recog 2.3.22 → 3.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +2 -0
- data/LICENSE +1 -1
- data/README.md +25 -16
- data/Rakefile +2 -9
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/fingerprint.rb +21 -7
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/match_reporter.rb +37 -3
- data/lib/recog/matcher.rb +5 -10
- data/lib/recog/verifier.rb +4 -4
- data/lib/recog/verify_reporter.rb +7 -6
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +20 -7
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +61 -19
- data/{xml → recog/xml}/architecture.xml +15 -1
- data/{xml → recog/xml}/dhcp_vendor_class.xml +10 -10
- data/{xml → recog/xml}/dns_versionbind.xml +16 -13
- data/{xml → recog/xml}/favicons.xml +167 -9
- data/{xml → recog/xml}/fingerprints.xsd +9 -1
- data/{xml → recog/xml}/ftp_banners.xml +131 -141
- data/{xml → recog/xml}/h323_callresp.xml +2 -2
- data/{xml → recog/xml}/hp_pjl_id.xml +81 -81
- data/{xml → recog/xml}/html_title.xml +250 -9
- data/{xml → recog/xml}/http_cookies.xml +111 -34
- data/{xml → recog/xml}/http_servers.xml +483 -270
- data/{xml → recog/xml}/http_wwwauth.xml +83 -37
- data/{xml → recog/xml}/imap_banners.xml +10 -10
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +0 -0
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +8 -5
- data/{xml → recog/xml}/ntp_banners.xml +33 -33
- data/{xml → recog/xml}/operating_system.xml +92 -77
- data/{xml → recog/xml}/pop_banners.xml +25 -25
- data/{xml → recog/xml}/rsh_resp.xml +0 -0
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +16 -5
- data/{xml → recog/xml}/sip_user_agents.xml +122 -27
- data/{xml → recog/xml}/smb_native_lm.xml +5 -5
- data/{xml → recog/xml}/smb_native_os.xml +25 -25
- data/{xml → recog/xml}/smtp_banners.xml +132 -131
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +1 -1
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +0 -0
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +1248 -1233
- data/{xml → recog/xml}/snmp_sysobjid.xml +13 -2
- data/{xml → recog/xml}/ssh_banners.xml +9 -5
- data/{xml → recog/xml}/telnet_banners.xml +83 -1
- data/{xml → recog/xml}/tls_jarm.xml +30 -2
- data/{xml → recog/xml}/x11_banners.xml +3 -3
- data/{xml → recog/xml}/x509_issuers.xml +24 -4
- data/{xml → recog/xml}/x509_subjects.xml +32 -3
- data/recog.gemspec +9 -5
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/match_reporter_spec.rb +22 -8
- data/spec/lib/recog/verify_reporter_spec.rb +8 -8
- data/spec/spec_helper.rb +4 -0
- data.tar.gz.sig +0 -0
- metadata +154 -142
- metadata.gz.sig +0 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/dependabot.yml +0 -8
- data/.github/workflows/ci.yml +0 -26
- data/.github/workflows/verify.yml +0 -89
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/CONTRIBUTING.md +0 -276
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -163
- data/bin/recog_verify +0 -63
- data/cpe-remap.yaml +0 -356
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -20
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/verify.feature +0 -48
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -105
- data/identifiers/hw_device.txt +0 -84
- data/identifiers/hw_family.txt +0 -121
- data/identifiers/hw_product.txt +0 -461
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -75
- data/identifiers/os_family.txt +0 -234
- data/identifiers/os_product.txt +0 -350
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -764
- data/identifiers/vendor.txt +0 -847
- data/lib/recog/verifier_factory.rb +0 -13
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -175
- data/tools/dev/hooks/pre-commit +0 -21
- data/update_cpes.py +0 -250
data/.github/SECURITY.md
DELETED
@@ -1,35 +0,0 @@
|
|
1
|
-
# Reporting security issues
|
2
|
-
|
3
|
-
Thanks for your interest in making Recog more secure! If you feel
|
4
|
-
that you have found a security issue involving Metasploit, Meterpreter,
|
5
|
-
Recog, or any other Rapid7 open source project, you are welcome to let
|
6
|
-
us know in the way that's most comfortable for you.
