recog 2.3.20 → 2.3.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/tls_jarm.xml
CHANGED
|
@@ -14,13 +14,33 @@
|
|
|
14
14
|
<param pos="0" name="service.cpe23" value="cpe:/a:torproject:tor:-"/>
|
|
15
15
|
</fingerprint>
|
|
16
16
|
|
|
17
|
-
<fingerprint pattern="^2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d$">
|
|
18
|
-
<description>Synology NAS</description>
|
|
17
|
+
<fingerprint pattern="^2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d|29d29d15d29d29d21c29d29d29d29d10d7a07cb776562eccb97246005feba5|2ad2ad0002ad2ad0002ad2ad2ad2ad5bf44aec534289dfa8e33148b66cd6c3|29d29d15d29d29d21c29d29d29d29de857600fcd9f89735d87c3704c4e141b$">
|
|
18
|
+
<description>Synology NAS DSM 6</description>
|
|
19
|
+
<example>29d29d15d29d29d21c29d29d29d29d10d7a07cb776562eccb97246005feba5</example>
|
|
20
|
+
<example>29d29d15d29d29d21c29d29d29d29de857600fcd9f89735d87c3704c4e141b</example>
|
|
21
|
+
<example>2ad2ad0002ad2ad0002ad2ad2ad2ad5bf44aec534289dfa8e33148b66cd6c3</example>
|
|
19
22
|
<example>2ad2ad0002ad2ad0002ad2ad2ad2ada9e96d3ba9f7903758a731e0fa01453d</example>
|
|
20
23
|
<param pos="0" name="os.device" value="NAS"/>
|
|
21
24
|
<param pos="0" name="os.family" value="Linux"/>
|
|
22
25
|
<param pos="0" name="os.product" value="DSM"/>
|
|
23
26
|
<param pos="0" name="os.vendor" value="Synology"/>
|
|
27
|
+
<param pos="0" name="os.version" value="6"/>
|
|
28
|
+
<param pos="0" name="hw.vendor" value="Synology"/>
|
|
29
|
+
<param pos="0" name="hw.device" value="NAS"/>
|
|
30
|
+
</fingerprint>
|
|
31
|
+
|
|
32
|
+
<fingerprint pattern="^00000000000000000042d42d0000009535d5979f591ae8e547c5e5743e5b64|29d29d15d29d29d00042d42d00000068f5dc63852f94da932cd6b61b1cd9e3|29d29d15d29d29d21c42d42d000000bf85d79ff39d9f5079675604a74fc04b|29d29d15d29d29d00042d42d000000038eaaf490bec8dc33757f165ce01762|29d29d15d29d29d21c42d42d000000790cb01ea78cc2a73fe8428d61afc0c8$">
|
|
33
|
+
<description>Synology NAS DSM 7</description>
|
|
34
|
+
<example>00000000000000000042d42d0000009535d5979f591ae8e547c5e5743e5b64</example>
|
|
35
|
+
<example>29d29d15d29d29d00042d42d000000038eaaf490bec8dc33757f165ce01762</example>
|
|
36
|
+
<example>29d29d15d29d29d00042d42d00000068f5dc63852f94da932cd6b61b1cd9e3</example>
|
|
37
|
+
<example>29d29d15d29d29d21c42d42d000000790cb01ea78cc2a73fe8428d61afc0c8</example>
|
|
38
|
+
<example>29d29d15d29d29d21c42d42d000000bf85d79ff39d9f5079675604a74fc04b</example>
|
|
39
|
+
<param pos="0" name="os.device" value="NAS"/>
|
|
40
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
41
|
+
<param pos="0" name="os.product" value="DSM"/>
|
|
42
|
+
<param pos="0" name="os.vendor" value="Synology"/>
|
|
43
|
+
<param pos="0" name="os.version" value="7"/>
|
|
24
44
|
<param pos="0" name="hw.vendor" value="Synology"/>
|
|
25
45
|
<param pos="0" name="hw.device" value="NAS"/>
|
|
26
46
|
</fingerprint>
|
|
@@ -36,9 +56,13 @@
|
|
|
36
56
|
<param pos="0" name="os.device" value="Router"/>
|
|
37
57
|
</fingerprint>
|
|
38
58
|
|
|
39
|
-
<fingerprint pattern="^07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d$">
|
|
59
|
+
<fingerprint pattern="^07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d|07d14d16d21d21d07c42d43d000000f50d155305214cf247147c43c0f1a823|07b08b09b21b21b07b07b08b07b21b23aeefb38b723c523befb314af6e95ac|07c08c09c21c21c07c07c08c07c21c23aeefb38b723c523befb314af6e95ac|07d14d16d21d21d00007d14d07d21d0ae59125bcd90b8876b50928af8f6cd4$">
|
|
40
60
|
<description>Metasploit listener</description>
|
|
61
|
+
