recog 2.3.22 → 3.0.2

Sign up to get free protection for your applications and to get access to all the features.
Files changed (128) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +2 -0
  3. data/LICENSE +1 -1
  4. data/README.md +25 -16
  5. data/Rakefile +2 -9
  6. data/lib/recog/db_manager.rb +1 -1
  7. data/lib/recog/fingerprint.rb +21 -7
  8. data/lib/recog/fingerprint_parse_error.rb +10 -0
  9. data/lib/recog/match_reporter.rb +37 -3
  10. data/lib/recog/matcher.rb +5 -10
  11. data/lib/recog/verifier.rb +4 -4
  12. data/lib/recog/verify_reporter.rb +7 -6
  13. data/lib/recog/version.rb +1 -1
  14. data/{bin → recog/bin}/recog_match +20 -7
  15. data/{xml → recog/xml}/apache_modules.xml +0 -0
  16. data/{xml → recog/xml}/apache_os.xml +61 -19
  17. data/{xml → recog/xml}/architecture.xml +15 -1
  18. data/{xml → recog/xml}/dhcp_vendor_class.xml +10 -10
  19. data/{xml → recog/xml}/dns_versionbind.xml +16 -13
  20. data/{xml → recog/xml}/favicons.xml +167 -9
  21. data/{xml → recog/xml}/fingerprints.xsd +9 -1
  22. data/{xml → recog/xml}/ftp_banners.xml +131 -141
  23. data/{xml → recog/xml}/h323_callresp.xml +2 -2
  24. data/{xml → recog/xml}/hp_pjl_id.xml +81 -81
  25. data/{xml → recog/xml}/html_title.xml +250 -9
  26. data/{xml → recog/xml}/http_cookies.xml +111 -34
  27. data/{xml → recog/xml}/http_servers.xml +483 -270
  28. data/{xml → recog/xml}/http_wwwauth.xml +83 -37
  29. data/{xml → recog/xml}/imap_banners.xml +10 -10
  30. data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
  31. data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
  32. data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
  33. data/{xml → recog/xml}/mysql_banners.xml +0 -0
  34. data/{xml → recog/xml}/mysql_error.xml +0 -0
  35. data/{xml → recog/xml}/nntp_banners.xml +8 -5
  36. data/{xml → recog/xml}/ntp_banners.xml +33 -33
  37. data/{xml → recog/xml}/operating_system.xml +92 -77
  38. data/{xml → recog/xml}/pop_banners.xml +25 -25
  39. data/{xml → recog/xml}/rsh_resp.xml +0 -0
  40. data/{xml → recog/xml}/rtsp_servers.xml +0 -0
  41. data/{xml → recog/xml}/sip_banners.xml +16 -5
  42. data/{xml → recog/xml}/sip_user_agents.xml +122 -27
  43. data/{xml → recog/xml}/smb_native_lm.xml +5 -5
  44. data/{xml → recog/xml}/smb_native_os.xml +25 -25
  45. data/{xml → recog/xml}/smtp_banners.xml +132 -131
  46. data/{xml → recog/xml}/smtp_debug.xml +0 -0
  47. data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
  48. data/{xml → recog/xml}/smtp_expn.xml +0 -0
  49. data/{xml → recog/xml}/smtp_help.xml +1 -1
  50. data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
  51. data/{xml → recog/xml}/smtp_noop.xml +0 -0
  52. data/{xml → recog/xml}/smtp_quit.xml +0 -0
  53. data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
  54. data/{xml → recog/xml}/smtp_rset.xml +0 -0
  55. data/{xml → recog/xml}/smtp_turn.xml +0 -0
  56. data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
  57. data/{xml → recog/xml}/snmp_sysdescr.xml +1248 -1233
  58. data/{xml → recog/xml}/snmp_sysobjid.xml +13 -2
  59. data/{xml → recog/xml}/ssh_banners.xml +9 -5
  60. data/{xml → recog/xml}/telnet_banners.xml +83 -1
  61. data/{xml → recog/xml}/tls_jarm.xml +30 -2
  62. data/{xml → recog/xml}/x11_banners.xml +3 -3
  63. data/{xml → recog/xml}/x509_issuers.xml +24 -4
  64. data/{xml → recog/xml}/x509_subjects.xml +32 -3
  65. data/recog.gemspec +9 -5
  66. data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
  67. data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
  68. data/spec/data/external_example_fingerprint.xml +8 -0
  69. data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
  70. data/spec/lib/recog/db_spec.rb +84 -61
  71. data/spec/lib/recog/fingerprint_spec.rb +4 -4