|
7
|
-
|
8
|
-
## Via ZenDesk
|
9
|
-
|
10
|
-
You can click on the big blue button at [Rapid7's Vulnerability
|
11
|
-
Disclosure][r7-vulns] page, which will get you to our general
|
12
|
-
vulnerability reporting system. While this does require a (free) ZenDesk
|
13
|
-
account to use, you'll get regular updates on your issue as our software
|
14
|
-
support teams work through it. As it happens [that page][r7-vulns] also
|
15
|
-
will tell you what to expect when it comes to reporting vulns, how fast
|
16
|
-
we'll fix and respond, and all the rest, so it's a pretty good read
|
17
|
-
regardless.
|
18
|
-
|
19
|
-
## Via email
|
20
|
-
|
21
|
-
If you're more of a traditionalist, you can email your finding to
|
22
|
-
security@rapid7.com. If you like, you can use our [PGP key][pgp] to
|
23
|
-
encrypt your messages, but we certainly don't mind cleartext reports
|
24
|
-
over email.
|
25
|
-
|
26
|
-
## NOT via GitHub Issues
|
27
|
-
|
28
|
-
Please don't! Disclosing security vulnerabilities to public bug trackers
|
29
|
-
is kind of mean, even when it's well-intentioned, since you end up
|
30
|
-
dropping 0-day on pretty much everyone right out of the gate. We'd prefer
|
31
|
-
you didn't!
|
32
|
-
|
33
|
-
[r7-vulns]:https://www.rapid7.com/security/disclosure/
|
34
|
-
[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
|
35
|
-
|
data/.github/dependabot.yml
DELETED
data/.github/workflows/ci.yml
DELETED
@@ -1,26 +0,0 @@
|
|
1
|
-
name: CI
|
2
|
-
|
3
|
-
on: [push, pull_request]
|
4
|
-
|
5
|
-
jobs:
|
6
|
-
test:
|
7
|
-
name: 'Ruby: ${{ matrix.ruby-version }}'
|
8
|
-
runs-on: ubuntu-latest
|
9
|
-
strategy:
|
10
|
-
fail-fast: false
|
11
|
-
matrix:
|
12
|
-
ruby-version: ['2.5', '2.6', '2.7', '3.0', 'jruby-9.1.17.0', 'jruby']
|
13
|
-
|
14
|
-
steps:
|
15
|
-
- uses: actions/checkout@v2
|
16
|
-
- name: Set up Ruby
|
17
|
-
uses: ruby/setup-ruby@v1
|
18
|
-
with:
|
19
|
-
ruby-version: ${{ matrix.ruby-version }}
|
20
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
21
|
-
- name: Run tests
|
22
|
-
run: |
|
23
|
-
bundle exec rake --version
|
24
|
-
bundle exec rake tests
|
25
|
-
env:
|
26
|
-
JRUBY_OPTS: --server -J-Xms512m -J-Xmx2G
|
@@ -1,89 +0,0 @@
|
|
1
|
-
name: Verify
|
2
|
-
|
3
|
-
on:
|
4
|
-
push:
|
5
|
-
branches:
|
6
|
-
- master
|
7
|
-
paths:
|
8
|
-
- 'xml/**.xml'
|
9
|
-
pull_request:
|
10
|
-
paths:
|
11
|
-
- 'xml/**.xml'
|
12
|
-
|
13
|
-
jobs:
|
14
|
-
standardize:
|
15
|
-
name: 'Standardize'
|
16
|
-
runs-on: ubuntu-latest
|
17
|
-
strategy:
|
18
|
-
fail-fast: false
|
19
|
-
|
20
|
-
steps:
|
21
|
-
- uses: actions/checkout@v2
|
22
|
-
- uses: ruby/setup-ruby@v1
|
23
|
-
with:
|
24
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
25
|
-
- name: Run recog standardize
|
26
|
-
run: bundle exec bin/recog_standardize xml/*.xml
|
27
|
-
ruby-verify:
|
28
|
-
name: 'Ruby Verify'
|
29
|
-
runs-on: ubuntu-latest
|
30
|
-
strategy:
|
31
|
-
fail-fast: false
|
32
|
