recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
@@ -10,6 +10,7 @@ AIOHTTP
|
|
10
10
|
AOS
|
11
11
|
APIC
|
12
12
|
ARRIS
|
13
|
+
ASDM
|
13
14
|
ASM
|
14
15
|
ASP.NET
|
15
16
|
Abyss Web Server X1
|
@@ -19,6 +20,7 @@ Active Directory Controller
|
|
19
20
|
Active Intelligence Engine
|
20
21
|
ActiveMQ
|
21
22
|
AdGuard Home
|
23
|
+
Adminer
|
22
24
|
AirTunes
|
23
25
|
Airflow
|
24
26
|
Alteon Web Switch
|
@@ -29,6 +31,7 @@ Apache Tomcat HTTP Connector
|
|
29
31
|
AppleShare IP Mail Server
|
30
32
|
Application Load Balancer
|
31
33
|
Application Protection System, Enterprise
|
34
|
+
Application Server
|
32
35
|
Application Server Portal
|
33
36
|
Application Server Web Cache
|
34
37
|
Appweb
|
@@ -49,6 +52,7 @@ BlackJumboDog
|
|
49
52
|
BladeSystems
|
50
53
|
Boa
|
51
54
|
Bugzilla
|
55
|
+
CALDERA
|
52
56
|
CCProxy
|
53
57
|
CMS
|
54
58
|
CMS400.NET
|
@@ -89,6 +93,7 @@ CouchDB
|
|
89
93
|
Couchbase Server
|
90
94
|
Courier IMAP
|
91
95
|
Courier POP
|
96
|
+
Covenant
|
92
97
|
Cowboy
|
93
98
|
Coyote
|
94
99
|
Cross Web Server
|
@@ -139,6 +144,7 @@ Exchange 2003 Server
|
|
139
144
|
Exchange 2007 Server
|
140
145
|
Exchange Server
|
141
146
|
Exchange Server 5.5
|
147
|
+
Express WebTools
|
142
148
|
Expressway
|
143
149
|
FTGate
|
144
150
|
FTP
|
@@ -160,6 +166,7 @@ Flyspray
|
|
160
166
|
FortiVoice
|
161
167
|
FortressSSH Server
|
162
168
|
FreSSH
|
169
|
+
FreeNAS
|
163
170
|
FreeSWITCH
|
164
171
|
Fusion Middleware
|
165
172
|
GHost
|
@@ -191,6 +198,7 @@ HttpProxy
|
|
191
198
|
Hummingbird Exceed X server
|
192
199
|
IBM Domino
|
193
200
|
IIS
|
201
|
+
ILOM
|
194
202
|
IMail Server
|
195
203
|
IOS
|
196
204
|
IPVA
|
@@ -329,7 +337,9 @@ Niagara AX
|
|
329
337
|
Node
|
330
338
|
Notebook
|
331
339
|
Nucleus SNMP Agent
|
340
|
+
Nuggets Learning Server
|
332
341
|
Observium
|
342
|
+
Office 365 Reporter
|
333
343
|
OpManager
|
334
344
|
Open Directory
|
335
345
|
Open Stack Platform Director
|
@@ -388,6 +398,7 @@ RealServer
|
|
388
398
|
RealVNC
|
389
399
|
Recursor
|
390
400
|
Red Hat Directory Server
|
401
|
+
Redis Commander
|
391
402
|
Redmine
|
392
403
|
Reflection
|
393
404
|
Reflection for Secure IT
|
@@ -445,7 +456,9 @@ SmartDNS
|
|
445
456
|
SmartSense Tool
|
446
457
|
SmbFTPD
|
447
458
|
Snowball
|
459
|
+
Solr
|
448
460
|
SonarQube
|
461
|
+
Spark
|
449
462
|
SpeedTouch
|
450
463
|
Splunk
|
451
464
|
Squeezebox
|
@@ -467,10 +480,12 @@ TCPIP POP server
|
|
467
480
|
TUX Web Server
|
468
481
|
Tableau Server
|
469
482
|
TeamCity
|
483
|
+
