recog 2.3.21 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +42 -16
- data/Rakefile +2 -9
- data/lib/recog/db.rb +2 -1
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +0 -1
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +98 -56
- data/{xml → recog/xml}/architecture.xml +15 -1
- data/recog/xml/dhcp_vendor_class.xml +206 -0
- data/{xml → recog/xml}/dns_versionbind.xml +16 -13
- data/{xml → recog/xml}/favicons.xml +297 -47
- data/{xml → recog/xml}/fingerprints.xsd +9 -1
- data/{xml → recog/xml}/ftp_banners.xml +160 -156
- data/{xml → recog/xml}/h323_callresp.xml +101 -101
- data/{xml → recog/xml}/hp_pjl_id.xml +84 -84
- data/{xml → recog/xml}/html_title.xml +727 -34
- data/{xml → recog/xml}/http_cookies.xml +160 -77
- data/{xml → recog/xml}/http_servers.xml +556 -283
- data/{xml → recog/xml}/http_wwwauth.xml +190 -75
- data/{xml → recog/xml}/imap_banners.xml +5 -5
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +389 -26
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +1 -1
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +11 -8
- data/{xml → recog/xml}/ntp_banners.xml +97 -97
- data/{xml → recog/xml}/operating_system.xml +95 -80
- data/{xml → recog/xml}/pop_banners.xml +23 -23
- data/{xml → recog/xml}/rsh_resp.xml +3 -3
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +43 -5
- data/{xml → recog/xml}/sip_user_agents.xml +175 -27
- data/{xml → recog/xml}/smb_native_lm.xml +5 -5
- data/{xml → recog/xml}/smb_native_os.xml +25 -25
- data/{xml → recog/xml}/smtp_banners.xml +147 -146
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +1 -1
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +11 -11
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +2 -2
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +1570 -1430
- data/{xml → recog/xml}/snmp_sysobjid.xml +38 -27
- data/{xml → recog/xml}/ssh_banners.xml +16 -10
- data/{xml → recog/xml}/telnet_banners.xml +238 -21
- data/{xml → recog/xml}/tls_jarm.xml +56 -6
- data/{xml → recog/xml}/x11_banners.xml +3 -3
- data/{xml → recog/xml}/x509_issuers.xml +49 -1
- data/{xml → recog/xml}/x509_subjects.xml +139 -38
- data/recog.gemspec +9 -5
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/spec/spec_helper.rb +4 -0
- metadata +65 -134
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/workflows/ci.yml +0 -26
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/CONTRIBUTING.md +0 -270
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -148
- data/bin/recog_verify +0 -64
- data/cpe-remap.yaml +0 -343
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -20
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/verify.feature +0 -48
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -104
- data/identifiers/hw_device.txt +0 -78
- data/identifiers/hw_family.txt +0 -113
- data/identifiers/hw_product.txt +0 -410
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -75
- data/identifiers/os_family.txt +0 -233
- data/identifiers/os_product.txt +0 -340
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -752
- data/identifiers/vendor.txt +0 -798
- data/lib/recog/verifier_factory.rb +0 -13
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -174
- data/update_cpes.py +0 -250
@@ -0,0 +1,206 @@
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
|
+
<fingerprints matches="dhcp_vendor_class" protocol="dhcp" database_type="service">
|
3
|
+
<!--
|
4
|
+
Fingerprint definitions that are matched against the string values in the
|
5
|
+
dhcp message vi_vendor_class field
|
6
|
+
This field is Option 60 as defined in RFC 2132 section 9.13.
|
7
|
+
The vi_vendor_class field can be found in client discover (1), request (3)
|
8
|
+
and inform (8) messages.