-
|
33
|
-
steps:
|
34
|
-
- name: Checkout Ruby implementation
|
35
|
-
uses: actions/checkout@v2
|
36
|
-
- uses: ruby/setup-ruby@v1
|
37
|
-
with:
|
38
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
39
|
-
- name: Run recog verify
|
40
|
-
run: bundle exec recog_verify --no-warnings xml/*.xml
|
41
|
-
java-verify:
|
42
|
-
name: 'Java Verify'
|
43
|
-
runs-on: ubuntu-latest
|
44
|
-
strategy:
|
45
|
-
fail-fast: false
|
46
|
-
|
47
|
-
steps:
|
48
|
-
- name: Checkout Java implementation
|
49
|
-
uses: actions/checkout@v2
|
50
|
-
with:
|
51
|
-
repository: rapid7/recog-java
|
52
|
-
- name: Checkout recog content
|
53
|
-
uses: actions/checkout@v2
|
54
|
-
with:
|
55
|
-
path: recog-content
|
56
|
-
- uses: actions/setup-java@v2
|
57
|
-
with:
|
58
|
-
distribution: zulu
|
59
|
-
java-version: '17'
|
60
|
-
- name: Cache Maven packages
|
61
|
-
uses: actions/cache@v2
|
62
|
-
with:
|
63
|
-
path: ~/.m2
|
64
|
-
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
65
|
-
restore-keys: ${{ runner.os }}-m2
|
66
|
-
- name: Build with Maven
|
67
|
-
run: mvn --batch-mode --no-transfer-progress install -Dmaven.antrun.skip=true -DskipTests
|
68
|
-
- name: Run recog verify
|
69
|
-
run: mvn --batch-mode --no-transfer-progress --projects recog-verify exec:java -Dexec.mainClass="com.rapid7.recog.verify.RecogVerifier" -Dexec.args="--no-warnings recog-content/xml/*.xml"
|
70
|
-
go-verify:
|
71
|
-
name: 'Go Verify'
|
72
|
-
runs-on: ubuntu-latest
|
73
|
-
strategy:
|
74
|
-
fail-fast: false
|
75
|
-
|
76
|
-
steps:
|
77
|
-
- name: Checkout Go implementation
|
78
|
-
uses: actions/checkout@v2
|
79
|
-
with:
|
80
|
-
repository: RumbleDiscovery/recog-go
|
81
|
-
- name: Checkout recog content
|
82
|
-
uses: actions/checkout@v2
|
83
|
-
with:
|
84
|
-
path: recog-content
|
85
|
-
- uses: actions/setup-go@v2
|
86
|
-
with:
|
87
|
-
go-version: '^1.17.1'
|
88
|
-
- name: Run recog verify
|
89
|
-
run: go run cmd/recog_verify/main.go recog-content/xml/
|
data/.gitignore
DELETED
@@ -1,23 +0,0 @@
|
|
1
|
-
# Ruby and tooling specific
|
2
|
-
.yardoc
|
3
|
-
coverage/
|
4
|
-
doc/
|
5
|
-
pkg/
|
6
|
-
|
7
|
-
/Gemfile.lock
|
8
|
-
|
9
|
-
#Python specific
|
10
|
-
venv
|
11
|
-
|
12
|
-
# IDE specific
|
13
|
-
.vscode/
|
14
|
-
.idea
|
15
|
-
|
16
|
-
# Misc
|
17
|
-
**/.DS_Store
|
18
|
-
|
19
|
-
# CPE XML
|
20
|
-
official-cpe-dictionary*.xml
|
21
|
-
|
22
|
-
# CPE Remap Errors
|
23
|
-
errors.txt
|
data/.rspec
DELETED
data/.ruby-gemset
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
recog
|
data/.ruby-version
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
2.6.6
|
data/.snyk
DELETED
@@ -1,10 +0,0 @@
|
|
1
|
-
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
2
|
-
python: 3.6.0
|
3
|
-
version: v1.14.1
|
4
|
-
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
5
|
-
ignore:
|
6
|
-
SNYK-PYTHON-PYYAML-590151:
|
7
|
-
- pyyaml:
|
8
|
-
reason: Project doesn't use vulnerable code path.
