recog 2.3.22 → 3.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (128) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +2 -0
  3. data/LICENSE +1 -1
  4. data/README.md +25 -16
  5. data/Rakefile +2 -9
  6. data/lib/recog/db_manager.rb +1 -1
  7. data/lib/recog/fingerprint.rb +21 -7
  8. data/lib/recog/fingerprint_parse_error.rb +10 -0
  9. data/lib/recog/match_reporter.rb +37 -3
  10. data/lib/recog/matcher.rb +5 -10
  11. data/lib/recog/verifier.rb +4 -4
  12. data/lib/recog/verify_reporter.rb +7 -6
  13. data/lib/recog/version.rb +1 -1
  14. data/{bin → recog/bin}/recog_match +20 -7
  15. data/{xml → recog/xml}/apache_modules.xml +0 -0
  16. data/{xml → recog/xml}/apache_os.xml +61 -19
  17. data/{xml → recog/xml}/architecture.xml +15 -1
  18. data/{xml → recog/xml}/dhcp_vendor_class.xml +10 -10
  19. data/{xml → recog/xml}/dns_versionbind.xml +16 -13
  20. data/{xml → recog/xml}/favicons.xml +167 -9
  21. data/{xml → recog/xml}/fingerprints.xsd +9 -1
  22. data/{xml → recog/xml}/ftp_banners.xml +131 -141
  23. data/{xml → recog/xml}/h323_callresp.xml +2 -2
  24. data/{xml → recog/xml}/hp_pjl_id.xml +81 -81
  25. data/{xml → recog/xml}/html_title.xml +250 -9
  26. data/{xml → recog/xml}/http_cookies.xml +111 -34
  27. data/{xml → recog/xml}/http_servers.xml +483 -270
  28. data/{xml → recog/xml}/http_wwwauth.xml +83 -37
  29. data/{xml → recog/xml}/imap_banners.xml +10 -10
  30. data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
  31. data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
  32. data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
  33. data/{xml → recog/xml}/mysql_banners.xml +0 -0
  34. data/{xml → recog/xml}/mysql_error.xml +0 -0
  35. data/{xml → recog/xml}/nntp_banners.xml +8 -5
  36. data/{xml → recog/xml}/ntp_banners.xml +33 -33
  37. data/{xml → recog/xml}/operating_system.xml +92 -77
  38. data/{xml → recog/xml}/pop_banners.xml +25 -25
  39. data/{xml → recog/xml}/rsh_resp.xml +0 -0
  40. data/{xml → recog/xml}/rtsp_servers.xml +0 -0
  41. data/{xml → recog/xml}/sip_banners.xml +16 -5
  42. data/{xml → recog/xml}/sip_user_agents.xml +122 -27
  43. data/{xml → recog/xml}/smb_native_lm.xml +5 -5
  44. data/{xml → recog/xml}/smb_native_os.xml +25 -25
  45. data/{xml → recog/xml}/smtp_banners.xml +132 -131
  46. data/{xml → recog/xml}/smtp_debug.xml +0 -0
  47. data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
  48. data/{xml → recog/xml}/smtp_expn.xml +0 -0
  49. data/{xml → recog/xml}/smtp_help.xml +1 -1
  50. data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
  51. data/{xml → recog/xml}/smtp_noop.xml +0 -0
  52. data/{xml → recog/xml}/smtp_quit.xml +0 -0
  53. data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
  54. data/{xml → recog/xml}/smtp_rset.xml +0 -0
  55. data/{xml → recog/xml}/smtp_turn.xml +0 -0
  56. data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
  57. data/{xml → recog/xml}/snmp_sysdescr.xml +1248 -1233
  58. data/{xml → recog/xml}/snmp_sysobjid.xml +13 -2
  59. data/{xml → recog/xml}/ssh_banners.xml +9 -5
  60. data/{xml → recog/xml}/telnet_banners.xml +83 -1
  61. data/{xml → recog/xml}/tls_jarm.xml +30 -2
  62. data/{xml → recog/xml}/x11_banners.xml +3 -3
  63. data/{xml → recog/xml}/x509_issuers.xml +24 -4
