyin your password: -->
|
1006
1021
|
|
1007
|
-
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA"
|
1022
|
+
<example _encoding="base64" hw.product="NE-4110S" host.mac="00:90:E8:AA:AA:AA" hw.serial_number="000" os.version="1.5.2">
|
1008
1023
|
TW9kZWwgbmFtZSAgICAgICA6IE5FLTQxMTBTDQpNQUMgYWRkcmVzcyAgICAgIDogMDA6OTA6RTg6QUE6QUE6QUENClNlcmlhbCBObyAgICAgICAgOiAwMDANCkZpcm13YXJlIHZlcnNpb24gOiAxLjUuMg0KDQpQbGVhc2Uga2V5aW4geW91ciBwYXNzd29yZDoK
|
1009
1024
|
</example>
|
1010
1025
|
<param pos="0" name="hw.vendor" value="Moxa"/>
|
@@ -1012,7 +1027,7 @@
|
|
1012
1027
|
<param pos="0" name="hw.device" value="Device Server"/>
|
1013
1028
|
<param pos="1" name="hw.product"/>
|
1014
1029
|
<param pos="2" name="host.mac"/>
|
1015
|
-
<param pos="3" name="
|
1030
|
+
<param pos="3" name="hw.serial_number"/>
|
1016
1031
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
1017
1032
|
<param pos="4" name="os.version"/>
|
1018
1033
|
<param pos="5" name="os.version.version"/>
|
@@ -1022,7 +1037,7 @@
|
|
1022
1037
|
<description>Moxa MiiNePort Series Embedded device server</description>
|
1023
1038
|
<!-- Model name : MiiNePort E2\r\nSerial No. : 9999\r\nDevice name : MiiNePort_E2_4064\r\nFirmware version : 1.3.36 Build 15031615\r\nEthernet MAC address: 00:90:E8:5A:92:FF\r\n\r\nPlease keyin your password: -->
|
1024
1039
|
|
1025
|
-
<example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF"
|
1040
|
+
<example _encoding="base64" hw.product="MiiNePort E2" host.mac="00:90:E8:5A:92:FF" hw.serial_number="9999" os.version="1.3.36" os.version.version="15031615">
|
1026
1041
|
TW9kZWwgbmFtZSAgICAgICAgICA6IE1paU5lUG9ydCBFMg0KU2VyaWFsIE5vLiAgICAgICAgI
|
1027
1042
|
CA6IDk5OTkNCkRldmljZSBuYW1lICAgICAgICAgOiBNaWlOZVBvcnRfRTJfNDA2NA0KRmlybX
|
1028
1043
|
dhcmUgdmVyc2lvbiAgICA6IDEuMy4zNiBCdWlsZCAxNTAzMTYxNQ0KRXRoZXJuZXQgTUFDIGF
|
@@ -1033,7 +1048,7 @@
|
|
1033
1048
|
<param pos="0" name="hw.family" value="MiiNePort"/>
|
1034
1049
|
<param pos="0" name="hw.device" value="Device Server"/>
|
1035
1050
|
<param pos="1" name="hw.product"/>
|
1036
|
-
<param pos="2" name="
|
1051
|
+
<param pos="2" name="hw.serial_number"/>
|
1037
1052
|
<param pos="0" name="os.vendor" value="Moxa"/>
|
1038
1053
|
<param pos="3" name="os.version"/>
|
1039
1054
|
<param pos="4" name="os.version.version"/>
|
@@ -1071,7 +1086,7 @@
|
|
1071
1086
|
<param pos="0" name="os.product" value="EDR G902 Firmware"/>
|
1072
1087
|
</fingerprint>
|
1073
1088
|
|
1074
|
-
<fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s
|
1089
|
+
<fingerprint pattern="^Red Hat Linux release ([^\\s]+)\\s*">
|
1075
1090
|
<description>RedHat general purpose linux</description>
|
1076
1091
|
<!-- Red Hat Linux release 9 (Shrike)\nKernel 2.4.20-8 on an i686\nlogin: -->
|
1077
1092
|
|
@@ -1084,7 +1099,7 @@
|
|
1084
1099
|
<param pos="1" name="os.version"/>
|
1085
1100
|
</fingerprint>
|
1086
1101
|
|
1087
|
-
<fingerprint pattern="
|
1102
|
+
<fingerprint pattern="(?m)^Red Hat Enterprise Linux ES release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
1088
1103
|
<description>RedHat Enterprise Linux ES</description>
|
1089
1104
|
<!-- Red Hat Enterprise Linux ES release 3 (Taroon Update 9\nKernel 2.4.21-47.EL on an x86_64\nlogin: -->
|
1090
1105
|
|
@@ -1101,7 +1116,7 @@
|
|
1101
1116
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
