recog 2.3.22 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +1 -1
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +2 -0
- data/bin/recog_verify +42 -7
- data/cpe-remap.yaml +20 -2
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +81 -17
- data/identifiers/hw_device.txt +2 -0
- data/identifiers/hw_product.txt +2 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +1 -0
- data/identifiers/os_product.txt +8 -1
- data/identifiers/service_product.txt +14 -0
- data/identifiers/vendor.txt +13 -1
- data/lib/recog/fingerprint.rb +21 -7
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/verifier.rb +4 -4
- data/lib/recog/verify_reporter.rb +7 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +8 -8
- data/update_cpes.py +129 -36
- data/xml/apache_os.xml +61 -19
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +1 -1
- data/xml/dns_versionbind.xml +16 -13
- data/xml/favicons.xml +87 -5
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +131 -141
- data/xml/h323_callresp.xml +2 -2
- data/xml/hp_pjl_id.xml +81 -81
- data/xml/html_title.xml +178 -9
- data/xml/http_cookies.xml +83 -27
- data/xml/http_servers.xml +409 -269
- data/xml/http_wwwauth.xml +70 -37
- data/xml/imap_banners.xml +2 -2
- data/xml/nntp_banners.xml +8 -5
- data/xml/ntp_banners.xml +33 -33
- data/xml/operating_system.xml +92 -77
- data/xml/pop_banners.xml +17 -17
- data/xml/sip_banners.xml +16 -5
- data/xml/sip_user_agents.xml +122 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +25 -25
- data/xml/smtp_banners.xml +132 -131
- data/xml/smtp_help.xml +1 -1
- data/xml/snmp_sysdescr.xml +1227 -1227
- data/xml/snmp_sysobjid.xml +2 -2
- data/xml/ssh_banners.xml +9 -5
- data/xml/telnet_banners.xml +49 -0
- data/xml/tls_jarm.xml +22 -2
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +3 -2
- data/xml/x509_subjects.xml +3 -3
- metadata +19 -3
- data/lib/recog/verifier_factory.rb +0 -13
data/xml/http_cookies.xml
CHANGED
|
@@ -79,17 +79,31 @@
|
|
|
79
79
|
|
|
80
80
|
<fingerprint pattern="^ANsession\d+=(\S+);">
|
|
81
81
|
<description>Array Networks Secure Access Gateway / SSL VPN</description>
|
|
82
|
-
<example>ANsession0002262072457555=IPMI; path=/;secure</example>
|
|
82
|
+
<example cookie="IPMI">ANsession0002262072457555=IPMI; path=/;secure</example>
|
|
83
83
|
<param pos="1" name="cookie"/>
|
|
84
84
|
<param pos="0" name="service.vendor" value="Array Networks"/>
|
|
85
85
|
<param pos="0" name="service.family" value="Secure Access Gateway"/>
|
|
86
86
|
<param pos="0" name="hw.device" value="VPN"/>
|
|
87
87
|
</fingerprint>
|
|
88
88
|
|
|
89
|
-
<fingerprint pattern="^
|
|
90
|
-
<description>Apache</description>
|
|
91
|
-
<
|
|
92
|
-
<
|
|
89
|
+
<fingerprint pattern="^Apache=(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\.[0-9]+(?:\.[0-9]+)?;">
|
|
90
|
+
<description>Apache with session ID containing IP and timestamp (timestamp can be micros, millis or seconds)</description>
|
|
91
|
+
<example host.ip="10.10.130.165">Apache=10.10.130.165.1643670182768255; path=/</example>
|
|
92
|
+