  64. data/{xml → recog/xml}/x509_subjects.xml +32 -3
  65. data/recog.gemspec +9 -5
  66. data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
  67. data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
  68. data/spec/data/external_example_fingerprint.xml +8 -0
  69. data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
  70. data/spec/lib/recog/db_spec.rb +84 -61
  71. data/spec/lib/recog/fingerprint_spec.rb +4 -4
  72. data/spec/lib/recog/match_reporter_spec.rb +22 -8
  73. data/spec/lib/recog/verify_reporter_spec.rb +8 -8
  74. data/spec/spec_helper.rb +4 -0
  75. data.tar.gz.sig +0 -0
  76. metadata +154 -142
  77. metadata.gz.sig +0 -0
  78. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
  79. data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
  80. data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
  81. data/.github/PULL_REQUEST_TEMPLATE +0 -24
  82. data/.github/SECURITY.md +0 -35
  83. data/.github/dependabot.yml +0 -8
  84. data/.github/workflows/ci.yml +0 -26
  85. data/.github/workflows/verify.yml +0 -89
  86. data/.gitignore +0 -23
  87. data/.rspec +0 -3
  88. data/.ruby-gemset +0 -1
  89. data/.ruby-version +0 -1
  90. data/.snyk +0 -10
  91. data/.travis.yml +0 -25
  92. data/CONTRIBUTING.md +0 -276
  93. data/bin/recog_cleanup +0 -16
  94. data/bin/recog_export +0 -81
  95. data/bin/recog_standardize +0 -163
  96. data/bin/recog_verify +0 -63
  97. data/cpe-remap.yaml +0 -356
  98. data/features/data/failing_banners_fingerprints.xml +0 -20
  99. data/features/data/matching_banners_fingerprints.xml +0 -23
  100. data/features/data/multiple_banners_fingerprints.xml +0 -32
  101. data/features/data/no_tests.xml +0 -3
  102. data/features/data/sample_banner.txt +0 -2
  103. data/features/data/successful_tests.xml +0 -18
  104. data/features/data/tests_with_failures.xml +0 -20
  105. data/features/data/tests_with_warnings.xml +0 -17
  106. data/features/match.feature +0 -36
  107. data/features/support/aruba.rb +0 -3
  108. data/features/support/env.rb +0 -6
  109. data/features/verify.feature +0 -48
  110. data/identifiers/README.md +0 -70
  111. data/identifiers/fields.txt +0 -105
  112. data/identifiers/hw_device.txt +0 -84
  113. data/identifiers/hw_family.txt +0 -121
  114. data/identifiers/hw_product.txt +0 -461
  115. data/identifiers/os_architecture.txt +0 -10
  116. data/identifiers/os_device.txt +0 -75
  117. data/identifiers/os_family.txt +0 -234
  118. data/identifiers/os_product.txt +0 -350
  119. data/identifiers/service_family.txt +0 -249
  120. data/identifiers/service_product.txt +0 -764
  121. data/identifiers/vendor.txt +0 -847
  122. data/lib/recog/verifier_factory.rb +0 -13
  123. data/misc/convert_mysql_err +0 -61
  124. data/misc/order.xsl +0 -17
  125. data/requirements.txt +0 -2
  126. data/spec/lib/fingerprint_self_test_spec.rb +0 -175
  127. data/tools/dev/hooks/pre-commit +0 -21
  128. data/update_cpes.py +0 -250
data/.github/SECURITY.md DELETED
@@ -1,35 +0,0 @@
1
- # Reporting security issues
2
-
3
- Thanks for your interest in making Recog more secure! If you feel
4
- that you have found a security issue involving Metasploit, Meterpreter,
5
- Recog, or any other Rapid7 open source project, you are welcome to let
6
- us know in the way that's most comfortable for you.