<example>07b08b09b21b21b07b07b08b07b21b23aeefb38b723c523befb314af6e95ac</example>
|
|
62
|
+
<example>07c08c09c21c21c07c07c08c07c21c23aeefb38b723c523befb314af6e95ac</example>
|
|
63
|
+
<example>07d14d16d21d21d00007d14d07d21d0ae59125bcd90b8876b50928af8f6cd4</example>
|
|
41
64
|
<example>07d14d16d21d21d00042d43d000000aa99ce74e2c6d013c745aa52b5cc042d</example>
|
|
65
|
+
<example>07d14d16d21d21d07c42d43d000000f50d155305214cf247147c43c0f1a823</example>
|
|
42
66
|
<param pos="0" name="service.vendor" value="Rapid7"/>
|
|
43
67
|
<param pos="0" name="service.product" value="Metasploit"/>
|
|
44
68
|
<param pos="0" name="service.cpe23" value="cpe:/a:rapid7:metasploit:-"/>
|
|
@@ -47,9 +71,10 @@
|
|
|
47
71
|
<!-- This fingerprint matches Java's TLS stack,
|
|
48
72
|
see https://blog.cobaltstrike.com/2020/12/08/a-red-teamer-plays-with-jarm/ for details -->
|
|
49
73
|
|
|
50
|
-
<fingerprint pattern="^07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1$">
|
|
74
|
+
<fingerprint pattern="^07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1|07d14d16d21d21d00042d41d00041de5fb3038104f457d92ba02e9311512c2$">
|
|
51
75
|
<description>Cobalt Strike listener</description>
|
|
52
76
|
<example>07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1</example>
|
|
77
|
+
<example>07d14d16d21d21d00042d41d00041de5fb3038104f457d92ba02e9311512c2</example>
|
|
53
78
|
<param pos="0" name="service.vendor" value="Strategic Cyber LLC"/>
|
|
54
79
|
<param pos="0" name="service.product" value="Cobalt Strike Listener"/>
|
|
55
80
|
<param pos="0" name="service.certainty" value="0.3"/>
|
|
@@ -118,11 +143,13 @@
|
|
|
118
143
|
<param pos="0" name="hw.device" value="Media Server"/>
|
|
119
144
|
<param pos="0" name="hw.vendor" value="Google"/>
|
|
120
145
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
|
146
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
|
|
121
147
|
</fingerprint>
|
|
122
148
|
|
|
123
|
-
<fingerprint pattern="^21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601$">
|
|
124
|
-
<description>
|
|
149
|
+
<fingerprint pattern="^21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601|2ad2ad0002ad2ad0002ad2ad2ad2ad755a2cec4b52fb1bce1ac7f1e48c8a7d$">
|
|
150
|
+
<description>VMware ESXi</description>
|
|
125
151
|
<example>21d14d00021d21d21c21d14d21d21d3e9a0dda94718e521eb7d1409c9e3601</example>
|
|
152
|
+
<example>2ad2ad0002ad2ad0002ad2ad2ad2ad755a2cec4b52fb1bce1ac7f1e48c8a7d</example>
|
|
126
153
|
<param pos="0" name="os.vendor" value="VMware"/>
|
|
127
154
|
<param pos="0" name="os.family" value="VMware ESX/ESXi"/>
|
|
128
155
|
<param pos="0" name="os.product" value="VMware ESXi Server"/>
|
|
@@ -137,4 +164,19 @@
|
|
|
137
164
|
<param pos="0" name="service.product" value="Merlin"/>
|
|
138
165
|
</fingerprint>
|
|
139
166
|
|
|
167
|
+
<fingerprint pattern="^21d14d00000000000021d14d21d21d16c46827964490e6024618c0a3d7d893$">
|
|
168
|
+
<description>Covenant .NET C2 framework</description>
|
|
169
|
+
<example>21d14d00000000000021d14d21d21d16c46827964490e6024618c0a3d7d893</example>
|
|
170
|
+
<param pos="0" name="service.product" value="Covenant"/>
|
|
171
|
+
</fingerprint>
|
|
172
|
+
|
|
173
|
+
<fingerprint pattern="^16d16d16d14d16d00016d16d16d16da6fda484e06f95db4f56339284c90672$">
|
|
174
|
+
<description>HP Printer</description>
|
|
175
|
+
<example>16d16d16d14d16d00016d16d16d16da6fda484e06f95db4f56339284c90672</example>
|
|
176
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
|
177
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
|
178
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