  72. data/spec/lib/recog/match_reporter_spec.rb +22 -8
  73. data/spec/lib/recog/verify_reporter_spec.rb +8 -8
  74. data/spec/spec_helper.rb +4 -0
  75. data.tar.gz.sig +0 -0
  76. metadata +154 -142
  77. metadata.gz.sig +0 -0
  78. data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
  79. data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
  80. data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
  81. data/.github/PULL_REQUEST_TEMPLATE +0 -24
  82. data/.github/SECURITY.md +0 -35
  83. data/.github/dependabot.yml +0 -8
  84. data/.github/workflows/ci.yml +0 -26
  85. data/.github/workflows/verify.yml +0 -89
  86. data/.gitignore +0 -23
  87. data/.rspec +0 -3
  88. data/.ruby-gemset +0 -1
  89. data/.ruby-version +0 -1
  90. data/.snyk +0 -10
  91. data/.travis.yml +0 -25
  92. data/CONTRIBUTING.md +0 -276
  93. data/bin/recog_cleanup +0 -16
  94. data/bin/recog_export +0 -81
  95. data/bin/recog_standardize +0 -163
  96. data/bin/recog_verify +0 -63
  97. data/cpe-remap.yaml +0 -356
  98. data/features/data/failing_banners_fingerprints.xml +0 -20
  99. data/features/data/matching_banners_fingerprints.xml +0 -23
  100. data/features/data/multiple_banners_fingerprints.xml +0 -32
  101. data/features/data/no_tests.xml +0 -3
  102. data/features/data/sample_banner.txt +0 -2
  103. data/features/data/successful_tests.xml +0 -18
  104. data/features/data/tests_with_failures.xml +0 -20
  105. data/features/data/tests_with_warnings.xml +0 -17
  106. data/features/match.feature +0 -36
  107. data/features/support/aruba.rb +0 -3
  108. data/features/support/env.rb +0 -6
  109. data/features/verify.feature +0 -48
  110. data/identifiers/README.md +0 -70
  111. data/identifiers/fields.txt +0 -105
  112. data/identifiers/hw_device.txt +0 -84
  113. data/identifiers/hw_family.txt +0 -121
  114. data/identifiers/hw_product.txt +0 -461
  115. data/identifiers/os_architecture.txt +0 -10
  116. data/identifiers/os_device.txt +0 -75
  117. data/identifiers/os_family.txt +0 -234
  118. data/identifiers/os_product.txt +0 -350
  119. data/identifiers/service_family.txt +0 -249
  120. data/identifiers/service_product.txt +0 -764
  121. data/identifiers/vendor.txt +0 -847
  122. data/lib/recog/verifier_factory.rb +0 -13
  123. data/misc/convert_mysql_err +0 -61
  124. data/misc/order.xsl +0 -17
  125. data/requirements.txt +0 -2
  126. data/spec/lib/fingerprint_self_test_spec.rb +0 -175
  127. data/tools/dev/hooks/pre-commit +0 -21
  128. data/update_cpes.py +0 -250
@@ -1,163 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- $:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
4
- require 'optparse'
5
- require 'ostruct'
6
- require 'recog'
7
-
8
- def load_identifiers(path)
9
- res = {}
10
- File.readlines(path).map{|line| line.strip}.each do |ident|
11
- res[ident] = true
12
- end
13
- return res
14
- end
15
-
16
- def write_identifiers(vals, path)
17
- res = []
18
- vals.each_pair do |k,v|
19
- res = res.push(k)
20
- end
21
- res = res.map{|x| x.strip}.select{|x| x.length > 0}.sort.uniq
22
- File.write(path, res.join("\n") + "\n")
23
- end
24
-
25
- bdir = File.expand_path(File.join(File.dirname(__FILE__), "..", "identifiers"))
26
-
27
- options = OpenStruct.new(write: false)
28
- option_parser = OptionParser.new do |opts|
29
- opts.banner = "Usage: #{$0} [options] XML_FINGERPRINT_FILE1 ..."
30
- opts.separator "Verifies that each fingerprint asserts known identifiers."
31
- opts.separator ""
32
- opts.separator "Options"
33
-
34
- opts.on("-w", "--write") do
35
- options.write = true
36
- end
37
-
38
- opts.on("-h", "--help", "Show this message.") do
39
- puts opts
40
- exit
41
- end
42
- end
43
- option_parser.parse!(ARGV)
44
-
45
- if ARGV.empty?