7
-
8
- ## Via ZenDesk
9
-
10
- You can click on the big blue button at [Rapid7's Vulnerability
11
- Disclosure][r7-vulns] page, which will get you to our general
12
- vulnerability reporting system. While this does require a (free) ZenDesk
13
- account to use, you'll get regular updates on your issue as our software
14
- support teams work through it. As it happens [that page][r7-vulns] also
15
- will tell you what to expect when it comes to reporting vulns, how fast
16
- we'll fix and respond, and all the rest, so it's a pretty good read
17
- regardless.
18
-
19
- ## Via email
20
-
21
- If you're more of a traditionalist, you can email your finding to
22
- security@rapid7.com. If you like, you can use our [PGP key][pgp] to
23
- encrypt your messages, but we certainly don't mind cleartext reports
24
- over email.
25
-
26
- ## NOT via GitHub Issues
27
-
28
- Please don't! Disclosing security vulnerabilities to public bug trackers
29
- is kind of mean, even when it's well-intentioned, since you end up
30
- dropping 0-day on pretty much everyone right out of the gate. We'd prefer
31
- you didn't!
32
-
33
- [r7-vulns]:https://www.rapid7.com/security/disclosure/
34
- [pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
35
-
@@ -1,8 +0,0 @@
1
- version: 2
2
- updates:
3
- - package-ecosystem: bundler
4
- directory: "/"
5
- schedule:
6
- interval: daily
7
- time: "11:00"
8
- open-pull-requests-limit: 10
@@ -1,26 +0,0 @@
1
- name: CI
2
-
3
- on: [push, pull_request]
4
-
5
- jobs:
6
- test:
7
- name: 'Ruby: ${{ matrix.ruby-version }}'
8
- runs-on: ubuntu-latest
9
- strategy:
10
- fail-fast: false
11
- matrix:
12
- ruby-version: ['2.5', '2.6', '2.7', '3.0', 'jruby-9.1.17.0', 'jruby']
13
-
14
- steps:
15
- - uses: actions/checkout@v2
16
- - name: Set up Ruby
17
- uses: ruby/setup-ruby@v1
18
- with:
19
- ruby-version: ${{ matrix.ruby-version }}
20
- bundler-cache: true # runs 'bundle install' and caches installed gems automatically
21
- - name: Run tests
22
- run: |
23
- bundle exec rake --version
24
- bundle exec rake tests
25
- env:
26
- JRUBY_OPTS: --server -J-Xms512m -J-Xmx2G
@@ -1,89 +0,0 @@
1
- name: Verify
2
-
3
- on:
4
- push:
5
- branches:
6
- - master
7
- paths:
8
- - 'xml/**.xml'
9
- pull_request:
10
- paths:
11
- - 'xml/**.xml'
12
-
13
- jobs:
14
- standardize:
15
- name: 'Standardize'
16
- runs-on: ubuntu-latest
17
- strategy:
18
- fail-fast: false
19
-
20
- steps:
21
- - uses: actions/checkout@v2
22
- - uses: ruby/setup-ruby@v1
23
- with:
24
- bundler-cache: true # runs 'bundle install' and caches installed gems automatically
25
- - name: Run recog standardize
26
- run: bundle exec bin/recog_standardize xml/*.xml
27
- ruby-verify:
28
- name: 'Ruby Verify'
29
- runs-on: ubuntu-latest
30
- strategy:
31
- fail-fast: false
32
-
33
- steps:
34
- - name: Checkout Ruby implementation
35
- uses: actions/checkout@v2
36
- - uses: ruby/setup-ruby@v1
37
- with:
38
- bundler-cache: true # runs 'bundle install' and caches installed gems automatically
39
- - name: Run recog verify
40
- run: bundle exec recog_verify --no-warnings xml/*.xml
41
- java-verify:
42
- name: 'Java Verify'
43
- runs-on: ubuntu-latest
44
- strategy:
45
- fail-fast: false
46
-
47
- steps:
48
- - name: Checkout Java implementation
49
- uses: actions/checkout@v2