|
179
|
+
<param pos="0" name="os.device" value="Printer"/>
|
|
180
|
+
</fingerprint>
|
|
181
|
+
|
|
140
182
|
</fingerprints>
|
data/xml/x11_banners.xml
CHANGED
|
@@ -62,13 +62,13 @@
|
|
|
62
62
|
<fingerprint pattern="^Fedora Project$">
|
|
63
63
|
<description>Fedora Project</description>
|
|
64
64
|
<example>Fedora Project</example>
|
|
65
|
-
<param pos="0" name="os.vendor" value="
|
|
65
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
|
66
66
|
<param pos="0" name="service.vendor" value="X.Org"/>
|
|
67
67
|
<param pos="0" name="service.product" value="X.Org X11"/>
|
|
68
68
|
<param pos="0" name="service.cpe23" value="cpe:/a:x.org:x11:-"/>
|
|
69
|
-
<param pos="0" name="os.product" value="Fedora Core
|
|
69
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
|
70
70
|
<param pos="0" name="os.family" value="Linux"/>
|
|
71
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
|
71
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:-"/>
|
|
72
72
|
</fingerprint>
|
|
73
73
|
|
|
74
74
|
<fingerprint pattern="^freedesktop\.org$">
|
data/xml/x509_issuers.xml
CHANGED
|
@@ -13,54 +13,84 @@
|
|
|
13
13
|
<fingerprint pattern="^CN=R3,O=Let's Encrypt,C=US$">
|
|
14
14
|
<description>Lets Encrypt R3 - generic -- assert nothing.</description>
|
|
15
15
|
<example>CN=R3,O=Let's Encrypt,C=US</example>
|
|
16
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
17
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
18
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
16
19
|
</fingerprint>
|
|
17
20
|
|
|
18
21
|
<fingerprint pattern="^CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US$">
|
|
19
22
|
<description>Lets Encrypt X3 - generic -- assert nothing.</description>
|
|
20
23
|
<example>CN=Let's Encrypt Authority X3,O=Let's Encrypt,C=US</example>
|
|
24
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
25
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
26
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
21
27
|
</fingerprint>
|
|
22
28
|
|
|
23
29
|
<fingerprint pattern="^CN=Amazon,OU=Server CA 1B,O=Amazon,C=US$">
|
|
24
30
|
<description>Amazon AWS Server CA 1B - generic -- assert nothing.</description>
|
|
25
31
|
<example>CN=Amazon,OU=Server CA 1B,O=Amazon,C=US</example>
|
|
32
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
33
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
34
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
26
35
|
</fingerprint>
|
|
27
36
|
|
|
28
37
|
<fingerprint pattern="^CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US$">
|
|
29
38
|
<description>DigiCert SHA2 - generic -- assert nothing.</description>
|
|
30
39
|
<example>CN=DigiCert SHA2 Secure Server CA,O=DigiCert Inc,C=US</example>
|
|
40
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
41
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
42
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
31
43
|
</fingerprint>
|
|
32
44
|
|
|
33
45
|
<fingerprint pattern="^CN=DigiCert TLS (?:RSA SHA256|Hybrid ECC SHA384) 2020 CA1,O=DigiCert Inc,C=US$">
|
|
34
46
|
<description>DigiCert SHA256 2020 CA1 - generic -- assert nothing.</description>
|
|
35
47
|
<example>CN=DigiCert TLS RSA SHA256 2020 CA1,O=DigiCert Inc,C=US</example>
|
|
36
48
|
<example>CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1,O=DigiCert Inc,C=US</example>
|
|
49
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
50
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
51
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