1102
1117
|
</fingerprint>
|
1103
1118
|
|
1104
|
-
<fingerprint pattern="
|
1119
|
+
<fingerprint pattern="(?m)^Red Hat Enterprise Linux AS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
1105
1120
|
<description>RedHat Enterprise Linux AS</description>
|
1106
1121
|
<!-- Red Hat Enterprise Linux AS release 5.8 (Tikanga)\nKernel 2.6.18-308.11.1.el5 on an x86_64\nlogin: -->
|
1107
1122
|
|
@@ -1117,7 +1132,7 @@
|
|
1117
1132
|
<param pos="3" name="os.arch"/>
|
1118
1133
|
</fingerprint>
|
1119
1134
|
|
1120
|
-
<fingerprint pattern="
|
1135
|
+
<fingerprint pattern="(?m)^Red Hat Enterprise Linux WS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*)" flags="REG_MULTILINE">
|
1121
1136
|
<description>RedHat Enterprise Linux WS</description>
|
1122
1137
|
<!--Red Hat Enterprise Linux WS release 2.1 (Tampa) \nKernel 2.4.9-e.40smp on an i686 \nlogin: -->
|
1123
1138
|
|
@@ -1133,7 +1148,7 @@
|
|
1133
1148
|
<param pos="3" name="os.arch"/>
|
1134
1149
|
</fingerprint>
|
1135
1150
|
|
1136
|
-
<fingerprint pattern="
|
1151
|
+
<fingerprint pattern="(?m)^Fedora Core.release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
1137
1152
|
<description>Fedora Core Release</description>
|
1138
1153
|
<!-- Fedora Core release 1 (Yarrow)\nKernel 2.4.20-13.9ensim-3.5.0-13 on an i686\nlogin:-->
|
1139
1154
|
|
@@ -1149,7 +1164,7 @@
|
|
1149
1164
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:fedora:{os.version}"/>
|
1150
1165
|
</fingerprint>
|
1151
1166
|
|
1152
|
-
<fingerprint pattern="
|
1167
|
+
<fingerprint pattern="(?m)^Welcome to SuSE Linux (.*) \(([^\)]+)\) - Kernel (.*) ">
|
1153
1168
|
<description>SuSE Linux</description>
|
1154
1169
|
<!-- Welcome to SuSE Linux 7.0 (i386) - Kernel 2.2.16-RAID (0). 2VG029037\n\nlogin: -->
|
1155
1170
|
|
@@ -1165,7 +1180,7 @@
|
|
1165
1180
|
<param pos="3" name="linux.kernel.version"/>
|
1166
1181
|
</fingerprint>
|
1167
1182
|
|
1168
|
-
<fingerprint pattern="^Turbolinux ApplianceServer (\d+\.\d+)
|
1183
|
+
<fingerprint pattern="^Turbolinux ApplianceServer (\d+\.\d+)">
|
1169
1184
|
<description>Turbolinux ApplianceServer</description>
|
1170
1185
|
<!--Turbolinux ApplianceServer 4.0 (Atlas2) Linux 2.6.32-431.23.3.el6.x86_64 on a x86_64\n(senyo191x89.digitalink.ne.jp) TTY: 12:15 on Tuesday, 02 October 2018 login: -->
|
1171
1186
|
|
@@ -1180,7 +1195,7 @@
|
|
1180
1195
|
<param pos="1" name="os.version"/>
|
1181
1196
|
</fingerprint>
|
1182
1197
|
|
1183
|
-
<fingerprint pattern="^UnixWare ([^ ]+)
|
1198
|
+
<fingerprint pattern="^UnixWare ([^ ]+)">
|
1184
1199
|
<description>UnixWare</description>
|
1185
1200
|
<!-- UnixWare 2.1.3 (profil) (pts/3)\n\n\nlogin: -->
|
1186
1201
|
|
@@ -1194,7 +1209,7 @@
|
|
1194
1209
|
<param pos="1" name="os.version"/>
|
1195
1210
|
</fingerprint>
|
1196
1211
|
|
1197
|
-
<fingerprint pattern="^Telnet Server Build (5
|
1212
|
+
<fingerprint pattern="(?m)^Telnet Server Build (5\.[.\d]+)">
|
1198
1213
|
<description>Windows 2000</description>
|
1199
1214
|
<!--Microsoft (R) Windows NT (TM) Version 4.00 (Build 1381)\nWelcome to Microsoft Telnet Service \nTelnet Server Build 5.00.99034.1\nlogin: -->
|
1200
1215
|
|
@@ -1222,11 +1237,11 @@
|
|
1222
1237
|
<param pos="0" name="os.product" value="Brother Printer"/>
|
1223
1238
|
</fingerprint>
|
1224
1239
|
|
1225
|
-
