recog 2.3.21 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +42 -16
- data/Rakefile +2 -9
- data/lib/recog/db.rb +2 -1
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +0 -1
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +98 -56
- data/{xml → recog/xml}/architecture.xml +15 -1
- data/recog/xml/dhcp_vendor_class.xml +206 -0
- data/{xml → recog/xml}/dns_versionbind.xml +16 -13
- data/{xml → recog/xml}/favicons.xml +297 -47
- data/{xml → recog/xml}/fingerprints.xsd +9 -1
- data/{xml → recog/xml}/ftp_banners.xml +160 -156
- data/{xml → recog/xml}/h323_callresp.xml +101 -101
- data/{xml → recog/xml}/hp_pjl_id.xml +84 -84
- data/{xml → recog/xml}/html_title.xml +727 -34
- data/{xml → recog/xml}/http_cookies.xml +160 -77
- data/{xml → recog/xml}/http_servers.xml +556 -283
- data/{xml → recog/xml}/http_wwwauth.xml +190 -75
- data/{xml → recog/xml}/imap_banners.xml +5 -5
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +389 -26
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +1 -1
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +11 -8
- data/{xml → recog/xml}/ntp_banners.xml +97 -97
- data/{xml → recog/xml}/operating_system.xml +95 -80
- data/{xml → recog/xml}/pop_banners.xml +23 -23
- data/{xml → recog/xml}/rsh_resp.xml +3 -3
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +43 -5
- data/{xml → recog/xml}/sip_user_agents.xml +175 -27
- data/{xml → recog/xml}/smb_native_lm.xml +5 -5
- data/{xml → recog/xml}/smb_native_os.xml +25 -25
- data/{xml → recog/xml}/smtp_banners.xml +147 -146
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +1 -1
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +11 -11
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +2 -2
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +1570 -1430
- data/{xml → recog/xml}/snmp_sysobjid.xml +38 -27
- data/{xml → recog/xml}/ssh_banners.xml +16 -10
- data/{xml → recog/xml}/telnet_banners.xml +238 -21
- data/{xml → recog/xml}/tls_jarm.xml +56 -6
- data/{xml → recog/xml}/x11_banners.xml +3 -3
- data/{xml → recog/xml}/x509_issuers.xml +49 -1
- data/{xml → recog/xml}/x509_subjects.xml +139 -38
- data/recog.gemspec +9 -5
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/spec/spec_helper.rb +4 -0
- metadata +65 -134
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/workflows/ci.yml +0 -26
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/CONTRIBUTING.md +0 -270
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -148
- data/bin/recog_verify +0 -64
- data/cpe-remap.yaml +0 -343
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -20
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/verify.feature +0 -48
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -104
- data/identifiers/hw_device.txt +0 -78
- data/identifiers/hw_family.txt +0 -113
- data/identifiers/hw_product.txt +0 -410
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -75
- data/identifiers/os_family.txt +0 -233
- data/identifiers/os_product.txt +0 -340
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -752
- data/identifiers/vendor.txt +0 -798
- data/lib/recog/verifier_factory.rb +0 -13
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -174
- data/update_cpes.py +0 -250
@@ -78,7 +78,7 @@
|
|
78
78
|
<param pos="1" name="hw.product"/>
|
79
79
|
</fingerprint>
|
80
80
|
|
81
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="Cisco_CCSP_CWMP_TCPCR"
|
81
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="Cisco_CCSP_CWMP_TCPCR"">
|
82
82
|
<description>Generic Cisco CWMP/CPE equipment</description>
|
83
83
|
<example>Basic realm="Cisco_CCSP_CWMP_TCPCR"</example>
|
84
84
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
@@ -97,7 +97,7 @@
|
|
97
97
|
<param pos="0" name="os.product" value="Firewall-1"/>
|
98
98
|
</fingerprint>
|
99
99
|
|
100
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="cpanel"
|
100
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="cpanel"">
|
101
101
|
<description>cPanel</description>
|
102
102
|
<example>Basic realm="cPanel"</example>
|
103
103
|
<param pos="0" name="service.vendor" value="cPanel"/>
|
@@ -114,7 +114,7 @@
|
|
114
114
|
<param pos="0" name="os.device" value="Power Device"/>
|
115
115
|
</fingerprint>
|
116
116
|
|
117
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="ADSL\S* (?:Modem|Router|Modem/Router)"
|
117
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="ADSL\S* (?:Modem|Router|Modem/Router)"">
|
118
118
|
<description>Generic ADSL modems/routers</description>
|
119
119
|
<example>Basic realm="ADSL Modem"</example>
|
120
120
|
<example>Basic realm="ADSL Modem/Router"</example>
|
@@ -123,19 +123,19 @@
|
|
123
123
|
<param pos="0" name="hw.device" value="ADSL Modem"/>
|
124
124
|
</fingerprint>
|
125
125
|
|
126
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="Broadband Router"
|
126
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="Broadband Router"">
|
127
127
|
<description>Generic Broadband modems/routers</description>
|
128
128
|
<example>Basic realm="Broadband Router"</example>
|
129
129
|
<param pos="0" name="hw.device" value="Broadband Router"/>
|
130
130
|
</fingerprint>
|
131
131
|
|
132
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="DSL\S* (?:Modem|Router|Modem/Router)"
|
132
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="DSL\S* (?:Modem|Router|Modem/Router)"">
|
133
133
|
<description>Generic DSL modems/routers</description>
|
134
134
|
<example>Basic realm="DSL Modem"</example>
|
135
135
|
<param pos="0" name="hw.device" value="DSL Modem"/>
|
136
136
|
</fingerprint>
|
137
137
|
|
138
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="DVR"
|
138
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="DVR"">
|
139
139
|
<description>Generic DVR</description>
|
140
140
|
<example>Basic realm="DVR"</example>
|
141
141
|
<param pos="0" name="hw.device" value="DVR"/>
|
@@ -143,7 +143,7 @@
|
|
143
143
|
|
144
144
|
<!-- Hikvision is OEMd by a number of DVR manufacturers -->
|
145
145
|
|
146
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="(?i:hikvision)"
|
146
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="(?i:hikvision)"">
|
147
147
|
<description>Web server found on DVR and webcam servers sourced from Hikvision</description>
|
148
148
|
<example>Basic realm="hikvision"</example>
|
149
149
|
<param pos="0" name="service.vendor" value="Hikvision"/>
|
@@ -154,20 +154,20 @@
|
|
154
154
|
<param pos="0" name="hw.device" value="DVR"/>
|
155
155
|
</fingerprint>
|
156
156
|
|
157
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="Merit LILIN Ent\. Co\., Ltd."