46
- $stderr.puts 'Missing XML fingerprint files'
47
- puts option_parser
48
- exit(1)
49
- end
50
-
51
- # Load the unique identifiers
52
- vendors = load_identifiers(File.join(bdir, "vendor.txt"))
53
- fields = load_identifiers(File.join(bdir, "fields.txt"))
54
- os_arch = load_identifiers(File.join(bdir, "os_architecture.txt"))
55
- os_prod = load_identifiers(File.join(bdir, "os_product.txt"))
56
- os_family = load_identifiers(File.join(bdir, "os_family.txt"))
57
- os_device = load_identifiers(File.join(bdir, "os_device.txt"))
58
- hw_prod = load_identifiers(File.join(bdir, "hw_product.txt"))
59
- hw_family = load_identifiers(File.join(bdir, "hw_family.txt"))
60
- hw_device = load_identifiers(File.join(bdir, "hw_device.txt"))
61
- svc_prod = load_identifiers(File.join(bdir, "service_product.txt"))
62
- svc_family = load_identifiers(File.join(bdir, "service_family.txt"))
63
-
64
- missing_count = 0
65
-
66
- ARGV.each do |arg|
67
- Dir.glob(arg).each do |file|
68
- ndb = Recog::DB.new(file)
69
- ndb.fingerprints.each do |f|
70
- f.params.each do |k,v|
71
- paramIndex, val = v
72
- if ! fields[k]
73
- puts "FIELD MISSING: #{k}"
74
- missing_count += 1
75
- fields[k] = true
76
- end
77
- next if paramIndex != 0
78
- next if val.index("{") != nil
79
- next if val.strip == ""
80
- case k
81
- when "os.vendor", "service.vendor", "service.component.vendor", "hw.vendor"
82
- if ! vendors[val]
83
- puts "VENDOR MISSING: #{val}"
84
- missing_count += 1
85
- vendors[val] = true
86
- end
87
- when "os.arch"
88
- if ! os_arch[val]
89
- puts "OS ARCH MISSING: #{val}"
90
- missing_count += 1
91
- os_arch[val] = true
92
- end
93
- when "os.product"
94
- if ! os_prod[val]
95
- puts "OS PRODUCT MISSING: #{val}"
96
- missing_count += 1
97
- os_prod[val] = true
98
- end
99
- when "os.family"
100
- if ! os_family[val]
101
- puts "OS FAMILY MISSING: #{val}"
102
- missing_count += 1
103
- os_family[val] = true
104
- end
105
- when "os.device"
106
- if ! os_device[val]
107
- puts "OS DEVICE MISSING: #{val}"
108
- missing_count += 1
109
- os_device[val] = true
110
- end
111
- when "hw.product"
112
- if ! hw_prod[val]
113
- puts "HW PRODUCT MISSING: #{val}"
114
- missing_count += 1
115
- hw_prod[val] = true
116
- end
117
- when "hw.family"
118
- if ! hw_family[val]
119
- puts "HW FAMILY MISSING: #{val}"
120
- missing_count += 1
121
- hw_family[val] = true
122
- end
123
- when "hw.device"
124
- if ! hw_device[val]
125
- puts "HW DEVICE MISSING: #{val}"
126
- missing_count += 1
127
- hw_device[val] = true
128
- end
129
- when "service.product", "service.component.product"
130
- if ! svc_prod[val]
131
- puts "SERVICE PRODUCT MISSING: #{val}"
132
- missing_count += 1
133
- svc_prod[val] = true
134
- end
135
- when "service.family"
136
- if ! svc_family[val]
137
- puts "SERVICE FAMILY MISSING: #{val}"
138
- missing_count += 1
139
- svc_family[val] = true
140
- end
141
- end
142
- end
143
- end
144
- end
145
- end
146
-
147
- if options.write
148
- # Write back the unique identifiers
149
- write_identifiers(vendors, File.join(bdir, "vendor.txt"))
150
- write_identifiers(fields, File.join(bdir, "fields.txt"))
151
- write_identifiers(os_arch, File.join(bdir, "os_architecture.txt"))
152
- write_identifiers(os_prod, File.join(bdir, "os_product.txt"))
153
- write_identifiers(os_family, File.join(bdir, "os_family.txt"))
154
- write_identifiers(os_device, File.join(bdir, "os_device.txt"))
155
- write_identifiers(hw_prod, File.join(bdir, "hw_product.txt"))
156
- write_identifiers(hw_family, File.join(bdir, "hw_family.txt"))
157
- write_identifiers(hw_device, File.join(bdir, "hw_device.txt"))
158
- write_identifiers(svc_prod, File.join(bdir, "service_product.txt"))
159
- write_identifiers(svc_family, File.join(bdir, "service_family.txt"))
160
- end
161
-
162
- exit_code = (missing_count > 0 ? 1 : 0)
163
- exit(exit_code)
data/bin/recog_verify DELETED
@@ -1,63 +0,0 @@
1
- #!/usr/bin/env ruby
2
-
3
- $:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
4
- require 'optparse'
5
- require 'ostruct'
6
- require 'recog'
7
- require 'recog/verifier_factory'
8
-
9
- options = OpenStruct.new(color: false, detail: false, quiet: false, warnings: true)
10
-
11
- option_parser = OptionParser.new do |opts|
12
- opts.banner = "Usage: #{$0} [options] XML_FINGERPRINT_FILE1 ..."