TeamSpeak
|
470
484
|
Tengine
|
471
485
|
TestCenter IQ
|
472
486
|
Thin
|
473
487
|
TigerVNC
|
488
|
+
TinyGS
|
474
489
|
Tinyproxy
|
475
490
|
Tivoli Access Manager for e-business WebSEAL
|
476
491
|
Tivoli Storage FlashCopy Manager
|
@@ -483,10 +498,13 @@ Transportation Management
|
|
483
498
|
Twisted FTPD
|
484
499
|
Twisted Web
|
485
500
|
Twonky Media Server
|
501
|
+
UNMS
|
486
502
|
UnboundID Directory Proxy Server
|
487
503
|
UnboundID Directory Server
|
504
|
+
UniFi
|
488
505
|
UniFi Video
|
489
506
|
Universal Management Appliance
|
507
|
+
Unraid
|
490
508
|
Urchin Tracking Module
|
491
509
|
Usermin
|
492
510
|
VM
|
@@ -507,6 +525,7 @@ VisionFS
|
|
507
525
|
VxWorks CIFS
|
508
526
|
WEBrick
|
509
527
|
WHM
|
528
|
+
WLED
|
510
529
|
WS_FTP
|
511
530
|
WU-FTPD
|
512
531
|
WeOnlyDo SSH Server
|
@@ -520,6 +539,7 @@ WebGUI
|
|
520
539
|
WebLogic
|
521
540
|
WebServer
|
522
541
|
WebShield
|
542
|
+
WebSocket++
|
523
543
|
WebSphere
|
524
544
|
WebSphere Load Balancer
|
525
545
|
WebTrends
|
@@ -570,6 +590,7 @@ gSOAP
|
|
570
590
|
gdnsd
|
571
591
|
httpd
|
572
592
|
iLO
|
593
|
+
iPlanet Web Server
|
573
594
|
iScale
|
574
595
|
inetutils ftpd
|
575
596
|
ipGENADevice
|
@@ -579,6 +600,7 @@ libupnp
|
|
579
600
|
lighttpd
|
580
601
|
micro_httpd
|
581
602
|
mini_httpd
|
603
|
+
mitmproxy
|
582
604
|
mod_access
|
583
605
|
mod_access_compat
|
584
606
|
mod_actions
|
@@ -726,16 +748,20 @@ mod_vhost_alias
|
|
726
748
|
mod_watchdog
|
727
749
|
mod_wsgi
|
728
750
|
mod_xml2enc
|
751
|
+
mongo-express
|
729
752
|
nginx
|
730
753
|
noVNC
|
754
|
+
ntopng
|
731
755
|
ownCloud Server
|
732
756
|
perl
|
733
757
|
pfSense
|
758
|
+
phpMyAdmin
|
734
759
|
qmail
|
735
760
|
qpopper-mysql
|
736
761
|
raptor
|
737
762
|
rbldnsd
|
738
763
|
sfcb
|
764
|
+
sofia-sip
|
739
765
|
sshlib
|
740
766
|
thttpd
|
741
767
|
tnftpd
|
data/identifiers/vendor.txt
CHANGED
@@ -1,3 +1,4 @@
|
|
1
|
+
2N Telekomunikace
|
1
2
|
3CX
|
2
3
|
3Com
|
3
4
|
8x8 Inc.
|
@@ -34,6 +35,8 @@ Aastra
|
|
34
35
|
Accelerated Technology
|
35
36
|
AdGuard
|
36
37
|
Adaptec
|
38
|
+
AdminDroid
|
39
|
+
Adminer
|
37
40
|
Adobe
|
38
41
|
Adtran
|
39
42
|
Aerohive
|
@@ -41,6 +44,7 @@ Agere Systems
|
|
41
44
|
Agilent
|
42
45
|
AirDefense
|
43
46
|
AirMagnet
|
47
|
+
Aircookie
|
44
48
|
Airties
|
45
49
|
Akamai
|
46
50
|
Algo
|
@@ -48,6 +52,8 @@ AlienVault
|
|
48
52
|
Allegro Software
|
49
53
|
Allen-Bradley
|
50
54
|
Allied Telesyn
|
55
|
+
Allworx
|
56
|
+
Alpha Technologies
|
51
57
|
Alpha Telecom, Inc. U.S.A.