<fingerprint pattern="
|
1240
|
+
<fingerprint pattern="^\s{0,256}(\S{1,64}) Copyright by ARESCOM">
|
1226
1241
|
<description>Arescom System</description>
|
1227
1242
|
<!--NDS1260HE-TLI Copyright by ARESCOM 2002\n\n\nPassword: -->
|
1228
1243
|
|
1229
|
-
<example _encoding="base64" os.model="NDS1260HE-TLI">
|
1244
|
+
<example _encoding="base64" os.model="NDS1260HE-TLI" hw.model="NDS1260HE-TLI">
|
1230
1245
|
TkRTMTI2MEhFLVRMSSBDb3B5cmlnaHQgYnkgQVJFU0NPTSAyMDAyCgoKClBhc3N3b3JkOgo=
|
1231
1246
|
</example>
|
1232
1247
|
<param pos="0" name="os.vendor" value="Arescom"/>
|
@@ -1281,7 +1296,7 @@
|
|
1281
1296
|
<param pos="0" name="os.family" value="VxWorks"/>
|
1282
1297
|
</fingerprint>
|
1283
1298
|
|
1284
|
-
<fingerprint pattern="
|
1299
|
+
<fingerprint pattern="Nortel.*Passport ([^ ]*) .*Software Release ([^ ]*)">
|
1285
1300
|
<description>Nortel Passport</description>
|
1286
1301
|
<!-- *********************************************\n\n\n* Copyright (c) 2003 Nortel Networks, Inc. *\n\n\n* All Rights Reserved *\n\n\n* Passport 8010 *\n\n\n* Software Release 3.5.0.0 *\n\n\n*********************************************\n\n\n\n\nLogin: -->
|
1287
1302
|
|
@@ -1372,7 +1387,7 @@
|
|
1372
1387
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
1373
1388
|
</fingerprint>
|
1374
1389
|
|
1375
|
-
<fingerprint pattern="Cobalt Linux release\W(.*)\W\(
|
1390
|
+
<fingerprint pattern="Cobalt Linux release\W(.*)\W\(">
|
1376
1391
|
<description>Cobalt Linux</description>
|
1377
1392
|
<!-- Cobalt Linux release 6.0 (Shinkansen)\nKernel 2.2.16C37_III on an i586\nlogin: -->
|
1378
1393
|
|
@@ -1441,7 +1456,7 @@
|
|
1441
1456
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
1442
1457
|
</fingerprint>
|
1443
1458
|
|
1444
|
-
<fingerprint pattern="^Digital UNIX \(([^)]+)
|
1459
|
+
<fingerprint pattern="^Digital UNIX \(([^)]+)">
|
1445
1460
|
<description>Digital Unix</description>
|
1446
1461
|
<!-- Digital UNIX (journal) (ttyp2)\n\n\nlogin: -->
|
1447
1462
|
|
@@ -1454,7 +1469,7 @@
|
|
1454
1469
|
<param pos="1" name="host.name"/>
|
1455
1470
|
</fingerprint>
|
1456
1471
|
|
1457
|
-
<fingerprint pattern="
|
1472
|
+
<fingerprint pattern="(?m)^Compaq Tru64 UNIX V(.*) \(Rev. (.*\d)\) ">
|
1458
1473
|
<description>Compaq Tru64 UNIX V</description>
|
1459
1474
|
<!-- Compaq Tru64 UNIX V5.1B (Rev. 2650) (docalpha) (pts/11)\n\n\n\n\nlogin: -->
|
1460
1475
|
|
@@ -1469,7 +1484,7 @@
|
|
1469
1484
|
<param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:{os.version}"/>
|
1470
1485
|
</fingerprint>
|
1471
1486
|
|
1472
|
-
<fingerprint pattern="HP-UX ([^ ]+) [A-Z]\.([^ ]+) ([^ ]+) ([^ ]+)\s([^ ]+\))
|
1487
|
+
<fingerprint pattern="HP-UX ([^ ]+) [A-Z]\.([^ ]+) ([^ ]+) ([^ ]+)\s([^ ]+\))">
|
1473
1488
|
<description>System HP-UX</description>
|
1474
1489
|
<!-- HP-UX ctout B.11.11 U 9000/800 (tc)\nlogin: -->
|
1475
1490
|
|
@@ -1503,7 +1518,7 @@
|
|
1503
1518
|
<param pos="0" name="hw.device" value="NAS"/>
|
1504
1519
|
</fingerprint>
|
1505
1520
|
|
1506
|
-
<fingerprint pattern="OpenVMS.*Version\sV([^\s]+)
|
1521
|
+
<fingerprint pattern="OpenVMS.*Version\sV([^\s]+)">
|
1507
1522
|
<description>OpenVMS</description>
|
1508
1523
|
<!-- Welcome to OpenVMS (TM) Alpha Operating System, Version V8.4 - NOT70\n\nUsername: -->
|
1509
1524
|
|
@@ -1517,7 +1532,7 @@
|
|
1517
1532
|