|
9
|
+
-->
|
10
|
+
|
11
|
+
<fingerprint pattern="^Mfg=(?:Fuji)?(?i:Xerox);Typ=(?:MFP|printer);Mod=(?:Xerox )?(\S+) ([a-zA-Z0-9]+).*;Ser=([A-Z0-9]{9})(?:;Loc=.*)?$">
|
12
|
+
<description>Xerox Multifunction Printer</description>
|
13
|
+
<example hw.family="VersaLink" hw.model="C405" hw.serial_number="ABC123456">Mfg=Xerox;Typ=MFP;Mod=VersaLink C405;Ser=ABC123456;Loc=Print Room</example>
|
14
|
+
<example hw.family="AltaLink" hw.model="C8055" hw.serial_number="1AB234567">Mfg=Xerox;Typ=MFP;Mod=Xerox AltaLink C8055 Multifunction Printer;Ser=1AB234567;Loc=Print Room2</example>
|
15
|
+
<example hw.family="WorkCentre" hw.model="3345" hw.serial_number="1AB234567">Mfg=XEROX;Typ=MFP;Mod=WorkCentre 3345;Ser=1AB234567;Loc=</example>
|
16
|
+
<example hw.family="WorkCentre" hw.model="7845" hw.serial_number="AB1234567">Mfg=Xerox;Typ=MFP;Mod=Xerox WorkCentre 7845 v1 Multifunction System;Ser=AB1234567;Loc=</example>
|
17
|
+
<example hw.family="Phaser" hw.model="6500DN" hw.serial_number="ABC123456">Mfg=FujiXerox;Typ=printer;Mod=Phaser 6500DN;Ser=ABC123456</example>
|
18
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
19
|
+
<param pos="0" name="hw.vendor" value="Xerox"/>
|
20
|
+
<param pos="1" name="hw.family"/>
|
21
|
+
<param pos="2" name="hw.model"/>
|
22
|
+
<param pos="3" name="hw.serial_number"/>
|
23
|
+
<param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
|
24
|
+
<param pos="0" name="os.vendor" value="Xerox"/>
|
25
|
+
<param pos="0" name="os.device" value="Printer"/>
|
26
|
+
</fingerprint>
|
27
|
+
|
28
|
+
<fingerprint pattern="^Mfg=Hewlett Packard;Typ=Printer;Mod=HP (LaserJet 200|LaserJet 400) (?:color |colorMFP |MFP )?(M\d+\S+);Ser=([A-Z0-9]{10});$">
|
29
|
+
<description>HP Multifunction Printer</description>
|
30
|
+
<example hw.family="LaserJet 200" hw.model="M276nw" hw.serial_number="ABC1DE2F3G">Mfg=Hewlett Packard;Typ=Printer;Mod=HP LaserJet 200 colorMFP M276nw;Ser=ABC1DE2F3G;</example>
|
31
|
+
<example hw.family="LaserJet 400" hw.model="M401dne" hw.serial_number="ABCDE12345">Mfg=Hewlett Packard;Typ=Printer;Mod=HP LaserJet 400 M401dne;Ser=ABCDE12345;</example>
|
32
|
+
<example hw.family="LaserJet 400" hw.model="M401dw" hw.serial_number="ABCDE12345">Mfg=Hewlett Packard;Typ=Printer;Mod=HP LaserJet 400 M401dw;Ser=ABCDE12345;</example>
|
33
|
+
<example hw.family="LaserJet 400" hw.model="M401n" hw.serial_number="ABCDE12345">Mfg=Hewlett Packard;Typ=Printer;Mod=HP LaserJet 400 M401n;Ser=ABCDE12345;</example>
|
34
|
+
<example hw.family="LaserJet 400" hw.model="M425dn" hw.serial_number="ABC1D23E4E">Mfg=Hewlett Packard;Typ=Printer;Mod=HP LaserJet 400 MFP M425dn;Ser=ABC1D23E4E;</example>
|
35
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
36
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
37
|
+
<param pos="1" name="hw.family"/>
|
38
|
+
<param pos="2" name="hw.model"/>
|
39
|
+
<param pos="3" name="hw.serial_number"/>
|
40
|
+
<param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
|
41
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
42
|
+
<param pos="0" name="os.device" value="Printer"/>
|
43
|
+
</fingerprint>
|
44
|
+
|
45
|
+
<fingerprint pattern="^(?:Hewlett-Packard|HP) (OfficeJet|LaserJet|Printer|JetDirect)$">
|
46
|
+
<description>HP Printer</description>
|
47
|
+
<example hw.family="LaserJet">Hewlett-Packard LaserJet</example>
|
48
|
+
<example hw.family="OfficeJet">Hewlett-Packard OfficeJet</example>
|
49
|
+
<example hw.family="LaserJet">HP LaserJet</example>
|