|
52
58
|
Alpine
|
53
59
|
Alt-N
|
@@ -58,6 +64,7 @@ AnyBus
|
|
58
64
|
Apache
|
59
65
|
Apple
|
60
66
|
Aprelium Technologies
|
67
|
+
Aptinex
|
61
68
|
ArGoSoft
|
62
69
|
Arachni
|
63
70
|
Araknis Networks
|
@@ -93,14 +100,18 @@ BT
|
|
93
100
|
Bandura Labs
|
94
101
|
Bangteng
|
95
102
|
Barco
|
103
|
+
Barix
|
96
104
|
Barracuda
|
97
105
|
Berkeley Software Design Inc.
|
98
106
|
Bftpd Project
|
99
107
|
Bigfoot
|
108
|
+
Bird Home Automation
|
100
109
|
Bitvise
|
110
|
+
BlackBox
|
101
111
|
Blue Coat
|
102
112
|
BlueCat
|
103
113
|
Boa
|
114
|
+
Bobcat
|
104
115
|
Bomgar
|
105
116
|
Bosch
|
106
117
|
Bose
|
@@ -113,6 +124,7 @@ Buffalo
|
|
113
124
|
C&D Technologies
|
114
125
|
C-Phone Corporation
|
115
126
|
CA
|
127
|
+
CBT
|
116
128
|
CDVI
|
117
129
|
CSM
|
118
130
|
Cabletron
|
@@ -163,6 +175,7 @@ Conectiva
|
|
163
175
|
Conexant
|
164
176
|
Congruency, Inc.
|
165
177
|
ConnectWise
|
178
|
+
Control Solutions
|
166
179
|
Couchbase
|
167
180
|
Cradlepoint
|
168
181
|
Crestron
|
@@ -170,6 +183,7 @@ Critical Path
|
|
170
183
|
CrushFTP
|
171
184
|
CrystalVoice Communications
|
172
185
|
Cumulus
|
186
|
+
CyberPower
|
173
187
|
Cyberoam
|
174
188
|
D J Bernstein
|
175
189
|
D-Link
|
@@ -214,6 +228,7 @@ Eclipse
|
|
214
228
|
Ektron
|
215
229
|
Elastic
|
216
230
|
Eltek
|
231
|
+
Eltex
|
217
232
|
EmbedThis
|
218
233
|
Embedthis
|
219
234
|
Emby
|
@@ -227,6 +242,7 @@ EqualLogic
|
|
227
242
|
Equivalence (OpenH323)
|
228
243
|
Ericsson
|
229
244
|
Eudora
|
245
|
+
Evolis
|
230
246
|
ExtraHop
|
231
247
|
Extreme Networks
|
232
248
|
Extron
|
@@ -237,6 +253,7 @@ Facebook
|
|
237
253
|
FarSite Communications
|
238
254
|
FatWire
|
239
255
|
Fedora Project
|
256
|
+
Ferner
|
240
257
|
Ferrari Electronik GmbH
|
241
258
|
Fidelis
|
242
259
|
Fidelix
|
@@ -255,6 +272,8 @@ Foundry Networks
|
|
255
272
|
FreeBSD
|
256
273
|
FreePBX
|
257
274
|
FreeSWITCH
|
275
|
+
Freebox
|
276
|
+
FreshTomato
|
258
277
|
Fuji Xerox
|
259
278
|
Fujitsu
|
260
279
|
Fujitsu Siemens
|
@@ -272,12 +291,15 @@ Genivia
|
|
272
291
|
Genscape
|
273
292
|
Gentoo
|
274
293
|
Gerrit
|
294
|
+
GigaBlue
|
275
295
|
Gigamon
|
296
|
+
Gigaset
|
276
297
|
GitHub
|
277
298
|
GitLab
|
278
299
|
Gitea
|
279
300
|
Global Technology Associates
|
280
301
|
GlobalScape
|
302
|
+
GoGogate
|
281
303
|
Gogs
|
282
304
|
Google
|
283
305
|
Gordano
|