<param pos="1" name="os.version"/>
|
1518
1533
|
</fingerprint>
|
1519
1534
|
|
1520
|
-
<fingerprint pattern="
|
1535
|
+
<fingerprint pattern="(?m)^SCO OpenServer\(TM\) Release ([^ ]+)">
|
1521
1536
|
<description>SCO OpenServer</description>
|
1522
1537
|
<!-- SCO OpenServer(TM) Release 5 (bomdia.co.za) (ttyp6)\nlogin: -->
|
1523
1538
|
|
@@ -1599,7 +1614,7 @@
|
|
1599
1614
|
<param pos="0" name="hw.product" value="Vigor"/>
|
1600
1615
|
</fingerprint>
|
1601
1616
|
|
1602
|
-
<fingerprint pattern="
|
1617
|
+
<fingerprint pattern="Version\s(\d*.\d*)\/OpenBSD">
|
1603
1618
|
<description>OpenBSD</description>
|
1604
1619
|
<!-- 220 killer09 FTP server (Version 6.4/OpenBSD/Linux-ftpd-0.17) ready. -->
|
1605
1620
|
|
@@ -1688,7 +1703,7 @@
|
|
1688
1703
|
<param pos="3" name="os.version"/>
|
1689
1704
|
</fingerprint>
|
1690
1705
|
|
1691
|
-
<fingerprint pattern="^HP ([^\s]+) ProCurve Switch">
|
1706
|
+
<fingerprint pattern="(?m)^HP ([^\s]+) ProCurve Switch">
|
1692
1707
|
<description>HP ProCurve Switch</description>
|
1693
1708
|
<!-- ==============================================================================\nHP J4121A ProCurve Switch 4000M\n
|
1694
1709
|
Firmware revision v2.2.3\n\nCopyright (C) 1991-2004 Hewlett-Packard Co. All Rights Reserved.\n\n
|
@@ -1723,7 +1738,7 @@
|
|
1723
1738
|
<param pos="1" name="os.product"/>
|
1724
1739
|
</fingerprint>
|
1725
1740
|
|
1726
|
-
<fingerprint pattern="
|
1741
|
+
<fingerprint pattern="(?m)^.*ConnectUPS">
|
1727
1742
|
<description>PowerWare ConnectUPS</description>
|
1728
1743
|
<!-- +============================================================================+\n| [ ConnectUPS Web/SNMP
|
1729
1744
|
Card Configuration Utility ] |\n+============================================================================+\n
|
@@ -1800,13 +1815,13 @@
|
|
1800
1815
|
<param pos="2" name="os.version"/>
|
1801
1816
|
</fingerprint>
|
1802
1817
|
|
1803
|
-
<fingerprint pattern="
|
1818
|
+
<fingerprint pattern="(?m)^.*Welcome to MELCO Print Server.*Server Name *: *([^ ]*)\W.*Server Model *: *([^ ]*).*F \/ W Version *: *([^ ]*).*MAC Address *: *(.. .. .. .. .. ..)">
|
1804
1819
|
<description>System is a Buffalo/MELCO Embedded Print Server</description>
|
1805
1820
|
<!-- ***********************************\n* Welcome to MELCO Print Server *\n* Telnet Console *\n***********************************
|
1806
1821
|
\n \nServer Name: PS-B04E8E\nServer Model: LPV 2 - TX 1\nF / W Version: 2.00 J \nMAC Address: AE 32 EA 21 BB E3\n
|
1807
1822
|
Uptime: 0 days, 00: 00: 12\n \nPlease Enter Password:"-->
|
1808
1823
|
|
1809
|
-
<example _encoding="base64" os.version="2.00" host.
|
1824
|
+
<example _encoding="base64" os.version="2.00" host.name="PS-B04E8E" hw.model="LPV" host.mac="AE 32 EA 21 BB E3">
|
1810
1825
|
KioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKipcbiogV2VsY29tZSB0byBNRUxDTyBQc
|
1811
1826
|
mludCBTZXJ2ZXIgKlxuKiBUZWxuZXQgQ29uc29sZSAqXG4qKioqKioqKioqKioqKioqKioqKioqKi
|
1812
1827
|
oqKioqKioqKioqKlxuIFxuU2VydmVyIE5hbWU6IFBTLUIwNEU4RVxuU2VydmVyIE1vZGVsOiBMUFY
|
@@ -1817,7 +1832,7 @@
|
|
1817
1832
|
<param pos="0" name="os.vendor" value="Buffalo"/>
|
1818
1833
|
<param pos="0" name="os.family" value="PrintServer"/>
|
1819
1834
|
<param pos="0" name="os.device" value="Print Server"/>
|
1820
|
-
<param pos="1" name="host.