<example host.ip="10.0.101.6">Apache=10.0.101.6.1643663969718158; path=/; expires=Wed, 31-Jan-24 21:19:29 GMT; domain=.contoso.com</example>
|
|
93
|
+
<example host.ip="10.10.20.18">Apache=10.10.20.18.1643510579.1915; domain=foo.com; path=/; expires=Mon, 30-Jan-2023 02:42:58 GMT</example>
|
|
94
|
+
<example host.ip="10.23.219.241">Apache=10.23.219.241.1643541709604; path=/; expires=Tue, 19-Jan-2038 03:14:07 GMT</example>
|
|
95
|
+
<param pos="0" name="cookie" value="Apache"/>
|
|
96
|
+
<param pos="1" name="host.ip"/>
|
|
97
|
+
<param pos="0" name="service.vendor" value="Apache"/>
|
|
98
|
+
<param pos="0" name="service.family" value="Apache"/>
|
|
99
|
+
<param pos="0" name="service.product" value="HTTPD"/>
|
|
100
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:apache:http_server:-"/>
|
|
101
|
+
</fingerprint>
|
|
102
|
+
|
|
103
|
+
<fingerprint pattern="^Apache=[0-9a-z]{8}\.[0-9a-z]{13};">
|
|
104
|
+
<description>Apache with opaque session ID</description>
|
|
105
|
+
<example>Apache=1148b9c3.5d6e61e36f2f9; path=/; domain=.foo.com</example>
|
|
106
|
+
<param pos="0" name="cookie" value="Apache"/>
|
|
93
107
|
<param pos="0" name="service.vendor" value="Apache"/>
|
|
94
108
|
<param pos="0" name="service.family" value="Apache"/>
|
|
95
109
|
<param pos="0" name="service.product" value="HTTPD"/>
|
|
@@ -123,27 +137,20 @@
|
|
|
123
137
|
<param pos="0" name="service.cpe23" value="cpe:/a:mozilla:bugzilla:-"/>
|
|
124
138
|
</fingerprint>
|
|
125
139
|
|
|
126
|
-
<fingerprint pattern="^
|
|
127
|
-
<description>BEA WebLogic (with timestamp)</description>
|
|
128
|
-
<param pos="1" name="cookie"/>
|
|
129
|
-
<param pos="2" name="system.time.millis"/>
|
|
130
|
-
<param pos="0" name="service.vendor" value="BEA"/>
|
|
131
|
-
<param pos="0" name="service.family" value="WebLogic"/>
|
|
132
|
-
<param pos="0" name="service.product" value="WebLogic"/>
|
|
133
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:bea:weblogic_server:-"/>
|
|
134
|
-
</fingerprint>
|
|
135
|
-
|
|
136
|
-
<fingerprint pattern="^(WebLogicSession)=">
|
|
140
|
+
<fingerprint pattern="^WebLogicSession=">
|
|
137
141
|
<description>BEA WebLogic (no timestamp)</description>
|
|
138
|
-
<
|
|
142
|
+
<example>WebLogicSession=YfifY2Ck8aWILbJPiaoY3L8aKBjh2MZhUAjHXypG6IBwvWXrun3i|-3385140432258369694/-900104935/6/7009/7009/7010/7010/7009/-1; path=/</example>
|
|
143
|
+
<example>WebLogicSession=QKRlJZbj0b948CrXnoQw8FNuSWvO6fXaJNadlcCWwA3qm6CtqD5a; path=/</example>
|
|
144
|
+
<param pos="0" name="cookie" value="WebLogicSession"/>
|
|
139
145
|
<param pos="0" name="service.vendor" value="BEA"/>
|
|
140
146
|
<param pos="0" name="service.family" value="WebLogic"/>
|
|
141
147
|
<param pos="0" name="service.product" value="WebLogic"/>
|
|
142
148
|
<param pos="0" name="service.cpe23" value="cpe:/a:bea:weblogic_server:-"/>
|
|
143
149
|
</fingerprint>
|
|
144
150
|
|
|
145
|
-
<fingerprint pattern="^(BCSI-
|
|
151
|
+
<fingerprint pattern="^(BCSI-CS-[0-9A-Za-z]+)=">
|
|
146
152
|
<description>BlueCoat Proxy</description>
|
|
153
|
+
<example cookie="BCSI-CS-2f6c78bdf64f3b32">BCSI-CS-2f6c78bdf64f3b32=2; Path=/</example>
|