|
9
|
-
expires: 2021-06-01T00:00:00.000Z
|
10
|
-
patch: {}
|
data/.travis.yml
DELETED
@@ -1,25 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
sudo: false
|
3
|
-
cache: bundler
|
4
|
-
rvm:
|
5
|
-
- '2.5.8'
|
6
|
-
- '2.6.6'
|
7
|
-
- 'jruby-9.1.9.0'
|
8
|
-
jdk:
|
9
|
-
- openjdk8
|
10
|
-
matrix:
|
11
|
-
allow_failures:
|
12
|
-
- rvm: 'jruby-9.1.9.0'
|
13
|
-
before_install:
|
14
|
-
- "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
|
15
|
-
- rake --version
|
16
|
-
before_script:
|
17
|
-
- bundle exec rake --version
|
18
|
-
script: bundle exec rake tests
|
19
|
-
env:
|
20
|
-
global:
|
21
|
-
- CI="travis"
|
22
|
-
- JRUBY_OPTS="--server -J-Xms512m -J-Xmx2G"
|
23
|
-
branches:
|
24
|
-
only:
|
25
|
-
- master
|
data/CONTRIBUTING.md
DELETED
@@ -1,276 +0,0 @@
|
|
1
|
-
# Contributing to Recog
|
2
|
-
|
3
|
-
The users and maintainers of Recog would greatly appreciate any contributions
|
4
|
-
you can make to the project. These contributions typically come in the form of
|
5
|
-
filed bugs/issues or pull requests (PRs). These contributions routinely result
|
6
|
-
in new versions of the [recog gem](https://rubygems.org/gems/recog) being
|
7
|
-
released. The process for everything is described below.
|
8
|
-
|
9
|
-
## Table of Contents
|
10
|
-
|
11
|
-
1. [Contributing Issues / Bug Reports](#contributing-issues-/-bug-reports)
|
12
|
-
1. [Contributing Code](#contributing-code)
|
13
|
-
1. [Fork and Clone](#fork-and-clone)
|
14
|
-
1. [Branch and Improve](#branch-and-improve)
|
15
|
-
1. [Testing](#testing)
|
16
|
-
1. [Fingerprints](#fingerprints)
|
17
|
-
1. [Best Practices](#best-practices)
|
18
|
-
1. [Fingerprint Testing](#fingerprint-testing)
|
19
|
-
1. [Updating CPEs](#updating-cpes)
|
20
|
-
1. [Project Operations](#project-operations)
|
21
|
-
1. [Landing PRs](#landing-prs)
|
22
|
-
1. [Releasing New Versions](#releasing-new-versions)
|
23
|
-
|
24
|
-
## Contributing Issues / Bug Reports
|
25
|
-
|
26
|
-
If you encounter any bugs or problems with Recog, please file them
|
27
|
-
[here](https://github.com/rapid7/recog/issues/new), providing as much detail as
|
28
|
-
possible. If the bug is straight-forward enough and you understand the fix for
|
29
|
-
the bug well enough, you may take the simpler, less-paperwork route and simply
|
30
|
-
fill a PR with the fix and the necessary details.
|
31
|
-
|
32
|
-
[^back to top](#contributing-to-recog)
|
33
|
-
|
34
|
-
## Contributing Code
|
35
|
-
|
36
|
-
Recog uses a model nearly identical to that of
|
37
|
-
[Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
|
38
|
-
[here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
|
39
|
-
at least from a ```git``` perspective. If you've been through that process
|
40
|
-
(or, even better, you've been through it many times with many people), you can
|
41
|
-
do exactly what you did for Metasploit but with Recog and ignore the rest of
|
42
|
-
this document.
|
43
|
-
|
44
|
-
On the other hand, if you haven't, read on!
|
45
|
-
|
46
|
-
[^back to top](#contributing-to-recog)
|
47
|
-
|
48
|
-
### Fork and Clone
|
49
|
-
|
50
|
-
Generally, this should only need to be done once, or if you need to start over.
|
51
|
-
|
52
|
-
1. Fork Recog: Visit https://github.com/rapid7/recog and click Fork,
|
53
|
-
selecting your github account if prompted
|
54
|
-
1. Clone `git@github.com:<your-github-username>/recog.git`, replacing
|
55
|
-
`<your-github-username>` with, you guessed it, your Github username.