|
1835
|
+
<param pos="1" name="host.name"/>
|
1821
1836
|
<param pos="0" name="hw.vendor" value="Buffalo"/>
|
1822
1837
|
<param pos="0" name="hw.device" value="Print Server"/>
|
1823
1838
|
<param pos="2" name="hw.model"/>
|
@@ -1825,7 +1840,7 @@
|
|
1825
1840
|
<param pos="4" name="host.mac"/>
|
1826
1841
|
</fingerprint>
|
1827
1842
|
|
1828
|
-
<fingerprint pattern="
|
1843
|
+
<fingerprint pattern="(?m)^AIX Version\W(\d)">
|
1829
1844
|
<description>System is IBM AIX v</description>
|
1830
1845
|
<!-- AIX Version 6\nCopyright IBM Corporation, 1982, 2007.\nlogin: -->
|
1831
1846
|
|
@@ -1839,7 +1854,7 @@
|
|
1839
1854
|
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:aix:{os.version}"/>
|
1840
1855
|
</fingerprint>
|
1841
1856
|
|
1842
|
-
<fingerprint pattern="
|
1857
|
+
<fingerprint pattern="(?m)^CIMC Debug Firmware Utility Shell\W([^\s]+)">
|
1843
1858
|
<description>System is Cisco UCS Device</description>
|
1844
1859
|
<!-- CIMC Debug Firmware Utility Shell\nfake-ucs-device-3-1-p login: -->
|
1845
1860
|
|
@@ -1853,7 +1868,7 @@
|
|
1853
1868
|
<param pos="1" name="host.name"/>
|
1854
1869
|
</fingerprint>
|
1855
1870
|
|
1856
|
-
<fingerprint pattern="
|
1871
|
+
<fingerprint pattern="(?m)^HP ProLiant.*v(\d+.\d+)">
|
1857
1872
|
<description>Sytem is HP ProLiant server</description>
|
1858
1873
|
<!-- HP ProLiant BL e-Class Integrated Administrator v2.00
|
1859
1874
|
Copyright 2005 Hewlett-Packard Development Group, L.P.
|
@@ -1880,7 +1895,7 @@
|
|
1880
1895
|
<param pos="1" name="os.version"/>
|
1881
1896
|
</fingerprint>
|
1882
1897
|
|
1883
|
-
<fingerprint pattern="^Power Measurement Ltd. Meter ION ([
|
1898
|
+
<fingerprint pattern="^Power Measurement Ltd. Meter ION ([a-zA-Z0-9]+)">
|
1884
1899
|
<!-- Power Measurement Ltd. Meter ION 7330V271 ETH ETH7330V272
|
1885
1900
|
Serial#: PB-0204A058-11
|
1886
1901
|
login: -->
|
@@ -1895,7 +1910,7 @@
|
|
1895
1910
|
<param pos="1" name="hw.version"/>
|
1896
1911
|
</fingerprint>
|
1897
1912
|
|
1898
|
-
<fingerprint pattern="^GW25 v([
|
1913
|
+
<fingerprint pattern="^GW25 v([\d.]+) - Intelligent Power Meters GPRS Gateway\s+Developed by Satelitech">
|
1899
1914
|
<!-- GW25 v1.2.1 - Intelligent Power Meters GPRS Gateway
|
1900
1915
|
Developed by Satelitech S.A for ESG Dilec
|
1901
1916
|
Enter password: -->
|
@@ -2076,7 +2091,7 @@
|
|
2076
2091
|
<param pos="0" name="service.component.cpe23" value="cpe:/a:sap:netweaver_application_server:-"/>
|
2077
2092
|
</fingerprint>
|
2078
2093
|
|
2079
|
-
<fingerprint pattern="^(?:\r|\n|\s)
|
2094
|
+
<fingerprint pattern="^(?:\r|\n|\s){0,256}UDP/TCP/IP Stack: ACT Video security">
|
2080
2095
|
<description>ACT Security IP Cameras</description>
|
2081
2096
|
<!--
|
2082
2097
|
UDP/TCP/IP Stack: ACT Video security\r\n
|
@@ -2095,4 +2110,188 @@
|
|
2095
2110
|
<param pos="0" name="hw.device" value="IP Camera"/>
|
2096
2111
|
</fingerprint>
|
2097
2112
|
|
2113
|
+
<fingerprint pattern="Novus Telnet Interface \(v(\S+)\)">
|
2114
|
+
<description>Alpha Technologies Novus UPS</description>
|
2115
|
+
<example hw.version="2.00.01">Novus Telnet Interface (v2.00.01)</example>
|
2116
|
+
<param pos="0" name="hw.vendor" value="Alpha Technologies"/>
|
2117
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
2118
|
+
<param pos="0" name="hw.product" value="Novus UPS"/>
|
2119