|
157
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="Merit LILIN Ent\. Co\., Ltd."">
|
158
158
|
<description>Merit LILIN generic device</description>
|
159
159
|
<example>Basic realm="Merit LILIN Ent. Co., Ltd,"</example>
|
160
160
|
<example>Basic realm="Merit LILIN Ent. Co., Ltd."</example>
|
161
161
|
<param pos="0" name="hw.vendor" value="Merit LILIN"/>
|
162
162
|
</fingerprint>
|
163
163
|
|
164
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="Wireless Access Point"
|
164
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="Wireless Access Point"">
|
165
165
|
<description>Generic WAP</description>
|
166
166
|
<example>Basic realm="Wireless Access Point"</example>
|
167
167
|
<param pos="0" name="hw.device" value="WAP"/>
|
168
168
|
</fingerprint>
|
169
169
|
|
170
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="(?:(?:Cube|(?:Mini )?Dome|Day/Night|PAN/Tilt|POE|IR|HD|H.264|Surveillance|Wired|Wireless(?: N)?|Network|Internet|(?:IP(?:[\s_-])?)?Cameras?[\s_]*\d*) ?){1,4}?(?: Login)?"
|
170
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="(?:(?:Cube|(?:Mini )?Dome|Day/Night|PAN/Tilt|POE|IR|HD|H.264|Surveillance|Wired|Wireless(?: N)?|Network|Internet|(?:IP(?:[\s_-])?)?Cameras?[\s_]*\d*) ?){1,4}?(?: Login)?"">
|
171
171
|
<description>Generic IP Cameras</description>
|
172
172
|
<example>Basic realm="camera"</example>
|
173
173
|
<example>Basic realm="IPCamera Login"</example>
|
@@ -175,7 +175,7 @@
|
|
175
175
|
<param pos="0" name="hw.device" value="IP Camera"/>
|
176
176
|
</fingerprint>
|
177
177
|
|
178
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="(DCS-[^"]+)"
|
178
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="(DCS-[^"]+)"">
|
179
179
|
<description>D-Link DCS IP Cameras</description>
|
180
180
|
<example hw.product="DCS-5222LB1">Basic realm="DCS-5222LB1"</example>
|
181
181
|
<example hw.product="DCS-2530L">Basic realm="DCS-2530L"</example>
|
@@ -184,7 +184,7 @@
|
|
184
184
|
<param pos="1" name="hw.product"/>
|
185
185
|
</fingerprint>
|
186
186
|
|
187
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="GoAhead"
|
187
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="GoAhead"">
|
188
188
|
<description>GoAhead webserver</description>
|
189
189
|
<example>Basic realm="GoAhead"</example>
|
190
190
|
<param pos="0" name="service.vendor" value="Oracle"/>
|
@@ -192,14 +192,14 @@
|
|
192
192
|
<param pos="0" name="service.family" value="GoAhead Webserver"/>
|
193
193
|
</fingerprint>
|
194
194
|
|
195
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="Logitech Media Server"
|
195
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="Logitech Media Server"">
|
196
196
|
<description>Logitech Media server</description>
|
197
197
|
<example>Basic realm="Logitech Media Server"</example>
|
198
198
|
<param pos="0" name="service.vendor" value="Logitech"/>
|
199
199
|
<param pos="0" name="service.product" value="Squeezebox"/>
|
200
200
|
</fingerprint>
|
201
201
|
|
202
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="kubernetes-master"
|
202
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="kubernetes-master"">
|
203
203
|
<description>Kubernetes master nodes</description>
|
204
204
|
<example>Basic realm="kubernetes-master"</example>
|
205
205
|
<param pos="0" name="service.vendor" value="Kubernetes"/>
|
@@ -208,7 +208,7 @@
|
|
208
208
|
<param pos="0" name="service.cpe23" value="cpe:/a:kubernetes:kubernetes:-"/>
|
209
209
|
</fingerprint>
|
210
210
|
|
211
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest) realm="RUIJIE(?:-CPE)?"
|
211
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest) realm="RUIJIE(?:-CPE)?"">
|
212
212
|
<description>Ruijie Networks generic</description>
|
213
213
|
<example>Digest realm="RUIJIE-CPE"</example>
|
214
214
|
<param pos="0" name="hw.vendor" value="Ruijie"/>
|
@@ -279,7 +279,7 @@
|
|
279
279
|
<param pos="2" name="host.mac"/>
|
280
280
|
</fingerprint>
|
281
281
|
|
282
|
-
<fingerprint pattern="^(?:Basic|Digest).*realm="Thomson(?: Gateway)?"