50
|
+
<example hw.family="Printer">HP Printer</example>
|
51
|
+
<example hw.family="JetDirect">Hewlett-Packard JetDirect</example>
|
52
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
53
|
+
<param pos="0" name="hw.vendor" value="HP"/>
|
54
|
+
<param pos="1" name="hw.family"/>
|
55
|
+
<param pos="0" name="os.vendor" value="HP"/>
|
56
|
+
<param pos="0" name="os.device" value="Printer"/>
|
57
|
+
</fingerprint>
|
58
|
+
|
59
|
+
<fingerprint pattern="^Mfg=LEXMARK;Typ=(?:MFP|Printer);Mod=Lexmark (\S+);Ser=([A-Z0-9]{13});$">
|
60
|
+
<description>Lexmark Printer</description>
|
61
|
+
<example hw.model="MX410de" hw.serial_number="12345ABC6D7EF">Mfg=LEXMARK;Typ=MFP;Mod=Lexmark MX410de;Ser=12345ABC6D7EF;</example>
|
62
|
+
<example hw.model="MS310dn" hw.serial_number="123456AB7C8DE">Mfg=LEXMARK;Typ=Printer;Mod=Lexmark MS310dn;Ser=123456AB7C8DE;</example>
|
63
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
64
|
+
<param pos="0" name="hw.vendor" value="Lexmark"/>
|
65
|
+
<param pos="1" name="hw.model"/>
|
66
|
+
<param pos="2" name="hw.serial_number"/>
|
67
|
+
<param pos="0" name="os.vendor" value="Lexmark"/>
|
68
|
+
<param pos="0" name="os.device" value="Printer"/>
|
69
|
+
</fingerprint>
|
70
|
+
|
71
|
+
<fingerprint pattern="^Canon iR-ADV (C?\d+ ?\S*)$">
|
72
|
+
<description>Canon imageRunner Printer</description>
|
73
|
+
<example hw.model="C5535 III">Canon iR-ADV C5535 III</example>
|
74
|
+
<example hw.model="C350">Canon iR-ADV C350</example>
|
75
|
+
<example hw.model="4545 III">Canon iR-ADV 4545 III</example>
|
76
|
+
<example hw.model="525">Canon iR-ADV 525</example>
|
77
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
78
|
+
<param pos="0" name="hw.vendor" value="Canon"/>
|
79
|
+
<param pos="0" name="hw.family" value="imageRunner"/>
|
80
|
+
<param pos="1" name="hw.model"/>
|
81
|
+
<param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
|
82
|
+
<param pos="0" name="os.vendor" value="Canon"/>
|
83
|
+
<param pos="0" name="os.device" value="Printer"/>
|
84
|
+
</fingerprint>
|
85
|
+
|
86
|
+
<fingerprint pattern="^Canon (D\d+) Series$">
|
87
|
+
<description>Canon imageClass Printer</description>
|
88
|
+
<example hw.model="D1600">Canon D1600 Series</example>
|
89
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
90
|
+
<param pos="0" name="hw.vendor" value="Canon"/>
|
91
|
+
<param pos="0" name="hw.family" value="imageClass"/>
|
92
|
+
<param pos="1" name="hw.model"/>
|
93
|
+
<param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
|
94
|
+
<param pos="0" name="os.vendor" value="Canon"/>
|
95
|
+
<param pos="0" name="os.device" value="Printer"/>
|
96
|
+
</fingerprint>
|
97
|
+
|
98
|
+
<fingerprint pattern="^Polycom-(VVX\d{3})$">
|
99
|
+
<description>Polycom IP Phone</description>
|
100
|
+
<example hw.product="VVX410" hw.model="VVX410">Polycom-VVX410</example>
|
101
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
102
|
+
<param pos="0" name="hw.vendor" value="Polycom"/>
|
103
|
+
<param pos="0" name="hw.family" value="VVX"/>
|
104
|
+
<param pos="1" name="hw.model"/>
|
105
|
+
<param pos="0" name="hw.product" value="{hw.model}"/>
|
106
|
+
<param pos="0" name="os.vendor" value="Polycom"/>
|
107
|
+
</fingerprint>
|
108
|
+
|
109
|
+
<fingerprint pattern="^Aruba\s(JL\d+A)\s(\d+[A-Z]?)\S+\sSwitch(?:\sdslforum.org)?$">
|
110
|
+
<description>HP Aruba Network Switch</description>
|
111
|
+
<example hw.model="JL075A" hw.product="3810M">Aruba JL075A 3810M-16SFP+-2-slot Switch</example>