|
+
<param pos="1" name="hw.version"/>
|
2120
|
+
</fingerprint>
|
2121
|
+
|
2122
|
+
<fingerprint pattern="New Telnet Console Client Attached">
|
2123
|
+
<description>Psion Teklogix</description>
|
2124
|
+
<example>New Telnet Console Client Attached.</example>
|
2125
|
+
<param pos="0" name="hw.vendor" value="Psion Teklogix"/>
|
2126
|
+
<param pos="0" name="hw.device" value="Network Appliance"/>
|
2127
|
+
<param pos="0" name="hw.product" value="CommServer"/>
|
2128
|
+
</fingerprint>
|
2129
|
+
|
2130
|
+
<fingerprint pattern="UPS SYSTEMS SNMP/Web agent Configuration menu">
|
2131
|
+
<description>APC UPS Network Card</description>
|
2132
|
+
<example>UPS SYSTEMS SNMP/Web agent Configuration menu</example>
|
2133
|
+
<param pos="0" name="hw.vendor" value="APC"/>
|
2134
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
2135
|
+
<param pos="0" name="hw.product" value="UPS"/>
|
2136
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
2137
|
+
</fingerprint>
|
2138
|
+
|
2139
|
+
<fingerprint pattern="(?i)Welcome to (\S+Dome [^\)]+) \d+\.\d+.\d+\.\d+ from">
|
2140
|
+
<description>Bosch Dome IP Cameras</description>
|
2141
|
+
<example hw.product="AutoDome 800 HD">Welcome to AutoDome 800 HD 1.2.3.4 from 5.6.7.8</example>
|
2142
|
+
<example hw.product="FLEXIDOME NDC-455-P">Welcome to FLEXIDOME NDC-455-P 1.2.3.4 from 5.6.7.8</example>
|
2143
|
+
<param pos="0" name="hw.vendor" value="Bosch"/>
|
2144
|
+
<param pos="0" name="hw.device" value="Web Cam"/>
|
2145
|
+
<param pos="1" name="hw.product"/>
|
2146
|
+
</fingerprint>
|
2147
|
+
|
2148
|
+
<fingerprint pattern="(?:RDL-\d+ Ellipse\s+|Connect-OWS?) .{0,1000} Copyright .{0,1000} Redline Communications Inc">
|
2149
|
+
<description>Redline Communication Radios</description>
|
2150
|
+
<example>RDL-3000 Ellipse (c) Copyright 2010-2016 Redline Communications Inc.</example>
|
2151
|
+
<example>Connect-OW (c) Copyright 2010-2016 Redline Communications Inc.</example>
|
2152
|
+
<example>Connect-OWS (c) Copyright 2010-2016 Redline Communications Inc.</example>
|
2153
|
+
<param pos="0" name="hw.vendor" value="Redline"/>
|
2154
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
2155
|
+
<param pos="0" name="hw.product" value="Wireless Radio"/>
|
2156
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
2157
|
+
</fingerprint>
|
2158
|
+
|
2159
|
+
<fingerprint pattern="Vaddio VNG (\S+) vaddio-doccam-([a-fA-F0-9-]{17})">
|
2160
|
+
<description>Vadio VNG DocCom</description>
|
2161
|
+
<example hw.version="1.6+snapshot-20170720" host.mac="54-10-EC-31-2A-19">Vaddio VNG 1.6+snapshot-20170720 vaddio-doccam-54-10-EC-31-2A-19</example>
|
2162
|
+
<param pos="0" name="hw.vendor" value="Vaddio"/>
|
2163
|
+
<param pos="0" name="hw.device" value="Web Cam"/>
|
2164
|
+
<param pos="0" name="hw.product" value="DocCam"/>
|
2165
|
+
<param pos="1" name="hw.version"/>
|
2166
|
+
<param pos="2" name="host.mac"/>
|
2167
|
+
</fingerprint>
|
2168
|
+
|
2169
|
+
<fingerprint pattern="\((FL WLAN \S+)\)">
|
2170
|
+
<description>Phoenix Contact Wireless Module</description>
|
2171
|
+
<example hw.product="FL WLAN 510X">(FL WLAN 510X)</example>
|
2172
|
+
<param pos="0" name="hw.vendor" value="Phoenix Contact"/>
|
2173
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
2174
|
+
<param pos="1" name="hw.product"/>
|
2175
|
+
</fingerprint>