|
147
154
|
<param pos="1" name="cookie"/>
|
|
148
155
|
<param pos="0" name="service.vendor" value="Blue Coat"/>
|
|
149
156
|
<param pos="0" name="service.family" value="Proxy"/>
|
|
@@ -208,6 +215,7 @@
|
|
|
208
215
|
|
|
209
216
|
<fingerprint pattern="^st8id=">
|
|
210
217
|
<description>Citrix Application Protection System, Enterprise - http://support.citrix.com/article/CTX109330</description>
|
|
218
|
+
<example>st8id=1e1bcc1010b6de32734c584317443b31.00.641b86ac5ed3ebb0799138f83af9b63f;</example>
|
|
211
219
|
<param pos="0" name="cookie" value="st8id"/>
|
|
212
220
|
<param pos="0" name="service.vendor" value="Citrix"/>
|
|
213
221
|
<param pos="0" name="service.family" value="Application Protection System"/>
|
|
@@ -271,7 +279,7 @@
|
|
|
271
279
|
|
|
272
280
|
<fingerprint pattern="(?i)^(BIGipServer([^=]+))=">
|
|
273
281
|
<description>F5 BIG-IP LTM - Server variant</description>
|
|
274
|
-
<example loadbalancer.poolname="CustomerRP">BigIpServerCustomerRP=5a; path=/; domain=.foo.bar; secure; HttpOnly</example>
|
|
282
|
+
<example loadbalancer.poolname="CustomerRP" cookie="BigIpServerCustomerRP">BigIpServerCustomerRP=5a; path=/; domain=.foo.bar; secure; HttpOnly</example>
|
|
275
283
|
<param pos="1" name="cookie"/>
|
|
276
284
|
<param pos="2" name="loadbalancer.poolname"/>
|
|
277
285
|
<param pos="0" name="service.vendor" value="F5"/>
|
|
@@ -365,6 +373,9 @@
|
|
|
365
373
|
|
|
366
374
|
<fingerprint pattern="^IBMCBR=">
|
|
367
375
|
<description>IBM WebSphere Load Balancer</description>
|
|
376
|
+
<!-- Replace with a valid example if one is discovered -->
|
|
377
|
+
|
|
378
|
+
<example>IBMCBR=fakevalue</example>
|
|
368
379
|
<param pos="0" name="cookie" value="IBMCBR"/>
|
|
369
380
|
<param pos="0" name="service.vendor" value="IBM"/>
|
|
370
381
|
<param pos="0" name="service.family" value="WebSphere"/>
|
|
@@ -382,12 +393,14 @@
|
|
|
382
393
|
|
|
383
394
|
<fingerprint pattern="^_mastodon_session=">
|
|
384
395
|
<description>Mastodon</description>
|
|
396
|
+
<example>_mastodon_session=U09wSzlaMHNuZVI3RGJjR1M2d2lqNFhXc1BXNlJtOXBueTdoM1J2Ykk3UjRXa2V3WkNUNm5BUmY4Z0NISk9FaEtrOVQrMXJCRldvbk1kY3BUaDZkMlRuZkNBUDVXU01EakN3S1JEZDdjbzhNQ0t5MHpXZE9WSGlTOVhKNkhlZWhlaWsxM3Mvd0poU1NHWkZjWUNucmJoeDdNdU85ekpkQVJSbkhDeXdKZ08wMkNuUm1BYnE3cGVBK2FBN1FTUU9SLS1EdUVoNWtLOFFWaWsxNmY2bzErbFVRPT0%3D--4b6087906fdfa25f0bfd46b13d3c1c3a9fb379cd; path=/; secure; HttpOnly</example>
|
|
385
397
|
<param pos="0" name="cookie" value="_mastodon_session"/>
|
|
386
398
|
<param pos="0" name="service.product" value="Mastodon"/>
|
|
387
399
|
</fingerprint>
|
|
388
400
|
|
|
389
401
|
<fingerprint pattern="^(MSCSAuth|MSCSProfile)=">
|
|
390
402
|
<description>Microsoft Commerce Server - http://msdn2.microsoft.com/en-us/library/ms953828.aspx</description>
|
|
403
|
+
<example cookie="MSCSProfile">MSCSProfile=287001FD2674671C7869448243193407F294F4F921DD7D627A0F4EE0CC7F3FAC36B5E45588612D30B2A6C57F1D461CB5EE0887989EE7F09E4529B0795EF87BB095FFF1DE42BD5E8F00273BCAACB9DC80733367D09A4B6A48A6802C4DCD6EB029BF5B207BCE523E8BF2EE3EBCDF5776BAC6B6BCD4BF54EF9C178F9605E75D0DDA; path=/</example>