50
- with:
51
- repository: rapid7/recog-java
52
- - name: Checkout recog content
53
- uses: actions/checkout@v2
54
- with:
55
- path: recog-content
56
- - uses: actions/setup-java@v2
57
- with:
58
- distribution: zulu
59
- java-version: '17'
60
- - name: Cache Maven packages
61
- uses: actions/cache@v2
62
- with:
63
- path: ~/.m2
64
- key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
65
- restore-keys: ${{ runner.os }}-m2
66
- - name: Build with Maven
67
- run: mvn --batch-mode --no-transfer-progress install -Dmaven.antrun.skip=true -DskipTests
68
- - name: Run recog verify
69
- run: mvn --batch-mode --no-transfer-progress --projects recog-verify exec:java -Dexec.mainClass="com.rapid7.recog.verify.RecogVerifier" -Dexec.args="--no-warnings recog-content/xml/*.xml"
70
- go-verify:
71
- name: 'Go Verify'
72
- runs-on: ubuntu-latest
73
- strategy:
74
- fail-fast: false
75
-
76
- steps:
77
- - name: Checkout Go implementation
78
- uses: actions/checkout@v2
79
- with:
80
- repository: RumbleDiscovery/recog-go
81
- - name: Checkout recog content
82
- uses: actions/checkout@v2
83
- with:
84
- path: recog-content
85
- - uses: actions/setup-go@v2
86
- with:
87
- go-version: '^1.17.1'
88
- - name: Run recog verify
89
- run: go run cmd/recog_verify/main.go recog-content/xml/
data/.gitignore DELETED
@@ -1,23 +0,0 @@
1
- # Ruby and tooling specific
2
- .yardoc
3
- coverage/
4
- doc/
5
- pkg/
6
-
7
- /Gemfile.lock
8
-
9
- #Python specific
10
- venv
11
-
12
- # IDE specific
13
- .vscode/
14
- .idea
15
-
16
- # Misc
17
- **/.DS_Store
18
-
19
- # CPE XML
20
- official-cpe-dictionary*.xml
21
-
22
- # CPE Remap Errors
23
- errors.txt
data/.rspec DELETED
@@ -1,3 +0,0 @@
1
- --color
2
- --warnings
3
- --require spec_helper
data/.ruby-gemset DELETED
@@ -1 +0,0 @@
1
- recog
data/.ruby-version DELETED
@@ -1 +0,0 @@
1
- 2.6.6
data/.snyk DELETED
@@ -1,10 +0,0 @@
1
- # Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
2
- python: 3.6.0
3
- version: v1.14.1
4
- # ignores vulnerabilities until expiry date; change duration by modifying expiry date
5
- ignore:
6
- SNYK-PYTHON-PYYAML-590151:
7
- - pyyaml:
8
- reason: Project doesn't use vulnerable code path.
9
- expires: 2021-06-01T00:00:00.000Z
10
- patch: {}
data/.travis.yml DELETED
@@ -1,25 +0,0 @@
1
- language: ruby
2
- sudo: false
3
- cache: bundler
4
- rvm:
5
- - '2.5.8'
6
- - '2.6.6'
7
- - 'jruby-9.1.9.0'
8
- jdk:
9
- - openjdk8
10
- matrix:
11
- allow_failures:
12
- - rvm: 'jruby-9.1.9.0'
13
- before_install:
14
- - "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
15
- - rake --version
16
- before_script:
17
- - bundle exec rake --version
18
- script: bundle exec rake tests
19
- env:
20
- global:
21
- - CI="travis"
22
- - JRUBY_OPTS="--server -J-Xms512m -J-Xmx2G"
23
- branches:
24
- only:
25
- - master
data/CONTRIBUTING.md DELETED
@@ -1,276 +0,0 @@
1
- # Contributing to Recog
2
-
3
- The users and maintainers of Recog would greatly appreciate any contributions
4
- you can make to the project. These contributions typically come in the form of
5
- filed bugs/issues or pull requests (PRs). These contributions routinely result
6
- in new versions of the [recog gem](https://rubygems.org/gems/recog) being
7
- released. The process for everything is described below.