|
2176
|
+
|
2177
|
+
<fingerprint pattern="Welcome to i\.CanDoIt (.{0,1000}) v(\S+)">
|
2178
|
+
<description>Control Solutions i.CanDoIt PLC</description>
|
2179
|
+
<example hw.product="BAS-700 ReMOTE I/O" hw.version="2.47x">Welcome to i.CanDoIt BAS-700 ReMOTE I/O v2.47x</example>
|
2180
|
+
<param pos="0" name="hw.vendor" value="Control Solutions"/>
|
2181
|
+
<param pos="0" name="hw.device" value="PLC"/>
|
2182
|
+
<param pos="1" name="hw.product"/>
|
2183
|
+
<param pos="2" name="hw.version"/>
|
2184
|
+
<param pos="0" name="hw.certainty" value="0.75"/>
|
2185
|
+
</fingerprint>
|
2186
|
+
|
2187
|
+
<fingerprint pattern="Welcome to the MRV Communications' LX Series Server">
|
2188
|
+
<description>MRV Communications LX Series</description>
|
2189
|
+
<example>Welcome to the MRV Communications' LX Series Server</example>
|
2190
|
+
<param pos="0" name="hw.vendor" value="MRV Communications"/>
|
2191
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
2192
|
+
<param pos="0" name="hw.family" value="LX Series"/>
|
2193
|
+
</fingerprint>
|
2194
|
+
|
2195
|
+
<fingerprint pattern="(?m)\*\*\* Lantronix ([\S]+) Device Server \*\*\*(?:\r|\n)+MAC address ([a-fA-F0-9]{12})(?:\r|\n)+Software version V(\S+)">
|
2196
|
+
<description>Lantronix device server - w/o Serial</description>
|
2197
|
+
<!--
|
2198
|
+
*** Lantronix UDS1100-IAP Device Server ***
|
2199
|
+
MAC address 0080A3BD0000
|
2200
|
+
Software version V6.11.0.0 (150514) UDS1100
|
2201
|
+
Press Enter for Setup Mode
|
2202
|
+
-->
|
2203
|
+
|
2204
|
+
<example _encoding="base64" hw.product="UDS1100-IAP" hw.version="6.11.0.0" host.mac="0080A3BD0000">
|
2205
|
+
KioqIExhbnRyb25peCBVRFMxMTAwLUlBUCBEZXZpY2UgU2VydmVyICoqKgpN
|
2206
|
+
QUMgYWRkcmVzcyAwMDgwQTNCRDAwMDAKClNvZnR3YXJlIHZlcnNpb24gVjYu
|
2207
|
+
MTEuMC4wICgxNTA1MTQpIFVEUzExMDAKCgpQcmVzcyBFbnRlciBmb3IgU2V0
|
2208
|
+
dXAgTW9kZQo=
|
2209
|
+
</example>
|
2210
|
+
<param pos="0" name="hw.vendor" value="Lantronix"/>
|
2211
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
2212
|
+
<param pos="1" name="hw.product"/>
|
2213
|
+
<param pos="2" name="host.mac"/>
|
2214
|
+
<param pos="3" name="hw.version"/>
|
2215
|
+
</fingerprint>
|
2216
|
+
|
2217
|
+
<fingerprint pattern="(?m)\*\*\* Lantronix Universal Device Server \*\*\*(?:\r|\n)+Serial Number (\d+)\s+MAC address ([a-fA-F0-9:]{17})(?:\r|\n)+Software version (\S+)">
|
2218
|
+
<description>Lantronix device server - w/ Serial</description>
|
2219
|
+
<!--
|
2220
|
+
*** Lantronix Universal Device Server ***
|
2221
|
+
Serial Number 6451000 MAC address 00:20:4A:64:00:00
|
2222
|
+
Software version 04.5 (011025)
|
2223
|
+
Press Enter to go into Setup Mode
|
2224
|
+
-->
|
2225
|
+
|
2226
|
+
<example _encoding="base64" hw.version="04.5" host.mac="00:20:4A:64:00:00" hw.serial_number="6451000" lantronix.serial_number="6451000">
|
2227
|
+
KioqIExhbnRyb25peCBVbml2ZXJzYWwgRGV2aWNlIFNlcnZlciAqKioKU2Vy
|
2228
|
+
aWFsIE51bWJlciA2NDUxMDAwICBNQUMgYWRkcmVzcyAwMDoyMDo0QTo2NDow
|
2229
|
+
MDowMAoKU29mdHdhcmUgdmVyc2lvbiAwNC41ICgwMTEwMjUpCgpQcmVzcyBF
|
2230
|
+
bnRlciB0byBnbyBpbnRvIFNldHVwIE1vZGUK
|
2231
|
+
</example>
|
2232
|
+
<param pos="0" name="hw.vendor" value="Lantronix"/>
|
2233
|
+
<param pos="0" name="hw.device" value="Device Server"/>
|
2234
|
+
<param pos="0" name="hw.product" value="UDS"/>
|
2235
|
+