|
282
|
+
<fingerprint pattern="^(?:Basic|Digest).*realm="Thomson(?: Gateway)?"">
|
283
283
|
<description>Thomson generic devices</description>
|
284
284
|
<example>Digest realm="Thomson Gateway"</example>
|
285
285
|
<example>Basic realm="Thomson"</example>
|
@@ -289,7 +289,7 @@
|
|
289
289
|
|
290
290
|
<fingerprint pattern="^(?:Basic|Digest) realm="(?:SmartAX )?(MT\d+[^ ]*)(?: ADSL Router)?"$">
|
291
291
|
<description>Huawei xDSL routers</description>
|
292
|
-
<example hw.product="MT882">Basic realm="SmartAX MT882"</example>
|
292
|
+
<example hw.product="MT882" service.product="MT882" os.product="MT882">Basic realm="SmartAX MT882"</example>
|
293
293
|
<param pos="0" name="service.vendor" value="Huawei"/>
|
294
294
|
<param pos="0" name="service.family" value="MT"/>
|
295
295
|
<param pos="1" name="service.product"/>
|
@@ -303,7 +303,7 @@
|
|
303
303
|
<param pos="1" name="hw.product"/>
|
304
304
|
</fingerprint>
|
305
305
|
|
306
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="HuaweiHomeGateway"
|
306
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="HuaweiHomeGateway"">
|
307
307
|
<description>Huawei Home Gateway Routers</description>
|
308
308
|
<example>Basic realm="HuaweiHomeGateway"</example>
|
309
309
|
<param pos="0" name="hw.vendor" value="Huawei"/>
|
@@ -311,7 +311,7 @@
|
|
311
311
|
<param pos="0" name="hw.product" value="Home Gateway"/>
|
312
312
|
</fingerprint>
|
313
313
|
|
314
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="EchoLife .*"
|
314
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="EchoLife .*"">
|
315
315
|
<description>Huawei EchoLife Home Gateways</description>
|
316
316
|
<example>Basic realm="EchoLife Portal de Inicio"</example>
|
317
317
|
<example>Basic realm="EchoLife Home Gateway"</example>
|
@@ -322,10 +322,10 @@
|
|
322
322
|
|
323
323
|
<fingerprint pattern="^(?:Basic|Digest) realm="(WRT54G\w*)"$">
|
324
324
|
<description>Linksys WRT54G wireless access point (dozen of variants of the product)</description>
|
325
|
-
<example hw.product="WRT54G">Basic realm="WRT54G"</example>
|
326
|
-
<example hw.product="WRT54GL">Basic realm="WRT54GL"</example>
|
327
|
-
<example hw.product="WRT54GSV4">Basic realm="WRT54GSV4"</example>
|
328
|
-
<example hw.product="WRT54GCv3">Basic realm="WRT54GCv3"</example>
|
325
|
+
<example hw.product="WRT54G" os.product="WRT54G">Basic realm="WRT54G"</example>
|
326
|
+
<example hw.product="WRT54GL" os.product="WRT54GL">Basic realm="WRT54GL"</example>
|
327
|
+
<example hw.product="WRT54GSV4" os.product="WRT54GSV4">Basic realm="WRT54GSV4"</example>
|
328
|
+
<example hw.product="WRT54GCv3" os.product="WRT54GCv3">Basic realm="WRT54GCv3"</example>
|
329
329
|
<param pos="0" name="os.vendor" value="Linksys"/>
|
330
330
|
<param pos="0" name="os.device" value="WAP"/>
|
331
331
|
<param pos="1" name="os.product"/>
|
@@ -336,9 +336,9 @@
|
|
336
336
|
|
337
337
|
<fingerprint pattern="^(?:Basic|Digest) realm="(TD-[VW8][A-Z0-9]+)(?:| \d+\.\d+)"$">
|
338
338
|
<description>TP-LINK SoHo Router - dash variant</description>
|
339
|
-
<example os.product="TD-W8901G">Basic realm="TD-W8901G"</example>
|
340
|
-
<example>Basic realm="TD-8840T 2.0"</example>
|
341
|
-
<example hw.product="TD-8811">Basic realm="TD-8811"</example>
|
339
|
+
<example os.product="TD-W8901G" hw.product="TD-W8901G">Basic realm="TD-W8901G"</example>
|
340
|
+
<example os.product="TD-8840T" hw.product="TD-8840T">Basic realm="TD-8840T 2.0"</example>
|
341
|
+
<example hw.product="TD-8811" os.product="TD-8811">Basic realm="TD-8811"</example>
|
342
342
|
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
343
343
|
<param pos="0" name="os.device" value="Router"/>
|
344
344
|
<param pos="1" name="os.product"/>
|
@@ -349,10 +349,10 @@
|
|
349
349
|
|
350
350
|
<fingerprint pattern="^(?:Basic|Digest) realm="(TD8[A-Z0-9]+)"$">
|
351
351
|
<description>TP-LINK SoHo Router</description>
|
352
|
-
<example os.product="TD854W">Basic realm="TD854W"</example>
|
353
|
-
<example hw.product="TD811">Basic realm="TD811"</example>
|
354
|
-
<example>Basic realm="TD821"</example>
|
355
|
-
<example>Basic realm="TD841"</example>
|
352
|
+
<example os.product="TD854W" hw.product="TD854W">Basic realm="TD854W"</example>
|
353
|
+
<example hw.product="TD811" os.product="TD811">Basic realm="TD811"</example>
|
354
|
+
<example os.product="TD821" hw.product="TD821">Basic realm="TD821"</example>
|
355
|
+
<example os.product="TD841" hw.product="TD841">Basic realm="TD841"</example>
|
356
356
|
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
357
357
|
<param pos="0" name="os.device" value="Router"/>
|
358
358
|
<param pos="1" name="os.product"/>
|
@@ -361,24 +361,24 @@
|
|
361
361
|
<param pos="1" name="hw.product"/>
|
362
362
|
</fingerprint>
|
363
363
|
|
364
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="TP-LINK.*(?:Access Point|Extender|AP) ([A-Z0-9\-\+]+)"
|
364
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="TP-LINK.*(?:Access Point|Extender|AP) ([A-Z0-9\-\+]+)"">
|
365
365
|
<description>TP-LINK SoHo Router - verbose variant</description>
|
366
|
-