|
|
391
404
|
<param pos="1" name="cookie"/>
|
|
392
405
|
<param pos="0" name="service.vendor" value="Microsoft"/>
|
|
393
406
|
<param pos="0" name="service.family" value="Commerce Server"/>
|
|
@@ -399,7 +412,7 @@
|
|
|
399
412
|
<description>Nextcloud</description>
|
|
400
413
|
<example cookie="nc_sameSiteCookiestrict">nc_sameSiteCookiestrict=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict</example>
|
|
401
414
|
<example cookie="nc_sameSiteCookielax">nc_sameSiteCookielax=true; path=/nextcloud; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax</example>
|
|
402
|
-
<example>oc_sessionPassphrase=Y%2BZjBn8Gn%2B8jIJPVx468Tlt8qDNm%2B5IVXLxgtwlY%2BQU2T7edVmDS4091nQrT; path=/nextcloud; secure; HttpOnly</example>
|
|
415
|
+
<example cookie="oc_sessionPassphrase">oc_sessionPassphrase=Y%2BZjBn8Gn%2B8jIJPVx468Tlt8qDNm%2B5IVXLxgtwlY%2BQU2T7edVmDS4091nQrT; path=/nextcloud; secure; HttpOnly</example>
|
|
403
416
|
<param pos="1" name="cookie"/>
|
|
404
417
|
<param pos="0" name="service.vendor" value="Nextcloud"/>
|
|
405
418
|
<param pos="0" name="service.product" value="Nextcloud Server"/>
|
|
@@ -426,6 +439,8 @@
|
|
|
426
439
|
|
|
427
440
|
<fingerprint pattern="^((?:SS_X_)?CSINTERSESSIONID)=">
|
|
428
441
|
<description>OpenMarket/FatWire Content Server (www.fatwire.com)</description>
|
|
442
|
+
<example cookie="SS_X_CSINTERSESSIONID">SS_X_CSINTERSESSIONID=0001P73k2FUEYEU4Ks5TtKxcs2K:vv0b9pej; path=/</example>
|
|
443
|
+
<example cookie="CSINTERSESSIONID">CSINTERSESSIONID=0001xquPwAx2NFUFvi7yw-43f35:vv7sdeqs;Path=/</example>
|
|
429
444
|
<param pos="1" name="cookie"/>
|
|
430
445
|
<param pos="0" name="service.vendor" value="FatWire"/>
|
|
431
446
|
<param pos="0" name="service.family" value="Content Server"/>
|
|
@@ -434,6 +449,7 @@
|
|
|
434
449
|
|
|
435
450
|
<fingerprint pattern="^parkinglot=">
|
|
436
451
|
<description>Oversee Webserver</description>
|
|
452
|
+
<example>parkinglot=1; domain=.foo.com; path=/; expires=Sun, 11-May-2008 13:51:17 GMT</example>
|
|
437
453
|
<param pos="0" name="cookie" value="parkinglot"/>
|
|
438
454
|
<param pos="0" name="service.vendor" value="Oversee"/>
|
|
439
455
|
<param pos="0" name="service.family" value="Webserver"/>
|
|
@@ -491,6 +507,7 @@
|
|
|
491
507
|
|
|
492
508
|
<fingerprint pattern="^NSES40Session=">
|
|
493
509
|
<description>Netscape Enterprise Server (subsequently iPlanet Web Server, Sun ONE Web Server, presently Sun Java System Web Server)</description>
|
|
510
|
+
<example>NSES40Session=2%253A3e57d375%253Adc59172283a7e72c;path=/;expires=Sat, 22-Feb-2003 20:15:57 GMT</example>
|
|
494
511
|
<param pos="0" name="cookie" value="NSES40Session"/>
|
|
495
512
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
496
513
|
<param pos="0" name="service.family" value="Java System Web Server"/>
|
|
@@ -517,8 +534,10 @@
|
|
|
517
534
|
<param pos="0" name="service.product" value="Sage X3 Syracuse Web Server"/>
|
|
518
535
|
</fingerprint>
|
|
519
536
|
|
|
520
|
-
<fingerprint pattern="^(
|
|
537
|
+
<fingerprint pattern="^(GX_SESSION_ID|JROUTE)=">
|
|
521
538