|
112
|
+
<example hw.model="JL253A" hw.product="2930F">Aruba JL253A 2930F-24G-4SFP+ Switch dslforum.org</example>
|
113
|
+
<example hw.model="JL256A" hw.product="2930F">Aruba JL256A 2930F-48G-PoE+-4SFP+ Switch</example>
|
114
|
+
<example hw.model="JL258A" hw.product="2930F">Aruba JL258A 2930F-8G-PoE+-2SFP+ Switch</example>
|
115
|
+
<example hw.model="JL357A" hw.product="2540">Aruba JL357A 2540-48G-PoE+-4SFP+ Switch</example>
|
116
|
+
<param pos="0" name="os.vendor" value="Aruba Networks"/>
|
117
|
+
<param pos="0" name="hw.vendor" value="Aruba Networks"/>
|
118
|
+
<param pos="2" name="hw.product"/>
|
119
|
+
<param pos="1" name="hw.model"/>
|
120
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
121
|
+
</fingerprint>
|
122
|
+
|
123
|
+
<fingerprint pattern="^AXIS,(?:PTZ Dome )?Network Camera,(.*),([\d\.]+)$">
|
124
|
+
<description>Axis Network Camera</description>
|
125
|
+
<example hw.model="P3343" os.version="5.20.3">AXIS,Network Camera,P3343,5.20.3</example>
|
126
|
+
<example hw.model="M5014" os.version="5.50.3.7">AXIS,PTZ Dome Network Camera,M5014,5.50.3.7</example>
|
127
|
+
<example hw.model="P3225-LV Mk II" os.version="9.70.1.5">AXIS,Network Camera,P3225-LV Mk II,9.70.1.5</example>
|
128
|
+
<param pos="0" name="hw.device" value="IP Camera"/>
|
129
|
+
<param pos="0" name="hw.vendor" value="AXIS"/>
|
130
|
+
<param pos="1" name="hw.model"/>
|
131
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
132
|
+
<param pos="2" name="os.version"/>
|
133
|
+
</fingerprint>
|
134
|
+
|
135
|
+
<fingerprint pattern="^AXIS,(?:Network Video Encoder|Video Server),(\S+),([\d\.]+)$">
|
136
|
+
<description>Axis Video Encoder</description>
|
137
|
+
<example hw.model="M7011" os.version="5.90.1">AXIS,Network Video Encoder,M7011,5.90.1</example>
|
138
|
+
<param pos="0" name="hw.device" value="Video Encoder"/>
|
139
|
+
<param pos="0" name="hw.vendor" value="AXIS"/>
|
140
|
+
<param pos="1" name="hw.model"/>
|
141
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
142
|
+
<param pos="2" name="os.version"/>
|
143
|
+
</fingerprint>
|
144
|
+
|
145
|
+
<fingerprint pattern="^AXIS,Network IO Audio Module,(\S+),([\d\.]+)$">
|
146
|
+
<description>Axis IO Audio Module</description>
|
147
|
+
<example hw.model="P8221" os.version="5.10.2">AXIS,Network IO Audio Module,P8221,5.10.2</example>
|
148
|
+
<param pos="0" name="hw.device" value="Audio Encoder"/>
|
149
|
+
<param pos="0" name="hw.vendor" value="AXIS"/>
|
150
|
+
<param pos="1" name="hw.model"/>
|
151
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
152
|
+
<param pos="2" name="os.version"/>
|
153
|
+
</fingerprint>
|
154
|
+
|
155
|
+
<fingerprint pattern="^PCoIP Endpoint$">
|
156
|
+
<description>PCoIP Endpoint Device</description>
|
157
|
+
<example>PCoIP Endpoint</example>
|
158
|
+
<param pos="0" name="hw.device" value="Thin Client"/>
|
159
|
+
<param pos="0" name="hw.product" value="PCoIP Endpoint Device"/>
|
160
|
+
<param pos="0" name="os.vendor" value="Teradici"/>
|
161
|
+
<param pos="0" name="os.family" value="Teradici"/>
|
162
|
+
</fingerprint>
|
163
|
+
|
164
|
+
<fingerprint pattern="^android-dhcp-([\d\.]*)$">
|
165
|
+
<description>Android Device</description>
|
166
|
+
<example os.version="7.1.1">android-dhcp-7.1.1</example>
|
167
|
+
<param pos="0" name="os.vendor" value="Google"/>
|
168
|
+
<param pos="0" name="os.family" value="Linux"/>
|
169
|
+
<param pos="0" name="os.product" value="Android"/>
|
170
|
+