13
- opts.separator "Verifies that each fingerprint passes its internal tests."
14
- opts.separator ""
15
- opts.separator "Options"
16
-
17
- opts.on("-f", "--format FORMATTER",
18
- "Choose a formatter.",
19
- " [s]ummary (default - failure/warning msgs and summary)",
20
- " [q]uiet (configured failure/warning msgs only)",
21
- " [d]etail (fingerprint name with tests and expanded summary)") do |format|
22
- if format.start_with? 'd'
23
- options.detail = true
24
- end
25
- if format.start_with? 'q'
26
- options.quiet = true
27
- end
28
- end
29
-
30
- opts.on("-c", "--color", "Enable color in the output.") do
31
- options.color = true
32
- end
33
-
34
- opts.on("--[no-]warnings", "Track warnings") do |o|
35
- options.warnings = o
36
- end
37
-
38
- opts.on("-h", "--help", "Show this message.") do
39
- puts opts
40
- exit
41
- end
42
- end
43
- option_parser.parse!(ARGV)
44
-
45
- if ARGV.empty?
46
- $stderr.puts 'Missing XML fingerprint files'
47
- puts option_parser
48
- exit(1)
49
- end
50
-
51
- warnings = 0
52
- failures = 0
53
- ARGV.each do |arg|
54
- Dir.glob(arg).each do |file|
55
- ndb = Recog::DB.new(file)
56
- verifier = Recog::VerifierFactory.build(options, ndb)
57
- verified = verifier.verify
58
- failures += verifier.reporter.failure_count
59
- warnings += verifier.reporter.warning_count
60
- end
61
- end
62
-
63
- exit failures + warnings
data/cpe-remap.yaml DELETED
@@ -1,356 +0,0 @@
1
- mappings:
2
- # The following section contains CPE application or 'a' remappings. These will
3
- # ONLY be used for mapping Recog 'service' attributes.
4
- a:
5
- akamai:
6
- products:
7
- ghost: akamaighost
8
- amazon:
9
- products:
10
- s3: amazon_simple_storage_service
11
- cloudfront_load_balancer: amazon_cloudfront
12
- apache:
13
- products:
14
- httpd: http_server
15
- aprelium_technologies:
16
- vendor: aprelium
17
- alt-n:
18
- vendor: altn
19
- aruba_networks:
20
- vendor: arubanetworks
21
- bea:
22
- products:
23
- weblogic: weblogic_server
24
- blue_coat:
25
- vendor: bluecoat
26
- carnegie_mellon_university:
27
- vendor: cmu
28
- products:
29
- cyrus_imap: cyrus_imap_server
30
- centos_webpanel:
31
- vendor: centos-webpanel
32
- check_point:
33
- vendor: checkpoint
34
- cherokee_project:
35
- vendor: cherokee-project
36
- cisco:
37
- products:
38
- apic: application_policy_infrastructure_controller
39
- cloudflare:
40
- products:
41
- cloudflare_load_balancer: load_balancing
42
- cpanel:
43
- products:
44
- cpanel_service_daemon: cpanel
45
- crushftp:
46
- products:
47
- crushftp_web_interface: crushftp
48
- cz.nic:
49
- vendor: knot-dns
50
- drupal:
51
- products:
52
- cms: drupal
53
- embedthis:
54
- products:
55
- goahead_webserver: goahead
56
- envoy_proxy:
57
- vendor: envoyproxy
58
- f5:
59
- products:
60
- big-ip: big-ip_local_traffic_manager
61
- big-ip_ltm: big-ip_local_traffic_manager
62
- fedora_project:
63
- vendor: fedoraproject
64
- google:
65
- products:
66
- google_web_services: web_server
67
- ibm:
68
- products:
69
- lotus_domino: lotus_domino_server
70
- ibm_domino: lotus_domino
71
- ignite_realtime:
72
- vendor: igniterealtime
73
- intel:
74
- products:
75
- intel(r)_active_management_technology: active_management_technology
76
- intel(r)_standard_manageability: standard_manageability
77