|
56
|
-
1. Add the master Recog repository as your upstream:
|
57
|
-
|
58
|
-
```bash
|
59
|
-
git remote add upstream git://github.com/rapid7/recog.git
|
60
|
-
```
|
61
|
-
|
62
|
-
1. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
|
63
|
-
|
64
|
-
```bash
|
65
|
-
[remote "upstream"]
|
66
|
-
url = git@github.com:rapid7/recog.git
|
67
|
-
fetch = +refs/heads/*:refs/remotes/upstream/*
|
68
|
-
fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
|
69
|
-
```
|
70
|
-
|
71
|
-
1. Fetch the latest revisions, including PRs:
|
72
|
-
|
73
|
-
```bash
|
74
|
-
git fetch --all
|
75
|
-
```
|
76
|
-
|
77
|
-
1. Set up git hooks to help identify potential issues with your contributions:
|
78
|
-
|
79
|
-
```bash
|
80
|
-
ln -sf ../../tools/dev/hooks/pre-commit .git/hooks/pre-commit
|
81
|
-
```
|
82
|
-
|
83
|
-
[^back to top](#contributing-to-recog)
|
84
|
-
|
85
|
-
### Branch and Improve
|
86
|
-
|
87
|
-
If you have a contribution to make, first create a branch to contain your
|
88
|
-
work. The name is yours to choose, however generally it should roughly
|
89
|
-
describe what you are doing. In this example, and from here on out, the
|
90
|
-
branch will be FOO, but you should obviously change this:
|
91
|
-
|
92
|
-
```bash
|
93
|
-
git fetch --all
|
94
|
-
git checkout master
|
95
|
-
git rebase upstream/master
|
96
|
-
git checkout -b FOO
|
97
|
-
```
|
98
|
-
|
99
|
-
Now, make your changes, commit as necessary with useful commit messages.
|
100
|
-
|
101
|
-
Please note that changes to [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) in PRs are almost never necessary.
|
102
|
-
|
103
|
-
Now push your changes to your fork:
|
104
|
-
|
105
|
-
```bash
|
106
|
-
git push origin FOO
|
107
|
-
```
|
108
|
-
|
109
|
-
Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/recog/compare/FOO```, fill in the details and submit.
|
110
|
-
|
111
|
-
[^back to top](#contributing-to-recog)
|
112
|
-
|
113
|
-
### Testing
|
114
|
-
|
115
|
-
When your PR is submitted, it will be automatically subjected to the full run of tests in [Travis](https://travis-ci.org/rapid7/recog/), however you are encourage to perform testing _before_ submitting the PR. To do this, simply run `rake tests`.
|
116
|
-
|
117
|
-
[^back to top](#contributing-to-recog)
|
118
|
-
|
119
|
-
## Fingerprints
|
120
|
-
|
121
|
-
### Best Practices
|
122
|
-
|
123
|
-
* Create a single fingerprint for each product as long as the pattern remains clear and readable. If that is not possible, the pattern should be logically decomposed into additional fingerprints.
|
124
|
-
|
125
|
-
* Create regular expressions that allow for flexible version number matching. This ensures greater probability of matching a product. For example, all known public releases of a product report either `major.minor` or `major.minor.build` format version numbers. If the fingerprint strictly matches this version number format, it would fail to match a modified build of the product that reports only a `major` version number format.