<example os.product="WA801N">Basic realm="TP-LINK Wireless N Access Point WA801N"</example>
|
367
|
-
<example hw.product="WA830RE">Basic realm="TP-LINK Wireless Range Extender WA830RE"</example>
|
368
|
-
<example>Basic realm="TP-LINK Wireless Range Extender WA850RE"</example>
|
369
|
-
<example>Basic realm="TP-LINK Wireless AP WA501G"</example>
|
370
|
-
<example>Basic realm="TP-LINK Wireless N Access Point WA701ND"</example>
|
371
|
-
<example>Basic realm="TP-LINK Wireless N Access Point WA901ND"</example>
|
372
|
-
<example>Basic realm="TP-LINK Wireless AP WA601G"</example>
|
373
|
-
<example>Basic realm="TP-LINK Wireless AP WR710N"</example>
|
374
|
-
<example>Basic realm="TP-LINK Wireless AP WR700N"</example>
|
375
|
-
<example>Basic realm="TP-LINK Wireless Range Extender WA750RE"</example>
|
376
|
-
<example>Basic realm="TP-LINK Wireless AP WR702N"</example>
|
377
|
-
<example>Basic realm="TP-LINK Wireless AP WR800N"</example>
|
378
|
-
<example>Basic realm="TP-LINK Wireless Range Extender WA730RE"</example>
|
379
|
-
<example>Basic realm="TP-LINK Wireless N Access Point WA805N"</example>
|
380
|
-
<example>Basic realm="TP-LINK Wireless N Access Point WA701N"</example>
|
381
|
-
<example>Basic realm="TP-LINK Wireless AP WR706N"</example>
|
366
|
+
<example os.product="WA801N" hw.product="WA801N">Basic realm="TP-LINK Wireless N Access Point WA801N"</example>
|
367
|
+
<example hw.product="WA830RE" os.product="WA830RE">Basic realm="TP-LINK Wireless Range Extender WA830RE"</example>
|
368
|
+
<example os.product="WA850RE" hw.product="WA850RE">Basic realm="TP-LINK Wireless Range Extender WA850RE"</example>
|
369
|
+
<example os.product="WA501G" hw.product="WA501G">Basic realm="TP-LINK Wireless AP WA501G"</example>
|
370
|
+
<example os.product="WA701ND" hw.product="WA701ND">Basic realm="TP-LINK Wireless N Access Point WA701ND"</example>
|
371
|
+
<example os.product="WA901ND" hw.product="WA901ND">Basic realm="TP-LINK Wireless N Access Point WA901ND"</example>
|
372
|
+
<example os.product="WA601G" hw.product="WA601G">Basic realm="TP-LINK Wireless AP WA601G"</example>
|
373
|
+
<example os.product="WR710N" hw.product="WR710N">Basic realm="TP-LINK Wireless AP WR710N"</example>
|
374
|
+
<example os.product="WR700N" hw.product="WR700N">Basic realm="TP-LINK Wireless AP WR700N"</example>
|
375
|
+
<example os.product="WA750RE" hw.product="WA750RE">Basic realm="TP-LINK Wireless Range Extender WA750RE"</example>
|
376
|
+
<example os.product="WR702N" hw.product="WR702N">Basic realm="TP-LINK Wireless AP WR702N"</example>
|
377
|
+
<example os.product="WR800N" hw.product="WR800N">Basic realm="TP-LINK Wireless AP WR800N"</example>
|
378
|
+
<example os.product="WA730RE" hw.product="WA730RE">Basic realm="TP-LINK Wireless Range Extender WA730RE"</example>
|
379
|
+
<example os.product="WA805N" hw.product="WA805N">Basic realm="TP-LINK Wireless N Access Point WA805N"</example>
|
380
|
+
<example os.product="WA701N" hw.product="WA701N">Basic realm="TP-LINK Wireless N Access Point WA701N"</example>
|
381
|
+
<example os.product="WR706N" hw.product="WR706N">Basic realm="TP-LINK Wireless AP WR706N"</example>
|
382
382
|
<param pos="0" name="os.vendor" value="TP-LINK"/>
|
383
383
|
<param pos="0" name="os.device" value="WAP"/>
|
384
384
|
<param pos="1" name="os.product"/>
|
@@ -387,31 +387,31 @@
|
|
387
387
|
<param pos="1" name="hw.product"/>
|
388
388
|
</fingerprint>
|
389
389
|
|
390
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TP-LINK (.*Router.*)"
|
390
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TP-LINK (.*Router.*)"">
|
391
391
|
<description>TP-LINK Routers</description>
|
392
|
-
<example>Basic realm="TP-LINK Wireless N Router WR841N"</example>
|
393
|
-
<example>Basic realm="TP-LINK Gigabit Broadband VPN Router R600VPN"</example>
|
394
|
-
<example>Basic realm="TP-LINK Wireless Lite N Router WR740N/WR741ND"</example>
|
392
|
+
<example hw.product="Wireless N Router WR841N">Basic realm="TP-LINK Wireless N Router WR841N"</example>
|
393
|
+
<example hw.product="Gigabit Broadband VPN Router R600VPN">Basic realm="TP-LINK Gigabit Broadband VPN Router R600VPN"</example>
|
394
|
+
<example hw.product="Wireless Lite N Router WR740N/WR741ND">Basic realm="TP-LINK Wireless Lite N Router WR740N/WR741ND"</example>
|
395
395
|
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
396
396
|
<param pos="0" name="hw.device" value="Router"/>
|
397
397
|
<param pos="1" name="hw.product"/>
|
398
398
|
</fingerprint>
|
399
399
|
|
400
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TP-LINK IP-Camera"
|
400
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TP-LINK IP-Camera"">
|
401
401
|
<description>TP-LINK IP-Cameras</description>
|
402
402
|
<example>Basic realm="TP-LINK IP-Camera"</example>
|
403
403
|
<param pos="0" name="hw.vendor" value="TP-LINK"/>
|
404
404
|
<param pos="0" name="hw.device" value="IP Camera"/>
|
405
405
|
</fingerprint>
|
406
406
|
|
407
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest) .*realm="Broadcom Management Service"
|
407
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest) .*realm="Broadcom Management Service"">
|
408
408
|