<param pos="1" name="lantronix.serial_number"/>
|
2236
|
+
<param pos="1" name="hw.serial_number"/>
|
2237
|
+
<param pos="2" name="host.mac"/>
|
2238
|
+
<param pos="3" name="hw.version"/>
|
2239
|
+
</fingerprint>
|
2240
|
+
|
2241
|
+
<fingerprint pattern="^(TAU-\d+[A-Z]*(?:\.IP)?) login:$$">
|
2242
|
+
<description>Eltex TAU model VoIP gateway</description>
|
2243
|
+
<example hw.product="TAU-8">TAU-8 login:</example>
|
2244
|
+
<example hw.product="TAU-2M.IP">TAU-2M.IP login:</example>
|
2245
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
2246
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
2247
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
2248
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
2249
|
+
<param pos="1" name="hw.product"/>
|
2250
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
2251
|
+
</fingerprint>
|
2252
|
+
|
2253
|
+
<fingerprint pattern="(?m)^\**(?:\r|\n)*\**\s*Welcome to (SMG-?\d+[A-Z]?)\s*\**(?:\r|\n)*\**(?:\r|\n)+(\S+) login:\s*$">
|
2254
|
+
<description>Eltex SMG model VoIP gateway - banner with model number</description>
|
2255
|
+
<!--
|
2256
|
+
********************************************
|
2257
|
+
* Welcome to SMG1016M *
|
2258
|
+
********************************************
|
2259
|
+
|
2260
|
+
foo.bar.baz login:
|
2261
|
+
-->
|
2262
|
+
<example hw.product="SMG1016M" host.name="foo.bar.baz" _encoding="base64">
|
2263
|
+
DQ0KDQoNKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioNCg0qI
|
2264
|
+
CAgICAgICAgICAgV2VsY29tZSB0byBTTUcxMDE2TSAgICAgICAgICAgKg0KDSoqKioqKioqKi
|
2265
|
+
oqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqDQoNDQoNZm9vLmJhci5iYXogbG9
|
2266
|
+
naW46IA==
|
2267
|
+
</example>
|
2268
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
2269
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
2270
|
+
<param pos="0" name="os.device" value="VoIP Gateway"/>
|
2271
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
2272
|
+
<param pos="1" name="hw.product"/>
|
2273
|
+
<param pos="0" name="hw.device" value="VoIP Gateway"/>
|
2274
|
+
<param pos="2" name="host.name"/>
|
2275
|
+
</fingerprint>
|
2276
|
+
|
2277
|
+
<fingerprint pattern="^eltex-nv(\d+) login:$">
|
2278
|
+
<description>Eltex - NV model IPTV set top box</description>
|
2279
|
+
<example hw.model="101">eltex-nv101 login:</example>
|
2280
|
+
<example hw.product="NV102">eltex-nv102 login:</example>
|
2281
|
+
<param pos="0" name="os.vendor" value="Eltex"/>
|
2282
|
+
<param pos="0" name="os.product" value="{hw.product} Firmware"/>
|
2283
|
+
<param pos="0" name="os.device" value="IPTV"/>
|
2284
|
+
<param pos="1" name="hw.model"/>
|
2285
|
+
<param pos="0" name="hw.vendor" value="Eltex"/>
|
2286
|
+
<param pos="0" name="hw.product" value="NV{hw.model}"/>
|
2287
|
+
<param pos="0" name="hw.device" value="IPTV"/>
|
2288
|
+
</fingerprint>
|
2289
|
+
|
2290
|
+
<fingerprint pattern=""BeerTemp":.*"FridgeTemp":">
|
2291
|
+
<description>Fermentrack Beer Brewing Monitor</description>
|
2292
|
+
<example>T:{"BeerTemp":null,"BeerSet":null,"BeerAnn":null,"FridgeTemp":null,"FridgeSet":null,"FridgeAnn":null,"State":0}</example>
|
2293
|
+
<param pos="0" name="hw.device" value="Device"/>
|
2294
|
+
<param pos="0" name="os.product" value="Fermentrack"/>
|
2295
|
+
</fingerprint>
|
2296
|
+
|
2098
2297
|
</fingerprints>
|