|
<description>Sun Java System Application Server (formerly iPlanet Application Server, Sun ONE Application Server)</description>
|
|
539
|
+
<example cookie="GX_SESSION_ID">GX_SESSION_ID=ji7vouPhPt5CAtGF%2BWPMXBrhjjxWZAD9HRNeEEITGCA%3D</example>
|
|
540
|
+
<example cookie="JROUTE">JROUTE=KbDs; Path=/</example>
|
|
522
541
|
<param pos="1" name="cookie"/>
|
|
523
542
|
<param pos="0" name="service.vendor" value="Sun"/>
|
|
524
543
|
<param pos="0" name="service.family" value="Java System Application Server"/>
|
|
@@ -565,6 +584,7 @@
|
|
|
565
584
|
|
|
566
585
|
<fingerprint pattern="^(vgncontext|vgnvisitor|ssuid)=">
|
|
567
586
|
<description>Vignette</description>
|
|
587
|
+
<example cookie="vgnvisitor">vgnvisitor=2KM2OM00bZ40000PovANt0Dgn0; path=/; expires=Saturday, 06-Sep-2014 23:50:08 GMT</example>
|
|
568
588
|
<param pos="1" name="cookie"/>
|
|
569
589
|
<param pos="0" name="service.vendor" value="Vignette"/>
|
|
570
590
|
<param pos="0" name="service.family" value="Vignette"/>
|
|
@@ -607,10 +627,11 @@
|
|
|
607
627
|
<param pos="0" name="service.product" value="Zope"/>
|
|
608
628
|
</fingerprint>
|
|
609
629
|
|
|
610
|
-
<fingerprint pattern="^
|
|
630
|
+
<fingerprint pattern="^portal=([0-9]+\.[0-9]+\.[0-9]+)">
|
|
611
631
|
<description>OracleAS Portal default cookie name - http://download.oracle.com/docs/cd/B14099_19/portal.1014/b19305/cg_app_f.htm</description>
|
|
612
|
-
<
|
|
613
|
-
<param pos="
|
|
632
|
+
<example service.version="2173348032.20480.0000">portal=2173348032.20480.0000;</example>
|
|
633
|
+
<param pos="0" name="cookie" value="portal"/>
|
|
634
|
+
<param pos="1" name="service.version"/>
|
|
614
635
|
<param pos="0" name="service.vendor" value="Oracle"/>
|
|
615
636
|
<param pos="0" name="service.family" value="OracleAS"/>
|
|
616
637
|
<param pos="0" name="service.product" value="Application Server Portal"/>
|
|
@@ -650,6 +671,32 @@
|
|
|
650
671
|
<param pos="0" name="service.certainty" value="0.5"/>
|
|
651
672
|
</fingerprint>
|
|
652
673
|
|
|
674
|
+
<fingerprint pattern="^phpMyAdmin=">
|
|
675
|
+
<description>phpMyAdmin web interface for MySQL and MariaDB</description>
|
|
676
|
+
<example>phpMyAdmin=28600e9ff9772c871dacec70f9c5edaa; path=/; HttpOnly</example>
|
|
677
|
+
<param pos="0" name="service.vendor" value="phpMyAdmin"/>
|
|
678
|
+
<param pos="0" name="service.product" value="phpMyAdmin"/>
|
|
679
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:phpmyadmin:phpmyadmin:-"/>
|
|
680
|
+
</fingerprint>
|
|
681
|
+
|
|
682
|
+
<fingerprint pattern="^(adminer_(?:sid|key))=">
|
|
683
|
+
<description>Adminer database management tool</description>
|
|
684
|
+
<example cookie="adminer_sid">adminer_sid=6580f6449f9572f817ec99600bc619d2; path=/; HttpOnly</example>
|
|
685
|
+
<example cookie="adminer_key">adminer_key=b8eebd6de0deabc8b30c26a67e01c5b9; path=/; HttpOnly; SameSite=lax</example>
|
|
686
|
+
<param pos="1" name="cookie"/>
|
|
687
|
+
<param pos="0" name="service.vendor" value="Adminer"/>
|
|
688
|
+
<param pos="0" name="service.product" value="Adminer"/>
|
|
689