<description>Supposedly part of Broadcom Advanced Control Suite 3 (BACS3) or something similar</description>
|
409
409
|
<example>Digest qop="auth", realm="Broadcom Management Service", nonce="AAAAAAAAAAAAAP//DwHpMwYy1zc=", algorithm="MD5"</example>
|
410
410
|
<param pos="0" name="service.vendor" value="Broadcom"/>
|
411
411
|
<param pos="0" name="service.product" value="Management Service"/>
|
412
412
|
</fingerprint>
|
413
413
|
|
414
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="SWAT"
|
414
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="SWAT"">
|
415
415
|
<description>Samba Web Administration Tool (SWAT)</description>
|
416
416
|
<example>Basic realm="SWAT"</example>
|
417
417
|
<param pos="0" name="service.vendor" value="Samba"/>
|
@@ -419,7 +419,7 @@
|
|
419
419
|
<param pos="0" name="service.product" value="SWAT"/>
|
420
420
|
</fingerprint>
|
421
421
|
|
422
|
-
<fingerprint pattern="^.{0,
|
422
|
+
<fingerprint pattern="^.{0,1000}(?:Basic|Digest) realm="SPIP Configuration"">
|
423
423
|
<description>SPIP publishing system (www.spip.net)</description>
|
424
424
|
<example>Basic realm="SPIP Configuration", Digest realm="SPIP Configuration", nonce="116761147", algorithm="MD5"</example>
|
425
425
|
<param pos="0" name="service.vendor" value="SPIP"/>
|
@@ -427,7 +427,7 @@
|
|
427
427
|
<param pos="0" name="service.cpe23" value="cpe:/a:spip:spip:-"/>
|
428
428
|
</fingerprint>
|
429
429
|
|
430
|
-
<fingerprint pattern="^.{0,
|
430
|
+
<fingerprint pattern="^.{0,1000}(?:Basic|Digest) .*realm="HP ISEE @ ([^"]+)"">
|
431
431
|
<description>HP Instant Support Enterprise Edition with a hostname</description>
|
432
432
|
<example host.name="blah">Basic realm="HP ISEE @ blah"</example>
|
433
433
|
<param pos="0" name="service.vendor" value="HP"/>
|
@@ -435,7 +435,7 @@
|
|
435
435
|
<param pos="1" name="host.name"/>
|
436
436
|
</fingerprint>
|
437
437
|
|
438
|
-
<fingerprint pattern="^.{0,
|
438
|
+
<fingerprint pattern="^.{0,1000}(?:Basic|Digest) .*realm="BIG-IP"">
|
439
439
|
<description>Generic F5 Big-IP</description>
|
440
440
|
<example>Basic realm="BIG-IP"</example>
|
441
441
|
<param pos="0" name="service.vendor" value="F5"/>
|
@@ -467,13 +467,13 @@
|
|
467
467
|
<param pos="1" name="os.product"/>
|
468
468
|
</fingerprint>
|
469
469
|
|
470
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="SERCOMM CPE Authentication"
|
470
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="SERCOMM CPE Authentication"">
|
471
471
|
<description>Assorted Sercomm CPE devices</description>
|
472
472
|
<example>Digest realm="SERCOMM CPE Authentication"</example>
|
473
473
|
<param pos="0" name="hw.vendor" value="Sercomm"/>
|
474
474
|
</fingerprint>
|
475
475
|
|
476
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TiVo DVR"
|
476
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="TiVo DVR"">
|
477
477
|
<description>Tivo DVR</description>
|
478
478
|
<example>Digest realm="TiVo DVR"</example>
|
479
479
|
<param pos="0" name="hw.vendor" value="Tivo"/>
|
@@ -481,7 +481,7 @@
|
|
481
481
|
<param pos="0" name="hw.device" value="DVR"/>
|
482
482
|
</fingerprint>
|
483
483
|
|
484
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="UBEE"
|
484
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="UBEE"">
|
485
485
|
<description>Ubee Cable Modems</description>
|
486
486
|
<example>Digest qop="auth", realm="Ubee", nonce="1544738973"</example>
|
487
487
|
<param pos="0" name="hw.vendor" value="Ubee"/>
|
@@ -496,22 +496,22 @@
|
|
496
496
|
<param pos="0" name="service.family" value="Oracle"/>
|
497
497
|
</fingerprint>
|
498
498
|
|
499
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="cpe@zte.com"
|
499
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="cpe@zte.com"">
|
500
500
|
<description>Assorted ZTE CPE devices</description>
|
501
501
|
<example>Digest realm="cpe@zte.com"</example>
|
502
502
|
<param pos="0" name="hw.vendor" value="ZTE"/>
|
503
503
|
</fingerprint>
|
504
504
|
|
505
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="ZXHN (\S+)"
|
505
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="ZXHN (\S+)"">
|
506
506
|
<description>ZTE ZXHN router</description>
|
507
|
-
<example>Basic realm="ZXHN H108L"</example>
|
507
|
+
<example hw.product="H108L">Basic realm="ZXHN H108L"</example>
|
508
508
|
<param pos="0" name="hw.vendor" value="ZTE"/>
|
509
509
|
<param pos="0" name="hw.device" value="Router"/>
|
510
510
|
<param pos="0" name="hw.family" value="ZXHN"/>
|
511
511
|
<param pos="1" name="hw.product"/>
|
512
512
|
</fingerprint>
|
513
513
|
|
514
|
-
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="(ZXV\S* \S+)"
|
514
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="(ZXV\S* \S+)"">
|
515
515
|
<description>ZTE ZXV router</description>
|
516
516
|
<example hw.product="ZXV10 W300">Basic realm="ZXV10 W300"</example>
|
517
517
|
<param pos="0" name="hw.vendor" value="ZTE"/>
|
@@ -540,7 +540,7 @@
|
|
540
540
|
<param pos="0" name="os.product" value="Linux"/>
|
541
541
|
</fingerprint>
|
542
542
|
|
543
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="NETGEAR (Orbi(?:-(?:micro|mini))?)"