|
126
|
-
|
127
|
-
[^back to top](#contributing-to-recog)
|
128
|
-
|
129
|
-
### Fingerprint Testing
|
130
|
-
|
131
|
-
Once a fingerprint has been added, the `example` entries can be tested by executing `bin/recog_verify` against the fingerprint file:
|
132
|
-
|
133
|
-
```shell
|
134
|
-
bin/recog_verify xml/ssh_banners.xml
|
135
|
-
```
|
136
|
-
|
137
|
-
Matches can be tested on the command-line in a similar fashion:
|
138
|
-
|
139
|
-
```shell
|
140
|
-
$ echo 'OpenSSH_6.6p1 Ubuntu-2ubuntu1' | bin/recog_match xml/ssh_banners.xml -
|
141
|
-
MATCH: {"matched"=>"OpenSSH running on Ubuntu 14.04", "service.version"=>"6.6p1", "openssh.comment"=>"Ubuntu-2ubuntu1", "service.vendor"=>"OpenBSD", "service.family"=>"OpenSSH", "service.product"=>"OpenSSH", "os.vendor"=>"Ubuntu", "os.device"=>"General", "os.family"=>"Linux", "os.product"=>"Linux", "os.version"=>"14.04", "service.protocol"=>"ssh", "fingerprint_db"=>"ssh.banner", "data"=>"OpenSSH_6.6p1 Ubuntu-2ubuntu1"}
|
142
|
-
```
|
143
|
-
|
144
|
-
[^back to top](#contributing-to-recog)
|
145
|
-
|
146
|
-
|
147
|
-
### Standardizing Vendors, Products, and Services
|
148
|
-
|
149
|
-
Given the number of fingerprints in Recog, it can be common for specific products, vendors, or services to be identified with different spellings and casing.
|
150
|
-
To limit the creep of slightly-different-names, the `bin/recog_standardize` script can be used to extract all identifiers and merge them into the known lists.
|
151
|
-
|
152
|
-
To get started, run the `recog_standardize` tool:
|
153
|
-
```shell
|
154
|
-
ruby bin/recog_standardize
|
155
|
-
```
|
156
|
-
|
157
|
-
Review any new additions to the text files under `identifiers/`. If any of these names are close to an existing name, update the offending fingerprint to use
|
158
|
-
the existing name instead. Once the fingerprints are fixed, removed the "extra" names from the identifiers files, and run the tool again.
|
159
|
-
|
160
|
-
|
161
|
-
[^back to top](#contributing-to-recog)
|
162
|
-
|
163
|
-
|
164
|
-
### Updating CPEs
|
165
|
-
|
166
|
-
There exists some automation to update the CPEs that might be asserted with
|
167
|
-
some recog fingerprints. This should be run periodically to ensure that all
|
168
|
-
fingerprints that could have CPEs do, etc.
|
169
|
-
|
170
|
-
First, setup a python3 venv:
|
171
|
-
|
172
|
-
```bash
|
173
|
-
python3 -m venv venv
|
174
|
-
source venv/{bin,Scripts}/activate
|
175
|
-
pip install -r requirements.txt
|
176
|
-
```
|
177
|
-
|
178
|
-
Download the latest CPE 2.3 dictionary:
|
179
|
-
|
180
|
-
```bash
|
181
|
-
curl -o official-cpe-dictionary_v2.3.xml.gz https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz && \
|
182
|
-
gunzip official-cpe-dictionary_v2.3.xml.gz
|
183
|
-
```
|
184
|
-
|
185
|
-
Run the CPE automation against every XML file:
|
186
|
-
|
187
|
-
```bash
|
188
|
-
# Update the CPEs (sequentially)
|
189
|
-
ls xml/*.xml | xargs -i python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml 2>>errors.txt
|
190
|
-
```
|
191
|
-
|
192
|
-
You may want to use GNU `parallel` to speed things up:
|
193
|
-
```bash
|
194
|
-
# Update the CPEs (with GNU Parallel)
|
195
|
-
ls xml/*.xml | parallel --gnu "python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml" 2>>errors.txt
|
196
|
-
```
|
197
|
-
|
198
|
-
Clean up the whitespace across all fingerprints:
|
199
|
-
```bash
|
200
|
-
ruby bin/recog_cleanup
|
201
|
-
```
|
202
|
-
|
203
|
-
Any mismatched fingerprints will be listed in `errors.txt` for eventual
|
204
|
-
maintenance. The `cpe-remap.yaml` file can be used to map between
|
205
|
-
vendor/product/etc differences between Recog and CPE, or to work around bugs in
|
206
|
-
either.
|
207
|
-
|
208
|
-
[^back to top](#contributing-to-recog)
|
209
|
-
|
210
|
-
## Project Operations
|
211
|
-
|
212
|
-
### Landing PRs
|
213
|
-
|
214
|
-
(Note: this portion is a work-in-progress. Please update it as things change)
|
215
|
-
|
216
|
-
Much like with the process of submitting PRs, Recog's process for landing PRs
|
217
|
-
is very similar to [Metasploit's process for landing
|
218
|
-
PRs](https://github.com/rapid7/metasploit-framework/wiki/Landing-Pull-Requests).