8
-
9
- ## Table of Contents
10
-
11
- 1. [Contributing Issues / Bug Reports](#contributing-issues-/-bug-reports)
12
- 1. [Contributing Code](#contributing-code)
13
- 1. [Fork and Clone](#fork-and-clone)
14
- 1. [Branch and Improve](#branch-and-improve)
15
- 1. [Testing](#testing)
16
- 1. [Fingerprints](#fingerprints)
17
- 1. [Best Practices](#best-practices)
18
- 1. [Fingerprint Testing](#fingerprint-testing)
19
- 1. [Updating CPEs](#updating-cpes)
20
- 1. [Project Operations](#project-operations)
21
- 1. [Landing PRs](#landing-prs)
22
- 1. [Releasing New Versions](#releasing-new-versions)
23
-
24
- ## Contributing Issues / Bug Reports
25
-
26
- If you encounter any bugs or problems with Recog, please file them
27
- [here](https://github.com/rapid7/recog/issues/new), providing as much detail as
28
- possible. If the bug is straight-forward enough and you understand the fix for
29
- the bug well enough, you may take the simpler, less-paperwork route and simply
30
- fill a PR with the fix and the necessary details.
31
-
32
- [^back to top](#contributing-to-recog)
33
-
34
- ## Contributing Code
35
-
36
- Recog uses a model nearly identical to that of
37
- [Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
38
- [here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
39
- at least from a ```git``` perspective. If you've been through that process
40
- (or, even better, you've been through it many times with many people), you can
41
- do exactly what you did for Metasploit but with Recog and ignore the rest of
42
- this document.
43
-
44
- On the other hand, if you haven't, read on!
45
-
46
- [^back to top](#contributing-to-recog)
47
-
48
- ### Fork and Clone
49
-
50
- Generally, this should only need to be done once, or if you need to start over.
51
-
52
- 1. Fork Recog: Visit https://github.com/rapid7/recog and click Fork,
53
- selecting your github account if prompted
54
- 1. Clone `git@github.com:<your-github-username>/recog.git`, replacing
55
- `<your-github-username>` with, you guessed it, your Github username.
56
- 1. Add the master Recog repository as your upstream:
57
-
58
- ```bash
59
- git remote add upstream git://github.com/rapid7/recog.git
60
- ```
61
-
62
- 1. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
63
-
64
- ```bash
65
- [remote "upstream"]
66
- url = git@github.com:rapid7/recog.git
67
- fetch = +refs/heads/*:refs/remotes/upstream/*
68
- fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
69
- ```
70
-
71
- 1. Fetch the latest revisions, including PRs:
72
-
73
- ```bash
74
- git fetch --all
75
- ```
76
-
77
- 1. Set up git hooks to help identify potential issues with your contributions:
78
-
79
- ```bash
80
- ln -sf ../../tools/dev/hooks/pre-commit .git/hooks/pre-commit
81
- ```
82
-
83
- [^back to top](#contributing-to-recog)
84
-
85
- ### Branch and Improve
86
-
87
- If you have a contribution to make, first create a branch to contain your
88
- work. The name is yours to choose, however generally it should roughly
89
- describe what you are doing. In this example, and from here on out, the
90
- branch will be FOO, but you should obviously change this:
91
-
92
- ```bash
93
- git fetch --all
94
- git checkout master
95
- git rebase upstream/master
96
- git checkout -b FOO
97
- ```
98
-
99
- Now, make your changes, commit as necessary with useful commit messages.
100
-
101
- Please note that changes to [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) in PRs are almost never necessary.