|
543
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="NETGEAR (Orbi(?:-(?:micro|mini))?)"">
|
544
544
|
<description>Netgear Orbi</description>
|
545
545
|
<example hw.product="Orbi">Basic realm="NETGEAR Orbi"</example>
|
546
546
|
<example hw.product="Orbi-micro">Basic realm="NETGEAR Orbi-micro"</example>
|
@@ -551,7 +551,7 @@
|
|
551
551
|
<param pos="1" name="hw.product"/>
|
552
552
|
</fingerprint>
|
553
553
|
|
554
|
-
<fingerprint pattern="(?:Basic|Digest) realm="NETGEAR ([a-zA-Z0-9\-\+]+)\s*"
|
554
|
+
<fingerprint pattern="(?:Basic|Digest) realm="NETGEAR ([a-zA-Z0-9\-\+]+)\s*"">
|
555
555
|
<description>Netgear Routers</description>
|
556
556
|
<example hw.product="DG834">Basic realm="NETGEAR DG834 "</example>
|
557
557
|
<example hw.product="C7000v2">Basic realm="NETGEAR C7000v2"</example>
|
@@ -563,7 +563,7 @@
|
|
563
563
|
|
564
564
|
<!-- Fallback to the most generic Netgear match -->
|
565
565
|
|
566
|
-
<fingerprint pattern="(?:Basic|Digest) realm="Netgear"
|
566
|
+
<fingerprint pattern="(?:Basic|Digest) realm="Netgear"">
|
567
567
|
<description>Netgear Unspecified Router</description>
|
568
568
|
<example>Basic realm="Netgear"</example>
|
569
569
|
<param pos="0" name="hw.vendor" value="Netgear"/>
|
@@ -581,7 +581,7 @@
|
|
581
581
|
<param pos="1" name="hw.product"/>
|
582
582
|
</fingerprint>
|
583
583
|
|
584
|
-
<fingerprint pattern="^(?:Basic|Digest) realm="[iI]RMC(?:@(IRMC[0-9a-fA-F]{6}))?"
|
584
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="[iI]RMC(?:@(IRMC[0-9a-fA-F]{6}))?"">
|
585
585
|
<description>Fujitsu Siemens Primergy with BMC RemoteView on an iRMC card</description>
|
586
586
|
<example host.name="IRMCA0EC88">Digest realm="iRMC@IRMCA0EC88", qop="auth", nonce="d569ace4-00029040", opaque="29040", stale="FALSE"</example>
|
587
587
|
<param pos="0" name="service.vendor" value="Fujitsu Siemens"/>
|
@@ -593,17 +593,123 @@
|
|
593
593
|
<param pos="1" name="host.name"/>
|
594
594
|
</fingerprint>
|
595
595
|
|
596
|
+
<fingerprint pattern="^(?:Basic|Digest) realm="DELL \| SonicWALL SonicPoint">
|
597
|
+
<description>SonicWall SonicPoint (non-specific)</description>
|
598
|
+
<example>Basic realm="DELL | SonicWALL SonicPoint ACe/ACi/N2"</example>
|
599
|
+
<param pos="0" name="os.vendor" value="SonicWall"/>
|
600
|
+
<param pos="0" name="os.device" value="WAP"/>
|
601
|
+
<param pos="0" name="os.product" value="SonicOS"/>
|
602
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:-"/>
|
603
|
+
<param pos="0" name="hw.vendor" value="SonicWall"/>
|
604
|
+
<param pos="0" name="hw.product" value="SonicPoint"/>
|
605
|
+
</fingerprint>
|
606
|
+
|
607
|
+
<fingerprint pattern="(?i)^(?:Basic|Digest).*realm="rokudev"">
|
608
|
+
<description>Roku Streaming Device</description>
|
609
|
+
<example>Digest qop="auth", realm="rokudev", nonce="1111111111"</example>
|
610
|
+
<param pos="0" name="hw.vendor" value="Roku"/>
|
611
|
+
<param pos="0" name="hw.device" value="Media Server"/>
|
612
|
+
</fingerprint>
|
613
|
+
|
614
|
+
<fingerprint pattern="(?i)^Basic realm="System Setup"">
|
615
|
+
<description>Patton DSL Router</description>
|
616
|
+
<example>Basic realm="System Setup"</example>
|
617
|
+
<param pos="0" name="hw.vendor" value="Patton"/>
|
618
|
+
<param pos="0" name="hw.device" value="Router"/>
|
619
|
+
<param pos="0" name="hw.product" value="SHDSL Router"/>
|
620
|
+
<param pos="0" name="hw.certainty" value="0.50"/>
|
621
|
+
</fingerprint>
|
622
|
+
|
623
|
+
<fingerprint pattern="(?i)^Digest realm="Login to ND[0-9]{3,20}", nonce=">
|
624
|
+
<description>Lorex NR900 Series DVR</description>
|
625
|
+
<example>Digest realm="Login to ND011811000000", nonce="ec3682ef24b2cd9cedefe5cc26110000"</example>
|
626
|
+
<param pos="0" name="hw.vendor" value="Lorex"/>
|
627
|
+
<param pos="0" name="hw.device" value="DVR"/>
|
628
|
+
<param pos="0" name="hw.product" value="NR900"/>
|
629
|
+
<param pos="0" name="hw.certainty" value="0.50"/>
|
630
|
+
</fingerprint>
|
631
|
+
|
632
|
+
<fingerprint pattern="(?i)^Basic realm="the Access Point"">
|
633
|
+
<description>Psion Teklogix</description>
|
634
|
+
<example>Basic realm="the Access Point"</example>
|
635
|
+
<param pos="0" name="hw.vendor" value="Psion Teklogix"/>
|
636
|
+
<param pos="0" name="hw.device" value="Network Appliance"/>
|
637
|
+
<param pos="0" name="hw.product" value="CommServer"/>
|
638
|
+
</fingerprint>
|
639
|
+
|