- jamf:
78
- products:
79
- jamf_pro: jamf
80
- kibana:
81
- vendor: elasticsearch
82
- kubernetes:
83
- products:
84
- nginx_ingress_controller: ingress-nginx
85
- kodi:
86
- products:
87
- media_server: kodi
88
- kong:
89
- vendor: konghq
90
- products:
91
- gateway: kong_gateway
92
- litespeed_technologies:
93
- vendor: litespeedtech
94
- lotus:
95
- vendor: ibm
96
- lynx_technology:
97
- vendor: lynxtechnology
98
- products:
99
- twonky_media_server: twonky_server
100
- mailenable:
101
- products:
102
- mail_server: mailenable
103
- manageengine:
104
- vendor: zohocorp
105
- products:
106
- adaudit_plus: manageengine_adaudit_plus
107
- desktop_central: manageengine_desktop_central
108
- opmanager: manageengine_opmanager
109
- microsoft:
110
- products:
111
- active_directory_controller: active_directory
112
- exchange_server_5.5: exchange_server
113
- exchange_2000_server: exchange_server
114
- exchange_2003_server: exchange_server
115
- exchange_2007_server: exchange_server
116
- lightweight_directory_server: active_directory_lightweight_directory_service
117
- pws: personal_web_server
118
- mod_ssl:
119
- vendor: modssl
120
- mod_wsgi:
121
- vendor: modwsgi
122
- # NIST took the vendor name from the website but apparently missed the `.in`
123
- # in moinmo.in was part of the name
124
- moinmoin:
125
- vendor: moinmo
126
- mort_bay:
127
- vendor: mortbay
128
- munin:
129
- vendor: munin-monitoring
130
- nlnet_labs:
131
- vendor: nlnetlabs
132
- products:
133
- dnsd: name_server_daemon
134
- net-snmp:
135
- products:
136
- snmp_agent: net-snmp
137
- owncloud:
138
- products:
139
- owncloud_server: owncloud
140
- parallels:
141
- products:
142
- plesk: parallels_plesk_panel
143
- phoenix_contact:
144
- vendor: phoenixcontact
145
- plesk:
146
- vendor: parallels
147
- proftpd_project:
148
- vendor: proftpd
149
- progress:
150
- products:
151
- openedge_explorer: openedge
152
- pulse_secure:
153
- vendor: pulsesecure
154
- realvnc_ltd.:
155
- vendor: realvnc
156
- red_hat:
157
- vendor: redhat
158
- products:
159
- cygwin_x_server_project: cygwin
160
- jboss_as: jboss_wildfly_application_server
161
- jboss_eap: jboss_enterprise_application_platform
162
- jbossweb: jboss_web_framework_kit
163
- red_hat_directory_server: directory_server
164
- rundeck:
165
- vendor: pagerduty
166
- serv-u:
167
- vendor: solarwinds
168
- squid_cache:
169
- vendor: squid-cache
170
- ssh_communications_security:
171
- vendor: ssh
172
- products:
173
- ssh_tectia_server: tectia_server
174
- standard_networks:
175
- vendor: ipswitch
176
- swagger:
177
- vendor: smartbear
178
- synology:
179
- products:
180
- dsm: diskstation_manager
181
- tightvnc:
182
- products:
183
- desktop: tightvnc
184
- tor_project:
185
- vendor: torproject
186
- traefik_labs:
187
- vendor: traefik
188
- products:
189
- traefik_proxy: traefik
190
- twistedmatrix:
191
- products:
192
- twisted_web: twistedweb
193
- ubiquiti:
194
- vendor: ui
195
- vandyke_software:
196
- vendor: vandyke
197
- vmware:
198
- products:
199
- zimbra: zimbra_desktop
200
- vcenter: vcenter_server
201
- x.org:
202
- products:
203
- x.org_x11: x11
204
-
205
- # The following section contains CPE operating system or 'o' remappings. These will
206
- # ONLY be used for mapping Recog 'os' attributes.