102
-
103
- Now push your changes to your fork:
104
-
105
- ```bash
106
- git push origin FOO
107
- ```
108
-
109
- Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/recog/compare/FOO```, fill in the details and submit.
110
-
111
- [^back to top](#contributing-to-recog)
112
-
113
- ### Testing
114
-
115
- When your PR is submitted, it will be automatically subjected to the full run of tests in [Travis](https://travis-ci.org/rapid7/recog/), however you are encourage to perform testing _before_ submitting the PR. To do this, simply run `rake tests`.
116
-
117
- [^back to top](#contributing-to-recog)
118
-
119
- ## Fingerprints
120
-
121
- ### Best Practices
122
-
123
- * Create a single fingerprint for each product as long as the pattern remains clear and readable. If that is not possible, the pattern should be logically decomposed into additional fingerprints.
124
-
125
- * Create regular expressions that allow for flexible version number matching. This ensures greater probability of matching a product. For example, all known public releases of a product report either `major.minor` or `major.minor.build` format version numbers. If the fingerprint strictly matches this version number format, it would fail to match a modified build of the product that reports only a `major` version number format.
126
-
127
- [^back to top](#contributing-to-recog)
128
-
129
- ### Fingerprint Testing
130
-
131
- Once a fingerprint has been added, the `example` entries can be tested by executing `bin/recog_verify` against the fingerprint file:
132
-
133
- ```shell
134
- bin/recog_verify xml/ssh_banners.xml
135
- ```
136
-
137
- Matches can be tested on the command-line in a similar fashion:
138
-
139
- ```shell
140
- $ echo 'OpenSSH_6.6p1 Ubuntu-2ubuntu1' | bin/recog_match xml/ssh_banners.xml -
141
- MATCH: {"matched"=>"OpenSSH running on Ubuntu 14.04", "service.version"=>"6.6p1", "openssh.comment"=>"Ubuntu-2ubuntu1", "service.vendor"=>"OpenBSD", "service.family"=>"OpenSSH", "service.product"=>"OpenSSH", "os.vendor"=>"Ubuntu", "os.device"=>"General", "os.family"=>"Linux", "os.product"=>"Linux", "os.version"=>"14.04", "service.protocol"=>"ssh", "fingerprint_db"=>"ssh.banner", "data"=>"OpenSSH_6.6p1 Ubuntu-2ubuntu1"}
142
- ```
143
-
144
- [^back to top](#contributing-to-recog)
145
-
146
-
147
- ### Standardizing Vendors, Products, and Services
148
-
149
- Given the number of fingerprints in Recog, it can be common for specific products, vendors, or services to be identified with different spellings and casing.
150
- To limit the creep of slightly-different-names, the `bin/recog_standardize` script can be used to extract all identifiers and merge them into the known lists.
151
-
152
- To get started, run the `recog_standardize` tool:
153
- ```shell
154
- ruby bin/recog_standardize
155
- ```
156
-
157
- Review any new additions to the text files under `identifiers/`. If any of these names are close to an existing name, update the offending fingerprint to use
158
- the existing name instead. Once the fingerprints are fixed, removed the "extra" names from the identifiers files, and run the tool again.
159
-
160
-
161
- [^back to top](#contributing-to-recog)
162
-
163
-
164
- ### Updating CPEs
165
-
166
- There exists some automation to update the CPEs that might be asserted with
167
- some recog fingerprints. This should be run periodically to ensure that all
168
- fingerprints that could have CPEs do, etc.