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:adminer:adminer:-"/>
|
|
690
|
+
</fingerprint>
|
|
691
|
+
|
|
692
|
+
<fingerprint pattern="^mongo-express=">
|
|
693
|
+
<description>mongo-express web-based MongoDB admin interface</description>
|
|
694
|
+
<example>mongo-express=s%3A1qAVXDHaoFE5J0G4wkYKfyjuv6_0Zd9E.l2DGc0YAb7MJQfUleYVEla5i79pbkhDYVayvCEPFCDc; Path=/; HttpOnly</example>
|
|
695
|
+
<param pos="0" name="service.vendor" value="mongo-express Project"/>
|
|
696
|
+
<param pos="0" name="service.product" value="mongo-express"/>
|
|
697
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:mongo-express_project:mongo-express:-"/>
|
|
698
|
+
</fingerprint>
|
|
699
|
+
|
|
653
700
|
<!--
|
|
654
701
|
Ignore various cookies that are very generic cookies for session IDs
|
|
655
702
|
that are not necessarily indicative of any particular
|
|
@@ -659,23 +706,32 @@
|
|
|
659
706
|
-->
|
|
660
707
|
|
|
661
708
|
<fingerprint pattern="(?i)^JSESSIONID(?:\.[^=]+)?=[^;]+;">
|
|
662
|
-
<description>Ignore simple JSESSIONID and related cookies</description>
|
|
709
|
+
<description>Ignore simple JSESSIONID and related cookies -- assert nothing</description>
|
|
663
710
|
<example>JSESSIONID=6ooov35i4l3n36qtaf8csvg0;Path=/</example>
|
|
664
711
|
<example>jsessionid=6nkp66iogcdc92720%2Dc6e4%2D4989%2Db7b2%2D5021624cfdff;Path=/;secure</example>
|
|
665
712
|
<example>JSESSIONID.c00a9623=v216643eijh19p9duve5srgf;Path=/;HttpOnly</example>
|
|
713
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
714
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
715
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
666
716
|
</fingerprint>
|
|
667
717
|
|
|
668
718
|
<fingerprint pattern="(?i)^_?SESSION_?ID\s*=\s*[^;]+;">
|
|
669
|
-
<description>Ignore simple SESSIONID and related cookies</description>
|
|
719
|
+
<description>Ignore simple SESSIONID and related cookies -- assert nothing</description>
|
|
670
720
|
<example>sessionId=7dba3249cfcd4b59854055311099a294; path=/;</example>
|
|
671
721
|
<example>_session_id=7fe933db0fea13e9c872103ba2d142db; path=/; HttpOnly</example>
|
|
672
722
|
<example>sessionId =0VrS6Ro6uC5QPXKgNdqGvyUgUFtUOVwv6OWAEWcWQ3jLRtAk2TVAgAApN9yTWVz;postId=; path=/;</example>
|
|
673
723
|
<example>_session_id=18b3e173aa11db0533fd01752e81f583; path=/; HttpOnly</example>
|
|
724
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
725
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
726
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
674
727
|
</fingerprint>
|
|
675
728
|
|
|
676
729
|
<fingerprint pattern="(?i)^sid=[^;]+;">
|
|
677
|
-
<description>Ignore simple SID and related cookies</description>
|
|
730
|
+
<description>Ignore simple SID and related cookies -- assert nothing</description>
|
|
678
731
|
<example>sid=sfd10bf73-654458f687aa3c68b3874915f651e0ca;path=/;"</example>
|
|
732
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
|
733
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
|
734
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
|
679
735
|
</fingerprint>
|
|
680
736
|
|
|
681
737
|
</fingerprints>
|