37
52
|
</fingerprint>
|
|
38
53
|
|
|
39
54
|
<fingerprint pattern="^CN=DigiCert Secure Site ECC CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US$">
|
|
40
55
|
<description>DigiCert ECC CA-1 - generic -- assert nothing.</description>
|
|
41
56
|
<example>CN=DigiCert Secure Site ECC CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US</example>
|
|
57
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
58
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
59
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
42
60
|
</fingerprint>
|
|
43
61
|
|
|
44
62
|
<fingerprint pattern="^CN=DigiCert SHA2 (?:Extended Validation|High Assurance) Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US$">
|
|
45
63
|
<description>DigiCert SHA2 EV - generic -- assert nothing.</description>
|
|
46
64
|
<example>CN=DigiCert SHA2 Extended Validation Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US</example>
|
|
47
65
|
<example>CN=DigiCert SHA2 High Assurance Server CA,OU=www.digicert.com,O=DigiCert Inc,C=US</example>
|
|
66
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
67
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
68
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
48
69
|
</fingerprint>
|
|
49
70
|
|
|
50
71
|
<fingerprint pattern="^CN=Sectigo RSA (?:Domain|Organization) Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB$">
|
|
51
72
|
<description>Sectigo RSA - generic -- assert nothing.</description>
|
|
52
73
|
<example>CN=Sectigo RSA Domain Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB</example>
|
|
53
74
|
<example>CN=Sectigo RSA Organization Validation Secure Server CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB</example>
|
|
75
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
76
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
77
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
54
78
|
</fingerprint>
|
|
55
79
|
|
|
56
80
|
<fingerprint pattern="^CN=GeoTrust RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US$">
|
|
57
81
|
<description>GeoTrust RSA CA 2018 - generic -- assert nothing.</description>
|
|
58
82
|
<example>CN=GeoTrust RSA CA 2018,OU=www.digicert.com,O=DigiCert Inc,C=US</example>
|
|
83
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
84
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
85
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
59
86
|
</fingerprint>
|
|
60
87
|
|
|
61
88
|
<fingerprint pattern="^CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs\.godaddy\.com/repository/,O=GoDaddy.com\\, Inc\.,L=Scottsdale,ST=Arizona,C=US$">
|
|
62
89
|
<description>Go Daddy G2 - generic -- assert nothing.</description>
|
|
63
90
|
<example>CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US</example>
|
|
91
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
92
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
93
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
64
94
|
</fingerprint>
|
|
65
95
|
|
|
66
96
|
<!-- Chromecast and various devices that support the Cast protocol -->
|
|
@@ -76,6 +106,7 @@
|
|
|
76
106
|
<param pos="0" name="hw.vendor" value="Google"/>
|
|
77
107
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
|
78
108
|
<param pos="0" name="hw.certainty" value="0.5"/>
|
|
109
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
|
|
79
110
|
<param pos="0" name="chromecast.generation" value="1"/>
|
|
80
111
|
</fingerprint>
|
|
81
112
|
|
|
@@ -97,6 +128,7 @@
|
|
|
97
128
|
<param pos="0" name="hw.vendor" value="Google"/>
|
|
98