<param pos="1" name="os.version"/>
|
171
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:{os.version}"/>
|
172
|
+
</fingerprint>
|
173
|
+
|
174
|
+
<fingerprint pattern="^dhcpcd-(?:[\d\.]+):Linux-([\d\.]+).*:(\S*):">
|
175
|
+
<description>Linux</description>
|
176
|
+
<example os.version="4.14.78" os.arch="armv7l">dhcpcd-6.11.5:Linux-4.14.78:armv7l:Freescale</example>
|
177
|
+
<example os.version="4.19.155" os.arch="x86_64">dhcpcd-6.8.2:Linux-4.19.155-10581-g8bdb5ed8e80c:x86_64:GenuineIntel</example>
|
178
|
+
<param pos="0" name="os.family" value="Linux"/>
|
179
|
+
<param pos="0" name="os.product" value="Linux"/>
|
180
|
+
<param pos="1" name="os.version"/>
|
181
|
+
<param pos="2" name="os.arch"/>
|
182
|
+
</fingerprint>
|
183
|
+
|
184
|
+
<fingerprint pattern="^SAMSUNG Network Printer$">
|
185
|
+
<description>Samsung Network Printer</description>
|
186
|
+
<example>SAMSUNG Network Printer</example>
|
187
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
188
|
+
<param pos="0" name="hw.vendor" value="Samsung"/>
|
189
|
+
<param pos="0" name="os.vendor" value="Samsung"/>
|
190
|
+
</fingerprint>
|
191
|
+
|
192
|
+
<fingerprint pattern="^MERAKI$">
|
193
|
+
<description>MERAKI Device</description>
|
194
|
+
<example>MERAKI</example>
|
195
|
+
<param pos="0" name="hw.vendor" value="Meraki"/>
|
196
|
+
<param pos="0" name="os.vendor" value="Meraki"/>
|
197
|
+
</fingerprint>
|
198
|
+
|
199
|
+
<fingerprint pattern="^MSFT 5.0$">
|
200
|
+
<description>Microsoft Windows Device</description>
|
201
|
+
<example>MSFT 5.0</example>
|
202
|
+
<param pos="0" name="os.vendor" value="Microsoft"/>
|
203
|
+
<param pos="0" name="os.family" value="Windows"/>
|
204
|
+
</fingerprint>
|
205
|
+
|
206
|
+
</fingerprints>
|
@@ -68,8 +68,8 @@
|
|
68
68
|
<example service.version="9.3.6-P1" os.version="5" os.version.version="11">9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.12</example>
|
69
69
|
<example service.version="9.9.1-P3" os.version="6">9.9.1-P3-RedHat-9.9.1.P3.el6</example>
|
70
70
|
<example service.version="9.9.3-rpz2+rl.13208.13-P2" os.version="6">9.9.3-rpz2+rl.13208.13-P2-RedHat-9.9.3-4.P2.el6</example>
|
71
|
-
<example os.version="6" os.version.version="1">9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.3</example>
|
72
|
-
<example os.version="6" os.version.version="">9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6</example>
|
71
|
+
<example os.version="6" os.version.version="1" service.version="9.7.3-P3">9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.3</example>
|
72
|
+
<example os.version="6" os.version.version="" service.version="9.8.2rc1">9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6</example>
|
73
73
|
<param pos="0" name="service.vendor" value="ISC"/>
|
74
74
|
<param pos="0" name="service.family" value="BIND"/>
|
75
75
|
<param pos="0" name="service.product" value="BIND"/>
|
@@ -85,21 +85,21 @@
|
|
85
85
|
|
86
86
|
<fingerprint pattern="^(9.[^-]+(?:-rl[.\d]+)?(?:-[SP]\d)?)-RedHat-[\d.]+-[\w.]+fc([\d]+)$">
|
87
87
|
<description>ISC BIND: Fedora</description>
|
88
|
-
<example service.version="9.10.4-P8">9.10.4-P8-RedHat-9.10.4-4.P8.fc25</example>
|
88
|
+
<example service.version="9.10.4-P8" os.version="25">9.10.4-P8-RedHat-9.10.4-4.P8.fc25</example>
|
89
89
|
<!-- The '-rl' in the example below indicates a rate limiting patch -->
|
90
90
|
|
91
|
-
<example service.version="9.9.3-rl.13207.22-P2">9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19</example>