640
|
+
<fingerprint pattern="(?i)^Digest realm="Use 'live' as User Name">
|
641
|
+
<description>Bosch AutoDome IP Camera</description>
|
642
|
+
<example>Digest realm="Use 'live' as User Name",nonce="18e62d241a5358a9650640fa72c1773c",opaque="",stale=FALSE,algorithm=MD5</example>
|
643
|
+
<example>Digest realm="Use 'live' as User Name in order to log in to the respective level",nonce="2e6007092c2b28af7e2516b80b5b4f95",opaque="",stale=FALSE,algorithm=MD5,qop="auth"</example>
|
644
|
+
<param pos="0" name="hw.vendor" value="Bosch"/>
|
645
|
+
<param pos="0" name="hw.device" value="Web Cam"/>
|
646
|
+
<param pos="0" name="hw.product" value="AutoDome"/>
|
647
|
+
<param pos="0" name="hw.certainty" value="0.50"/>
|
648
|
+
</fingerprint>
|
649
|
+
|
650
|
+
<fingerprint pattern="(?i)^Basic realm="Shelly"">
|
651
|
+
<description>Shelly Smart Device</description>
|
652
|
+
<example>Basic realm="Shelly"</example>
|
653
|
+
<param pos="0" name="hw.vendor" value="Shelly"/>
|
654
|
+
<param pos="0" name="hw.device" value="Device"/>
|
655
|
+
</fingerprint>
|
656
|
+
|
657
|
+
<fingerprint pattern="(?i)^Basic realm="Eurotherm"">
|
658
|
+
<description>Schneider Electric Eurotherm Device</description>
|
659
|
+
<example>Basic realm="Eurotherm"</example>
|
660
|
+
<param pos="0" name="hw.vendor" value="Schneider Electric"/>
|
661
|
+
<param pos="0" name="hw.device" value="Device"/>
|
662
|
+
<param pos="0" name="hw.family" value="Eurotherm"/>
|
663
|
+
</fingerprint>
|
664
|
+
|
665
|
+
<fingerprint pattern="(?i)^Basic realm="TomatoUSB"">
|
666
|
+
<description>TomatoUSB Router Firmware</description>
|
667
|
+
<example>Basic realm="TomatoUSB"</example>
|
668
|
+
<param pos="0" name="os.vendor" value="TomatoUSB"/>
|
669
|
+
<param pos="0" name="os.family" value="Linux"/>
|
670
|
+
<param pos="0" name="os.product" value="TomatoUSB"/>
|
671
|
+
<param pos="0" name="os.device" value="Router"/>
|
672
|
+
</fingerprint>
|
673
|
+
|
674
|
+
<fingerprint pattern="(?i)^Basic realm="FreshTomato"">
|
675
|
+
<description>FreshTomato Router Firmware</description>
|
676
|
+
<example>Basic realm="FreshTomato"</example>
|
677
|
+
<param pos="0" name="os.vendor" value="FreshTomato"/>
|
678
|
+
<param pos="0" name="os.family" value="Linux"/>
|
679
|
+
<param pos="0" name="os.product" value="FreshTomato"/>
|
680
|
+
<param pos="0" name="os.device" value="Router"/>
|
681
|
+
</fingerprint>
|
682
|
+
|
683
|
+
<fingerprint pattern="(?i)^Basic realm="NetPing \d+/PWR-220\s*v\d+/(?:ETH|SMS|GSM(?:3G)?)"">
|
684
|
+
<description>Alentis Electronics NetPing PDU</description>
|
685
|
+
<example>Basic realm="NetPing 2/PWR-220v2/SMS"</example>
|
686
|
+
<example>Basic realm="NetPing 2/PWR-220 v12/ETH"</example>
|
687
|
+
<example>Basic realm="NetPing 4/PWR-220v3/SMS"</example>
|
688
|
+
<param pos="0" name="os.vendor" value="Alentis Electronics"/>
|
689
|
+
<param pos="0" name="os.product" value="NetPing Firmware"/>
|
690
|
+
<param pos="0" name="os.device" value="Power Device"/>
|
691
|
+
<param pos="0" name="hw.vendor" value="Alentis Electronics"/>
|
692
|
+
<param pos="0" name="hw.product" value="NetPing"/>
|
693
|
+
<param pos="0" name="hw.device" value="Power Device"/>
|
694
|
+
</fingerprint>
|
695
|
+
|
596
696
|
<!-- a variety of headers we currently just ignore -->
|
597
697
|
|
598
698
|
<fingerprint pattern="(?i)^NTLM$">
|
599
|
-
<description>Ignore NTLM-only</description>
|
699
|
+
<description>Ignore NTLM-only -- assert nothing</description>
|
600
700
|
<example>NTLM</example>
|
601
701
|
<example>Ntlm</example>
|
702
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
703
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
704
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
602
705
|
</fingerprint>
|
603
706
|
|
604
707
|
<fingerprint pattern="^Negotiate$">
|
605
|
-
<description>Ignore Negotiate-only</description>
|
708
|
+
<description>Ignore Negotiate-only -- assert nothing</description>
|
606
709
|
<example>Negotiate</example>
|
710
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
711
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
712
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
607
713
|
</fingerprint>
|
608
714
|
|
609
715
|
<!--
|
@@ -612,24 +718,33 @@
|
|
612
718
|
-->
|
613
719
|
|
614
720
|
<fingerprint pattern="^(?:Basic|Digest) .*realm=['"](?:\/|\.|null|\/?index.html?)?['"]">
|
615
|
-