129
|
<param pos="0" name="hw.product" value="Chromecast"/>
|
|
99
130
|
<param pos="0" name="hw.certainty" value="0.5"/>
|
|
131
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
|
|
100
132
|
<param pos="1" name="chromecast.generation"/>
|
|
101
133
|
<param pos="2" name="chromecast.capabilities"/>
|
|
102
134
|
</fingerprint>
|
|
@@ -304,10 +336,10 @@
|
|
|
304
336
|
<param pos="0" name="service.vendor" value="Traefik Labs"/>
|
|
305
337
|
<param pos="0" name="service.family" value="Traefik"/>
|
|
306
338
|
<param pos="0" name="service.product" value="Traefik Proxy"/>
|
|
307
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:
|
|
339
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:traefik:traefik:-"/>
|
|
308
340
|
</fingerprint>
|
|
309
341
|
|
|
310
|
-
<fingerprint pattern="
|
|
342
|
+
<fingerprint pattern="(?i)^CN=Fireware web CA,OU=Fireware,O=WatchGuard(?: CA)?$">
|
|
311
343
|
<description>WatchGuard Fireware</description>
|
|
312
344
|
<example>CN=Fireware web ca,OU=Fireware,O=WatchGuard</example>
|
|
313
345
|
<example>CN=Fireware web CA,OU=Fireware,O=Watchguard CA</example>
|
|
@@ -327,4 +359,39 @@
|
|
|
327
359
|
<param pos="0" name="service.cpe23" value="cpe:/a:caddyserver:caddy:-"/>
|
|
328
360
|
</fingerprint>
|
|
329
361
|
|
|
362
|
+
<fingerprint pattern="^CN=Avaya cu360 (\S+)$">
|
|
363
|
+
<description>Avaya Video Conferencing Device - CU360</description>
|
|
364
|
+
<example hw.serial_number="11YT11111111">CN=Avaya cu360 11YT11111111</example>
|
|
365
|
+
<param pos="0" name="hw.vendor" value="Avaya"/>
|
|
366
|
+
<param pos="0" name="hw.device" value="Video Conference"/>
|
|
367
|
+
<param pos="0" name="hw.product" value="CU360"/>
|
|
368
|
+
<param pos="1" name="hw.serial_number"/>
|
|
369
|
+
</fingerprint>
|
|
370
|
+
|
|
371
|
+
<fingerprint pattern="^CN=Roomba CA,OU=\S+,O=iRobot,L=Bedford,ST=MA,C=US$">
|
|
372
|
+
<description>Roomba Device</description>
|
|
373
|
+
<example hw.product="Roomba" hw.vendor="iRobot">CN=Roomba CA,OU=HBU,O=iRobot,L=Bedford,ST=MA,C=US</example>
|
|
374
|
+
<param pos="0" name="hw.vendor" value="iRobot"/>
|
|
375
|
+
<param pos="0" name="hw.device" value="Device"/>
|
|
376
|
+
<param pos="0" name="hw.product" value="Roomba"/>
|
|
377
|
+
</fingerprint>
|
|
378
|
+
|
|
379
|
+
<fingerprint pattern="(?i)^CN=\S+,OU=FreshTomato Team,O=FreshTomato,L=Columbus,ST=Ohio,C=US(?:.*)$">
|
|
380
|
+
<description>FreshTomato Router Firmware</description>
|
|
381
|
+
<example>CN=192.168.1.1,OU=FreshTomato Team,O=FreshTomato,L=Columbus,ST=Ohio,C=US</example>
|
|
382
|
+
<param pos="0" name="os.vendor" value="FreshTomato"/>
|
|
383
|
+
<param pos="0" name="os.family" value="Linux"/>
|
|
384
|
+
<param pos="0" name="os.product" value="FreshTomato"/>
|
|
385
|
+
<param pos="0" name="os.device" value="Router"/>
|
|
386
|
+
</fingerprint>
|
|
387
|
+
|
|
388
|
+
<fingerprint pattern="(?i)^SERIALNUMBER=(\d+),CN=(\S+),OU=ST-VS,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,C=DE">
|
|
389
|
+
<description>Bosch Device</description>
|
|
390
|
+
<example hw.serial_number="111111111111111111" host.mac="00-07-5f-11-11-11">SERIALNUMBER=111111111111111111,CN=00-07-5f-11-11-11,OU=ST-VS,O=Bosch Sicherheitssysteme GmbH,L=Grasbrunn,C=DE</example>
|
|
391
|
+
<param pos="0" name="os.vendor" value="Bosch"/>
|
|
392
|
+
<param pos="0" name="hw.vendor" value="Bosch"/>
|
|
393
|
+
<param pos="1" name="hw.serial_number"/>
|
|
394
|
+
<param pos="2" name="host.mac"/>
|
|
395
|
+
</fingerprint>
|
|
396
|
+
|
|
330
397
|
</fingerprints>
|