|
92
|
-
<example os.version="10">9.5.2-RedHat-9.5.2-1.fc10</example>
|
91
|
+
<example service.version="9.9.3-rl.13207.22-P2" os.version="19">9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19</example>
|
92
|
+
<example os.version="10" service.version="9.5.2">9.5.2-RedHat-9.5.2-1.fc10</example>
|
93
93
|
<param pos="0" name="service.vendor" value="ISC"/>
|
94
94
|
<param pos="0" name="service.family" value="BIND"/>
|
95
95
|
<param pos="0" name="service.product" value="BIND"/>
|
96
96
|
<param pos="1" name="service.version"/>
|
97
97
|
<param pos="0" name="service.cpe23" value="cpe:/a:isc:bind:{service.version}"/>
|
98
|
-
<param pos="0" name="os.vendor" value="
|
98
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
99
99
|
<param pos="0" name="os.family" value="Linux"/>
|
100
|
-
<param pos="0" name="os.product" value="Fedora Core
|
100
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
101
101
|
<param pos="2" name="os.version"/>
|
102
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
102
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:{os.version}"/>
|
103
103
|
</fingerprint>
|
104
104
|
|
105
105
|
<fingerprint pattern="^(9.[^-]+(?:-[SP]\d)?)-RedHat-[\w.-]+amzn1$">
|
@@ -719,8 +719,11 @@
|
|
719
719
|
-->
|
720
720
|
|
721
721
|
<fingerprint pattern="^Microsoft DNS 6.0.6100 \(2AEF76E\)$">
|
722
|
-
<description>SPOOFED - Microsoft DNS on Windows 2008 SP something
|
722
|
+
<description>SPOOFED - Microsoft DNS on Windows 2008 SP something -- assert nothing.</description>
|
723
723
|
<example>Microsoft DNS 6.0.6100 (2AEF76E)</example>
|
724
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
725
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
726
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
724
727
|
</fingerprint>
|
725
728
|
|
726
729
|
<fingerprint pattern="^Microsoft DNS 6.0.6003(?: \(([^)]+)\))?$">
|
@@ -843,8 +846,8 @@
|
|
843
846
|
|
844
847
|
<fingerprint pattern="^ALU DNS ([\d\.]+) Build (\d+)$">
|
845
848
|
<description>ALU (Alcatel Lucent?) DNS</description>
|
846
|
-
<example service.version="6.2">ALU DNS 6.2 Build 22</example>
|
847
|
-
<example service.version.version="9">ALU DNS 6.2 Build 9</example>
|
849
|
+
<example service.version="6.2" service.version.version="22">ALU DNS 6.2 Build 22</example>
|
850
|
+
<example service.version.version="9" service.version="6.2">ALU DNS 6.2 Build 9</example>
|
848
851
|
<param pos="0" name="service.vendor" value="ALU"/>
|
849
852
|
<param pos="0" name="service.family" value="DNS"/>
|
850
853
|
<param pos="0" name="service.product" value="DNS"/>
|
@@ -910,8 +913,8 @@
|
|
910
913
|
|
911
914
|
<fingerprint pattern="^Meta IP[\s\/]DNS (?:V[\d\.]+ )?- BIND V([\d\.]+(?:-REL)?) \(Build (\d+)\s?\)$">
|
912
915
|
<description>Check Point Meta IP</description>
|
913
|
-
<example service.version="8.2.7-REL">Meta IP DNS - BIND V8.2.7-REL (Build 31)</example>
|
914
|
-
<example service.version.version="4704">Meta IP/DNS V4.1 - BIND V8.1.2 (Build 4704 )</example>
|
916
|
+
<example service.version="8.2.7-REL" service.version.version="31">Meta IP DNS - BIND V8.2.7-REL (Build 31)</example>
|
917
|
+
<example service.version.version="4704" service.version="8.1.2">Meta IP/DNS V4.1 - BIND V8.1.2 (Build 4704 )</example>
|
915
918
|
<param pos="0" name="service.vendor" value="Check Point"/>
|
916
919
|
<param pos="0" name="service.family" value="META IP"/>
|
917
920
|
<param pos="0" name="service.product" value="DNS"/>
|