@@ -361,6 +383,7 @@ Kyocera
|
|
361
383
|
Kyocera Mita
|
362
384
|
LANCOM Systems
|
363
385
|
LANDesk
|
386
|
+
LG
|
364
387
|
LINX
|
365
388
|
Labtam
|
366
389
|
Lanier
|
@@ -376,17 +399,20 @@ Liebert
|
|
376
399
|
Lifesize
|
377
400
|
LigoWave
|
378
401
|
Ligowave
|
402
|
+
Lime Technologies
|
379
403
|
Linksys
|
380
404
|
Linux
|
381
405
|
LiteSpeed Technologies
|
382
406
|
LiveWorks Limited
|
383
407
|
Logitech
|
408
|
+
Lorex
|
384
409
|
Lotus
|
385
410
|
Loxone
|
386
411
|
Lucent
|
387
412
|
Lynx Technology
|
388
413
|
Lyris
|
389
414
|
MBP Kommunikationssysteme GmbH
|
415
|
+
MITRE
|
390
416
|
MPI Technologies
|
391
417
|
MPS Software
|
392
418
|
MRV Communications
|
@@ -406,6 +432,7 @@ Media5 Corporation
|
|
406
432
|
MediaGate
|
407
433
|
Mediatrix Telecom
|
408
434
|
Merak
|
435
|
+
Meraki
|
409
436
|
Mercury Security
|
410
437
|
Merit LILIN
|
411
438
|
Mersive
|
@@ -442,6 +469,7 @@ NLnet Labs
|
|
442
469
|
NTP
|
443
470
|
NVIDIA
|
444
471
|
Nagios
|
472
|
+
Nanoleaf
|
445
473
|
NcFTP Software
|
446
474
|
Neoscale
|
447
475
|
Nero
|
@@ -453,6 +481,7 @@ NetData
|
|
453
481
|
NetIQ
|
454
482
|
NetSarang Computer, Inc.
|
455
483
|
NetWin
|
484
|
+
Netgate
|
456
485
|
Netgear
|
457
486
|
Netia
|
458
487
|
Netopia
|
@@ -471,6 +500,7 @@ Nominum
|
|
471
500
|
Nortel
|
472
501
|
Norton
|
473
502
|
Novell
|
503
|
+
Nuuo
|
474
504
|
OPNsense
|
475
505
|
Objective Communications
|
476
506
|
Observium
|
@@ -509,6 +539,7 @@ Panduit
|
|
509
539
|
Paradyne
|
510
540
|
Parallels
|
511
541
|
Paramiko
|
542
|
+
Patton
|
512
543
|
Paul Smith Computer Services
|
513
544
|
Pelco
|
514
545
|
Percona
|
@@ -516,12 +547,14 @@ Perl
|
|
516
547
|
Phacility
|
517
548
|
Philips
|
518
549
|
Philips Video Conferencing Systems
|
550
|
+
Phoenix Contact
|
519
551
|
Pi-hole
|
520
552
|
PictureTel
|
521
553
|
Plain Black
|
522
554
|
Plex
|
523
555
|
Plixer
|
524
556
|
Polatis
|
557
|
+
Poly
|
525
558
|
Polycom
|
526
559
|
Portainer
|
527
560
|
Postfix
|
@@ -531,11 +564,13 @@ PowerWare
|
|
531
564
|
Pragma Systems
|
532
565
|
Pro Group
|
533
566
|
ProFTPD Project
|
567
|
+
ProSoft Technology
|
534
568
|
Process Software
|
535
569
|
Progress
|
536
570
|
Prometheus
|
537
571
|
Pronet
|
538
572
|
Proxmox
|
573
|
+
Psion Teklogix
|
539
574
|
Pulse Secure
|
540
575
|
Pure Storage
|
541
576
|
PureFTPd
|
@@ -560,6 +595,7 @@ RealVNC Ltd.