169
-
170
- First, setup a python3 venv:
171
-
172
- ```bash
173
- python3 -m venv venv
174
- source venv/{bin,Scripts}/activate
175
- pip install -r requirements.txt
176
- ```
177
-
178
- Download the latest CPE 2.3 dictionary:
179
-
180
- ```bash
181
- curl -o official-cpe-dictionary_v2.3.xml.gz https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz && \
182
- gunzip official-cpe-dictionary_v2.3.xml.gz
183
- ```
184
-
185
- Run the CPE automation against every XML file:
186
-
187
- ```bash
188
- # Update the CPEs (sequentially)
189
- ls xml/*.xml | xargs -i python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml 2>>errors.txt
190
- ```
191
-
192
- You may want to use GNU `parallel` to speed things up:
193
- ```bash
194
- # Update the CPEs (with GNU Parallel)
195
- ls xml/*.xml | parallel --gnu "python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml" 2>>errors.txt
196
- ```
197
-
198
- Clean up the whitespace across all fingerprints:
199
- ```bash
200
- ruby bin/recog_cleanup
201
- ```
202
-
203
- Any mismatched fingerprints will be listed in `errors.txt` for eventual
204
- maintenance. The `cpe-remap.yaml` file can be used to map between
205
- vendor/product/etc differences between Recog and CPE, or to work around bugs in
206
- either.
207
-
208
- [^back to top](#contributing-to-recog)
209
-
210
- ## Project Operations
211
-
212
- ### Landing PRs
213
-
214
- (Note: this portion is a work-in-progress. Please update it as things change)
215
-
216
- Much like with the process of submitting PRs, Recog's process for landing PRs
217
- is very similar to [Metasploit's process for landing
218
- PRs](https://github.com/rapid7/metasploit-framework/wiki/Landing-Pull-Requests).
219
- In short:
220
-
221
- 1. Follow the "Fork and Clone" steps from above
222
- 2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
223
-
224
- ```bash
225
- [remote "upstream"]
226
- url = git@github.com:rapid7/recog.git
227
- fetch = +refs/heads/*:refs/remotes/upstream/*
228
- fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
229
- ```
230
-
231
- 3. Fetch the latest revisions, including PRs:
232
-
233
- ```bash
234
- git fetch --all
235
- ```
236
-
237
- 4. Checkout and branch the PR for testing. Replace ```PR``` below with the actual PR # in question:
238
-
239
- ```bash
240
- git checkout -b landing-PR upstream/pr/PR
241
- ```
242
-
243
- 5. Test the PR (see the Testing section above)
244
- 6. Merge with master, re-test, validate and push:
245
-
246
- ```bash
247
- git checkout -b upstream-master --track upstream/master
248
- git merge -S --no-ff --edit landing-PR # merge the PR into upstream-master
249
-
250
- # re-test if/as necessary
251
- git push upstream upstream-master:master --dry-run # confirm you are pushing what you expect
252
-
253
- git push upstream upstream-master:master # push upstream-master to upstream:master
254
- ```
255
-
256
- 7. If applicable, release a new version (see next section)
257
-
258
- [^back to top](#contributing-to-recog)
259
-
260
- ### Releasing New Versions
261
-
262
- When Recog's critical parts are modified, for example its fingerprints or underlying supporting code, a new version _must_ eventually be released. These new releases can then be optionally included in projects such as Metasploit or products such as Rapid7's Nexpose in a controlled manner. Releases for non-functional updates such as updates to documentation are not necessary.
263
-
264
- When a new version of Recog is to be released, you _must_ follow the instructions below.
265
-
266
- 1. If are not already a Recog project contributor for the Recog gem (you'd be listed [here under OWNERS](https://rubygems.org/gems/recog)), become one:
267
- 1. Get an account on [Rubygems](https://rubygems.org)
268
- 1. Contact one of the Recog project contributors (listed [here under OWNERS](https://rubygems.org/gems/recog) and have them add you to the Recog gem. They'll need to run: `gem owner recog -a EMAIL`
269
-
270
- 1. Edit [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) and increment `VERSION`. Commit and push to rapid7/recog master.
271
-
272
- 1. Run `rake release`. Among other things, this creates the new gem, uploads it to Rubygems and tags the release with a tag like `v<VERSION>`, where `<VERSION>` is replaced with the version from `version.rb`. For example, if you release version 1.2.3 of the gem, the tag will be `v1.2.3`.