|
219
|
-
In short:
|
220
|
-
|
221
|
-
1. Follow the "Fork and Clone" steps from above
|
222
|
-
2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
|
223
|
-
|
224
|
-
```bash
|
225
|
-
[remote "upstream"]
|
226
|
-
url = git@github.com:rapid7/recog.git
|
227
|
-
fetch = +refs/heads/*:refs/remotes/upstream/*
|
228
|
-
fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
|
229
|
-
```
|
230
|
-
|
231
|
-
3. Fetch the latest revisions, including PRs:
|
232
|
-
|
233
|
-
```bash
|
234
|
-
git fetch --all
|
235
|
-
```
|
236
|
-
|
237
|
-
4. Checkout and branch the PR for testing. Replace ```PR``` below with the actual PR # in question:
|
238
|
-
|
239
|
-
```bash
|
240
|
-
git checkout -b landing-PR upstream/pr/PR
|
241
|
-
```
|
242
|
-
|
243
|
-
5. Test the PR (see the Testing section above)
|
244
|
-
6. Merge with master, re-test, validate and push:
|
245
|
-
|
246
|
-
```bash
|
247
|
-
git checkout -b upstream-master --track upstream/master
|
248
|
-
git merge -S --no-ff --edit landing-PR # merge the PR into upstream-master
|
249
|
-
|
250
|
-
# re-test if/as necessary
|
251
|
-
git push upstream upstream-master:master --dry-run # confirm you are pushing what you expect
|
252
|
-
|
253
|
-
git push upstream upstream-master:master # push upstream-master to upstream:master
|
254
|
-
```
|
255
|
-
|
256
|
-
7. If applicable, release a new version (see next section)
|
257
|
-
|
258
|
-
[^back to top](#contributing-to-recog)
|
259
|
-
|
260
|
-
### Releasing New Versions
|
261
|
-
|
262
|
-
When Recog's critical parts are modified, for example its fingerprints or underlying supporting code, a new version _must_ eventually be released. These new releases can then be optionally included in projects such as Metasploit or products such as Rapid7's Nexpose in a controlled manner. Releases for non-functional updates such as updates to documentation are not necessary.
|
263
|
-
|
264
|
-
When a new version of Recog is to be released, you _must_ follow the instructions below.
|
265
|
-
|
266
|
-
1. If are not already a Recog project contributor for the Recog gem (you'd be listed [here under OWNERS](https://rubygems.org/gems/recog)), become one:
|
267
|
-
1. Get an account on [Rubygems](https://rubygems.org)
|
268
|
-
1. Contact one of the Recog project contributors (listed [here under OWNERS](https://rubygems.org/gems/recog) and have them add you to the Recog gem. They'll need to run: `gem owner recog -a EMAIL`
|
269
|
-
|
270
|
-
1. Edit [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) and increment `VERSION`. Commit and push to rapid7/recog master.
|
271
|
-
|
272
|
-
1. Run `rake release`. Among other things, this creates the new gem, uploads it to Rubygems and tags the release with a tag like `v<VERSION>`, where `<VERSION>` is replaced with the version from `version.rb`. For example, if you release version 1.2.3 of the gem, the tag will be `v1.2.3`.
|
273
|
-
|
274
|
-
1. If your default remote repository is not `rapid7/recog`, you must ensure that the tags created in the previous step are also pushed to the right location(s). For example, if `origin` is your fork of recog and `upstream` is `rapid7/master`, you should run `git push --tags --dry-run upstream` to confirm what tags will be pushed and then `git push --tags upstream` to push the tags.
|
275
|
-
|
276
|
-
[^back to top](#contributing-to-recog)
|
data/bin/recog_cleanup
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
|
4
|
-
require 'optparse'
|
5
|
-
require 'ostruct'
|
6
|
-
require 'recog'
|
7
|
-
|
8
|
-
# Cleanup trailing whitespace around fingerprints
|
9
|
-
Dir[ File.expand_path(File.join(File.dirname(__FILE__), "..", "xml")) + "/*.xml" ].each do |f|
|
10
|
-
data = File.read(f).