|
|
560
595
|
Rectifier Technologies
|
561
596
|
Red Hat
|
562
597
|
Redback Networks
|
598
|
+
Redline
|
563
599
|
Redmine
|
564
600
|
Rhino Software
|
565
601
|
Ricoh
|
@@ -600,6 +636,7 @@ SapporoWorks
|
|
600
636
|
Satelitech
|
601
637
|
Savin
|
602
638
|
Scalix
|
639
|
+
Schneider Electric
|
603
640
|
Schneider Rundfunkwerke AG
|
604
641
|
Science Dynamics Corporation
|
605
642
|
Science Logic
|
@@ -612,11 +649,13 @@ Segger
|
|
612
649
|
Sendmail
|
613
650
|
Sequent
|
614
651
|
Sercomm
|
652
|
+
SerenityOS
|
615
653
|
Serome Technology, Inc.
|
616
654
|
Serv-U
|
617
655
|
ServerTech
|
618
656
|
Sharp
|
619
657
|
ShellInABox
|
658
|
+
Shelly
|
620
659
|
Shenzhen Reecam Tech. Ltd.
|
621
660
|
ShoreTel
|
622
661
|
Siebel
|
@@ -629,6 +668,7 @@ SmoothWall
|
|
629
668
|
SnapServer
|
630
669
|
Sofrel
|
631
670
|
Softing
|
671
|
+
Software House
|
632
672
|
SolarWinds
|
633
673
|
SonarQube
|
634
674
|
SonicWall
|
@@ -641,6 +681,7 @@ Spiceworks
|
|
641
681
|
Spirent Communications
|
642
682
|
SpliceCom
|
643
683
|
Splunk
|
684
|
+
SpotterRF
|
644
685
|
Squid Cache
|
645
686
|
Standard Networks
|
646
687
|
StarNet Communications Corp.
|
@@ -674,15 +715,18 @@ Tableau
|
|
674
715
|
Tandberg
|
675
716
|
Taobao
|
676
717
|
Tasman Networks
|
718
|
+
TeamSpeak
|
677
719
|
Technicolor
|
678
720
|
Tektronix
|
679
721
|
Teldat H. Kruszynski, M. Cichocki Sp. J.
|
680
722
|
TeleStream Technologies, Inc.
|
681
723
|
TeleWare
|
724
|
+
Teledyne FLIR
|
682
725
|
Telliris
|
683
726
|
Telxon Corporation
|
684
727
|
Tenable
|
685
728
|
Tencent
|
729
|
+
Teradici
|
686
730
|
Thekelleys
|
687
731
|
Thomson
|
688
732
|
TigerVNC
|
@@ -694,6 +738,8 @@ Tinyproxy Project
|
|
694
738
|
Tivo
|
695
739
|
Tobit Software
|
696
740
|
Tokutek
|
741
|
+
Tomato
|
742
|
+
TomatoUSB
|
697
743
|
Tor Project
|
698
744
|
TornadoWeb
|
699
745
|
Toshiba
|
@@ -712,10 +758,14 @@ Ubiquiti
|
|
712
758
|
Ubuntu
|
713
759
|
UnboundID
|
714
760
|
Unica
|
761
|
+
Unify
|
715
762
|
Unisys
|
716
763
|
UnitedLinux
|
764
|
+
VBrick
|
717
765
|
VMware
|
718
766
|
VTEL
|
767
|
+
Vaddio
|
768
|
+
Valcom
|