273
-
274
- 1. If your default remote repository is not `rapid7/recog`, you must ensure that the tags created in the previous step are also pushed to the right location(s). For example, if `origin` is your fork of recog and `upstream` is `rapid7/master`, you should run `git push --tags --dry-run upstream` to confirm what tags will be pushed and then `git push --tags upstream` to push the tags.
275
-
276
- [^back to top](#contributing-to-recog)
data/bin/recog_cleanup DELETED
@@ -1,16 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- $:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
4
- require 'optparse'
5
- require 'ostruct'
6
- require 'recog'
7
-
8
- # Cleanup trailing whitespace around fingerprints
9
- Dir[ File.expand_path(File.join(File.dirname(__FILE__), "..", "xml")) + "/*.xml" ].each do |f|
10
- data = File.read(f).
11
- gsub(/\s+$/, ''). # Trailing whitespace and empty lines
12
- gsub("</fingerprint>", "</fingerprint>\n"). # Every fingerprint should have an empty line after it
13
- gsub("-->", "-->\n") # Every comment should have an empty line after it
14
-
15
- File.write(f, data)
16
- end
data/bin/recog_export DELETED
@@ -1,81 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- $:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
4
- require 'optparse'
5
- require 'ostruct'
6
- require 'recog'
7
-
8
- def squash_lines(str)
9
- str.split(/\n/).join(' ').gsub(/\s+/, ' ')
10
- end
11
-
12
- def export_text(options)
13
- end
14
-
15
- def export_ruby(options)
16
- $stdout.puts "# Recog fingerprint database export [ #{File.basename(options.xml_file)} ] on #{Time.now.to_s}"
17
- $stdout.puts "fp_str = '' # Set this value to the match string"
18
- $stdout.puts "fp_match = {} # Match results are stored here"
19
- $stdout.puts ""
20
- $stdout.puts "case fp_str"
21
- options.db.fingerprints.each do |fp|
22
- puts " # #{squash_lines fp.name}"
23
- puts " when /#{fp.regex.to_s}/"
24
- fp.tests.each do |test|
25
- puts " # Example: #{squash_lines test}"
26
- end
27
- fp.params.each_pair do |k,v|
28
- if v[0] == 0
29
- puts " fp_match[#{k.inspect}] = #{v[1].inspect}"
30
- else
31
- puts " fp_match[#{k.inspect}] = $#{v[0].to_s}"
32
- end
33
- end
34
- puts ""
35
- end
36
- $stdout.puts "end"
37
- end
38
-
39
-
40
- options = OpenStruct.new(etype: :ruby)
41
-
42
- option_parser = OptionParser.new do |opts|
43
- opts.banner = "Usage: #{$0} [options] XML_FINGERPRINTS_FILE"
44
- opts.separator "Exports an XML fingerprint database to another format."
45
- opts.separator ""
46
- opts.separator "Options"
47
-
48
- opts.on("-t", "--type type",
49
- "Choose a type of export.",
50
- " [r]uby (default - export a ruby case statement with regular expressions)",
51
- " [t]ext (export a text description of the fingerprints)") do |etype|
52
- case etype.downcase
53
- when /^r/
54
- options.etype = :ruby
55
- when /^t/
56
- options.etype = :text
57
- end
58
- end
59
-
60
- opts.on("-h", "--help", "Show this message.") do
61
- puts opts
62
- exit
63
- end
64
- end
65
- option_parser.parse!(ARGV)
66
-
67
- if ARGV.count != 1
68
- puts option_parser
69
- exit
70
- end
71
-
72
- options.xml_file = ARGV.shift
73
- options.db = Recog::DB.new(options.xml_file)
74
-
75
- case options.etype
76
- when :ruby
77
- export_ruby(options)
78
- when :text
79
- export_text(options)
80
- end
81
-