|
11
|
-
gsub(/\s+$/, ''). # Trailing whitespace and empty lines
|
12
|
-
gsub("</fingerprint>", "</fingerprint>\n"). # Every fingerprint should have an empty line after it
|
13
|
-
gsub("-->", "-->\n") # Every comment should have an empty line after it
|
14
|
-
|
15
|
-
File.write(f, data)
|
16
|
-
end
|
data/bin/recog_export
DELETED
@@ -1,81 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
|
4
|
-
require 'optparse'
|
5
|
-
require 'ostruct'
|
6
|
-
require 'recog'
|
7
|
-
|
8
|
-
def squash_lines(str)
|
9
|
-
str.split(/\n/).join(' ').gsub(/\s+/, ' ')
|
10
|
-
end
|
11
|
-
|
12
|
-
def export_text(options)
|
13
|
-
end
|
14
|
-
|
15
|
-
def export_ruby(options)
|
16
|
-
$stdout.puts "# Recog fingerprint database export [ #{File.basename(options.xml_file)} ] on #{Time.now.to_s}"
|
17
|
-
$stdout.puts "fp_str = '' # Set this value to the match string"
|
18
|
-
$stdout.puts "fp_match = {} # Match results are stored here"
|
19
|
-
$stdout.puts ""
|
20
|
-
$stdout.puts "case fp_str"
|
21
|
-
options.db.fingerprints.each do |fp|
|
22
|
-
puts " # #{squash_lines fp.name}"
|
23
|
-
puts " when /#{fp.regex.to_s}/"
|
24
|
-
fp.tests.each do |test|
|
25
|
-
puts " # Example: #{squash_lines test}"
|
26
|
-
end
|
27
|
-
fp.params.each_pair do |k,v|
|
28
|
-
if v[0] == 0
|
29
|
-
puts " fp_match[#{k.inspect}] = #{v[1].inspect}"
|
30
|
-
else
|
31
|
-
puts " fp_match[#{k.inspect}] = $#{v[0].to_s}"
|
32
|
-
end
|
33
|
-
end
|
34
|
-
puts ""
|
35
|
-
end
|
36
|
-
$stdout.puts "end"
|
37
|
-
end
|
38
|
-
|
39
|
-
|
40
|
-
options = OpenStruct.new(etype: :ruby)
|
41
|
-
|
42
|
-
option_parser = OptionParser.new do |opts|
|
43
|
-
opts.banner = "Usage: #{$0} [options] XML_FINGERPRINTS_FILE"
|
44
|
-
opts.separator "Exports an XML fingerprint database to another format."
|
45
|
-
opts.separator ""
|
46
|
-
opts.separator "Options"
|
47
|
-
|
48
|
-
opts.on("-t", "--type type",
|
49
|
-
"Choose a type of export.",
|
50
|
-
" [r]uby (default - export a ruby case statement with regular expressions)",
|
51
|
-
" [t]ext (export a text description of the fingerprints)") do |etype|
|
52
|
-
case etype.downcase
|
53
|
-
when /^r/
|
54
|
-
options.etype = :ruby
|
55
|
-
when /^t/
|
56
|
-
options.etype = :text
|
57
|
-
end
|
58
|
-
end
|
59
|
-
|
60
|
-
opts.on("-h", "--help", "Show this message.") do
|
61
|
-
puts opts
|
62
|
-
exit
|
63
|
-
end
|
64
|
-
end
|
65
|
-
option_parser.parse!(ARGV)
|
66
|
-
|
67
|
-
if ARGV.count != 1
|
68
|
-
puts option_parser
|
69
|
-
exit
|
70
|
-
end
|
71
|
-
|
72
|
-
options.xml_file = ARGV.shift
|
73
|
-
options.db = Recog::DB.new(options.xml_file)
|
74
|
-
|
75
|
-
case options.etype
|
76
|
-
when :ruby
|
77
|
-
export_ruby(options)
|
78
|
-
when :text
|
79
|
-
export_text(options)
|
80
|
-
end
|
81
|
-
|