719
769
|
VanDyke Software
|
720
770
|
Vanguard Managed Solutions
|
721
771
|
Varnish-cache
|
@@ -739,20 +789,23 @@ WatchGuard
|
|
739
789
|
WeOnlyDo
|
740
790
|
WebTrends
|
741
791
|
Webmin
|
792
|
+
Weidmüller
|
742
793
|
Westbay Engineers
|
743
794
|
Westell
|
744
795
|
Western Digital
|
745
796
|
White Box
|
797
|
+
Wifx
|
746
798
|
Wildix
|
747
799
|
Wind River
|
748
800
|
Wowza
|
749
801
|
Wowza Media Systems
|
802
|
+
Wyze
|
750
803
|
X.Org
|
751
804
|
XAMPP
|
752
805
|
XFree86
|
753
806
|
XRoads
|
754
807
|
Xerox
|
755
|
-
Xiongmai
|
808
|
+
Xiongmai Technology
|
756
809
|
Xiph
|
757
810
|
Xiph.org
|
758
811
|
Xitami
|
@@ -767,6 +820,7 @@ Youngzsoft
|
|
767
820
|
ZMailer
|
768
821
|
ZTE
|
769
822
|
Zabbix
|
823
|
+
Zaphoyd Studios
|
770
824
|
ZebraNet
|
771
825
|
Zed Shaw
|
772
826
|
Zyxel
|
@@ -781,17 +835,24 @@ exim
|
|
781
835
|
gdnsd
|
782
836
|
home.pl
|
783
837
|
i.LON
|
838
|
+
iRobot
|
839
|
+
iStar
|
784
840
|
iTach
|
841
|
+
iXsystems
|
785
842
|
innovaphone
|
786
843
|
libssh
|
787
844
|
lighttpd
|
845
|
+
mitmproxy
|
788
846
|
mod_ssl
|
789
847
|
mod_wsgi
|
848
|
+
mongo-express Project
|
790
849
|
nginx
|
791
850
|
ninenines
|
792
851
|
noVNC
|
852
|
+
ntop
|
793
853
|
ownCloud
|
794
854
|
pfSense
|
855
|
+
phpMyAdmin
|
795
856
|
port25
|
796
857
|
qmail
|
797
858
|
rPath
|
data/lib/recog/db.rb
CHANGED
@@ -66,10 +66,11 @@ class DB
|
|
66
66
|
|
67
67
|
end
|
68
68
|
|
69
|
+
filepath = self.path.sub(/\.xml$/, '')
|
69
70
|
@match_key = File.basename(self.path).sub(/\.xml$/, '') unless @match_key
|
70
71
|
|
71
72
|
xml.xpath('/fingerprints/fingerprint').each do |fprint|
|
72
|
-
@fingerprints << Fingerprint.new(fprint, @match_key, @protocol)
|
73
|
+
@fingerprints << Fingerprint.new(fprint, @match_key, @protocol, filepath)
|
73
74
|
end
|
74
75
|
|
75
76
|
xml = nil
|
data/lib/recog/fingerprint.rb
CHANGED
@@ -5,6 +5,7 @@ module Recog
|
|
5
5
|
class Fingerprint
|
6
6
|
require 'set'
|
7
7
|
|
8
|
+
require 'recog/fingerprint_parse_error'
|
8
9
|
require 'recog/fingerprint/regexp_factory'
|
9
10
|
require 'recog/fingerprint/test'