<description>Ignore null/empty/period/index
|
721
|
+
<description>Ignore null/empty/period/index -- assert nothing</description>
|
616
722
|
<example>Basic realm="null"</example>
|
617
723
|
<example>Basic realm="."</example>
|
618
724
|
<example>Basic realm=""</example>
|
619
725
|
<example>Basic realm="/"</example>
|
620
726
|
<example>Basic realm='/'</example>
|
621
727
|
<example>Basic realm="index.html"</example>
|
728
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
729
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
730
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
622
731
|
</fingerprint>
|
623
732
|
|
624
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"
|
625
|
-
<description>Ignore realms with an IPv4 address</description>
|
733
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)"">
|
734
|
+
<description>Ignore realms with an IPv4 address -- assert nothing</description>
|
626
735
|
<example>Basic realm="192.168.0.1"</example>
|
627
736
|
<example>Digest qop="auth", realm="172.16.0.1", nonce="AAAAAAAAAAAAAP//DwHpM0IvM78=", algorithm="MD5"</example>
|
737
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
738
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
739
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
628
740
|
</fingerprint>
|
629
741
|
|
630
|
-
<fingerprint pattern="^(?:Basic|Digest) .*realm="config"
|
631
|
-
<description>Ignore generic 'config' realms</description>
|
742
|
+
<fingerprint pattern="^(?:Basic|Digest) .*realm="config"">
|
743
|
+
<description>Ignore generic 'config' realms -- assert nothing</description>
|
632
744
|
<example>Digest realm="config", nonce="1155041914", algorithm="MD5", qop="auth"</example>
|
745
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
746
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
747
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
633
748
|
</fingerprint>
|
634
749
|
|
635
750
|
<!--
|
@@ -47,7 +47,7 @@
|
|
47
47
|
<param pos="2" name="host.name"/>
|
48
48
|
</fingerprint>
|
49
49
|
|
50
|
-
<fingerprint pattern="^Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version (6\.5\.\d{4}\.\d+) \((.*)\)
|
50
|
+
<fingerprint pattern="^Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version (6\.5\.\d{4}\.\d+) \((.*)\),">
|
51
51
|
<description>Microsoft Exchange Server 2003, German</description>
|
52
52
|
<example service.version="6.5.7638.1" host.name="foo.bar">Der Microsoft Exchange Server 2003 IMAP4rev1-Server, Version 6.5.7638.1 (foo.bar), steht zur Verfgung.</example>
|
53
53
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
@@ -168,8 +168,8 @@
|
|
168
168
|
|
169
169
|
<fingerprint pattern="^(\S{1,512}) CallPilot IMAP4rev1 v(\S+) server ready\.?$">
|
170
170
|
<description>Nortel CallPilot</description>
|
171
|
-
<example>nottest.localdomain CallPilot IMAP4rev1 v42.02.05.22 server ready.</example>
|
172
|
-
<example>test.localdomain CallPilot IMAP4rev1 v43.03.19.22 server ready.</example>
|
171
|
+
<example service.version="42.02.05.22" host.name="nottest.localdomain">nottest.localdomain CallPilot IMAP4rev1 v42.02.05.22 server ready.</example>
|
172
|
+
<example service.version="43.03.19.22" host.name="test.localdomain">test.localdomain CallPilot IMAP4rev1 v43.03.19.22 server ready.</example>
|
173
173
|
<param pos="0" name="service.vendor" value="Nortel"/>
|
174
174
|
<param pos="0" name="service.product" value="CallPilot"/>
|
175
175
|
<param pos="2" name="service.version"/>
|
@@ -253,7 +253,7 @@
|
|
253
253
|
// * OK xxx PMDF IMAP4rev1 V6.0-24 (Message store V6.0-24)
|
254
254
|
// * OK xxx PMDF IMAP4rev1 V6.0-9
|
255
255
|
IMAP_FP_PARSERS[5] = new PatternParser(
|
256
|
-
"^([^\\s]+) PMDF IMAP4rev1 V([^\\s]+)
|
256
|
+
"^([^\\s]+) PMDF IMAP4rev1 V([^\\s]+)");
|
257
257
|
IMAP_FP_PARSERS[5].addConstantParam("product", "PMDF");
|
258
258
|
IMAP_FP_PARSERS[5].addParamSpec(1, "hostname");
|
259
259
|
IMAP_FP_PARSERS[5].addParamSpec(2, "version");
|
@@ -265,7 +265,7 @@
|
|
265
265
|
IMAP_FP_PARSERS[6].addParamSpec(2, "server-time");
|
266
266
|
// Eudora Internet Mail Server
|
267
267
|
IMAP_FP_PARSERS[7] = new PatternParser(
|
268
|
-
"^Eudora Internet Mail Server (.*)
|
268
|
+
"^Eudora Internet Mail Server (.*) ");
|
269
269
|
IMAP_FP_PARSERS[7].addConstantParam("product", "eudoraims");
|
270
270
|
IMAP_FP_PARSERS[7].addParamSpec(1, "version");
|
271
271
|
// Eudora Qualcomm WorldMail
|
File without changes
|