|
10
11
|
|
@@ -28,19 +29,27 @@ class Fingerprint
|
|
28
29
|
# @return (see #parse_examples)
|
29
30
|
attr_reader :tests
|
30
31
|
|
32
|
+
# The line number of the XML entity in the source file for this
|
33
|
+
# fingerprint.
|
34
|
+
#
|
35
|
+
# @return [Integer] The line number of this entity.
|
36
|
+
attr_reader :line
|
37
|
+
|
31
38
|
# @param xml [Nokogiri::XML::Element]
|
32
39
|
# @param match_key [String] See Recog::DB
|
33
40
|
# @param protocol [String] Protocol such as ftp, mssql, http, etc.
|
34
|
-
|
41
|
+
# @param example_path [String] Directory path for fingerprint example files
|
42
|
+
def initialize(xml, match_key=nil, protocol=nil, example_path=nil)
|
35
43
|
@match_key = match_key
|
36
44
|
@protocol = protocol
|
37
45
|
@name = parse_description(xml)
|
38
46
|
@regex = create_regexp(xml)
|
47
|
+
@line = xml.line
|
39
48
|
@params = {}
|
40
49
|
@tests = []
|
41
50
|
|
42
51
|
@protocol.downcase! if @protocol
|
43
|
-
parse_examples(xml)
|
52
|
+
parse_examples(xml, example_path)
|
44
53
|
parse_params(xml)
|
45
54
|
end
|
46
55
|
|
@@ -160,6 +169,7 @@ class Fingerprint
|
|
160
169
|
# look for the presence of test cases
|
161
170
|
if tests.size == 0
|
162
171
|
yield :warn, "'#{@name}' has no test cases"
|
172
|
+
return
|
163
173
|
end
|
164
174
|
|
165
175
|
# make sure each test case passes
|
@@ -176,6 +186,7 @@ class Fingerprint
|
|
176
186
|
# out correctly and match the capture group values we expect.
|
177
187
|
test.attributes.each do |k, v|
|
178
188
|
next if k == '_encoding'
|
189
|
+
next if k == '_filename'
|
179
190
|
if !result.has_key?(k) || result[k] != v
|
180
191
|
message = "'#{@name}' failed to find expected capture group #{k} '#{v}'. Result was #{result[k]}"
|
181
192
|
status = :fail
|
@@ -223,8 +234,8 @@ class Fingerprint
|
|
223
234
|
capture_group_used.each do |param_name, param_used|
|
224
235
|
if !param_used
|
225
236
|
message = "'#{@name}' is missing an example that checks for parameter '#{param_name}' " +
|
226
|
-
"
|
227
|
-
yield :
|
237
|
+
"which is derived from a capture group"
|
238
|
+
yield :fail, message
|
228
239
|
end
|
229
240
|
end
|
230
241
|
end
|
@@ -247,14 +258,30 @@ class Fingerprint
|
|
247
258
|
end
|
248
259
|
|
249
260
|
# @param xml [Nokogiri::XML::Element]
|
261
|
+
# @param example_path [String] Directory path for fingerprint example files
|
250
262
|
# @return [void]
|
251
|
-
def parse_examples(xml)
|
263
|
+
def parse_examples(xml, example_path)
|
252
264
|
elements = xml.xpath('example')
|
253
265
|
|
254
266
|
elements.each do |elem|
|
255
267
|
# convert nokogiri Attributes into a hash of name => value
|
256
268
|
attrs = elem.attributes.values.reduce({}) { |a,e| a.merge(e.name => e.value) }
|
257
|
-
|
269
|
+
if attrs["_filename"]
|
270
|
+
contents = ""
|
271
|
+
filename = attrs["_filename"]
|
272
|
+
fn = File.expand_path(File.join(example_path, filename))
|
273
|
+
unless fn.start_with?(File.expand_path(example_path) + File::Separator)
|
274
|
+
raise FingerprintParseError.new("an example specifies an illegal file path '#{filename}'", line_number = @line)
|
275
|
+
end
|
276
|
+
|
277
|
+
File.open(fn, "rb") do |file|
|
278
|
+
contents = file.read
|
279
|
+
contents.force_encoding(Encoding::ASCII_8BIT)
|
280
|
+
end
|
281
|
+
@tests << Test.new(contents, attrs)
|
282
|
+
else
|
283
|
+
@tests << Test.new(elem.content, attrs)
|
284
|
+
end
|
258
285
|
end
|
259
286
|
|
260
287
|
nil
|