207
- o:
208
- alpine:
209
- vendor: alpinelinux
210
- products:
211
- linux: alpine_linux
212
- apple:
213
- products:
214
- ios: iphone_os
215
- mac_os: macos
216
- brocade:
217
- vendor: broadcom
218
- products:
219
- fabric_os: fabric_operating_system
220
- centos:
221
- products:
222
- linux: centos
223
- check_point:
224
- vendor: checkpoint
225
- cisco:
226
- products:
227
- adaptive_security_appliance: adaptive_security_appliance_software
228
- nam: network_analysis_module_software
229
- pix: pix_firewall_software
230
- telepresence: telepresence_video_communication_server_software
231
- vpn_3000_concentrator: vpn_3000_concentrator_series_software
232
- wireless_lan_controller: wireless_lan_controller_software
233
- citrix:
234
- products:
235
- netscaler: netscaler_firmware
236
- netscaler_gateway: netscaler_gateway_firmware
237
- cumulus:
238
- vendor: cumulusnetworks
239
- data_domain:
240
- vendor: dell
241
- products:
242
- dd_os: emc_data_domain_os
243
- debian:
244
- products:
245
- linux: debian_linux
246
- hp:
247
- products:
248
- ilo: integrated_lights-out_firmware
249
- ilo_firmware: integrated_lights-out_firmware
250
- ilo_2: integrated_lights-out_2_firmware
251
- ilo_3: integrated_lights-out_3_firmware
252
- ilo_4: integrated_lights-out_4_firmware
253
- ilo_5: integrated_lights-out_5_firmware
254
- tru64_unix: tru64
255
- ibm:
256
- products:
257
- os/400: os_400
258
- i5/os: i5os
259
- juniper:
260
- products:
261
- junos_os: junos
262
- linux:
263
- products:
264
- linux: linux_kernel
265
- microsoft:
266
- products:
267
- windows_server_2003_datacenter_edition: windows_server_2003
268
- windows_server_2003_r2: windows_server_2003
269
- windows_2008_r2: windows_server_2008
270
- windows_server_2008_datacenter_edition: windows_server_2008
271
- windows_server_2008_r2: windows_server_2008
272
- windows_server_2008_r2_datacenter_edition: windows_server_2008
273
- windows_server_2012_r2: windows_server_2012
274
- nt: windows_nt
275
- windows_nt_desktop: windows_nt
276
- windows_nt_server: windows_nt
277
- windows_server_2000: windows_2000
278
- windows_2000_server: windows_2000
279
- windows_2000_datacenter_server: windows_2000
280
- oracle:
281
- products:
282
- ilom: integrated_lights_out_manager_firmware
283
- palo_alto_networks:
284
- vendor: paloaltonetworks
285
- phoenix_contact:
286
- vendor: phoenixcontact
287
- red_hat:
288
- vendor: redhat
289
- products:
290
- fedora_core_linux: fedora_core
291
- software_house:
292
- vendor: swhouse
293
- sun:
294
- products:
295
- solaris: sunos
296
- ubiquiti:
297
- vendor: ui
298
- ubuntu:
299
- vendor: canonical
300
- products:
301
- linux: ubuntu_linux
302
- vmware:
303
- products:
304
- photon_linux: photon_os
305
- vmware_esx_server: esx
306
- vmware_esxi_server: esxi
307
- wind_river:
308
- vendor: windriver
309
-
310
- # The following section contains CPE hardware or 'h' remappings. These will
311
- # ONLY be used for mapping Recog 'hw' attributes.
312
- h:
313
- apple:
314
- products:
315
- imac_(retina_4k_21.5-inch_2019): imac
316
- imac_(retina_5k_27-inch_2017): imac
317
- imac_(retina_5k_27-inch_2019): imac
318
- imac_(retina_5k_27-inch_2020): imac
319
- macbook_air_(13-inch_2017): macbook_air
320
- macbook_air_(m1_2020): macbook_air
321
- macbook_air_(retina_13-inch_2018): macbook_air
322
- macbook_air_(retina_13-inch_2019): macbook_air
323
- macbook_air_(retina_13-inch_2020): macbook_air
324
- macbook_pro_(13-inch_2018_four_thunderbolt_3_ports): macbook_pro
325
- macbook_pro_(13-inch_2019_two_thunderbolt_3_ports): macbook_pro
326
- macbook_pro_(13-inch_2020): macbook_pro
327
- macbook_pro_(13-inch_m1_2020): macbook_pro
328
- macbook_pro_(15-inch_2018): macbook_pro
329
- macbook_pro_(15-inch_2019): macbook_pro
330
- macbook_pro_(16-inch_2019): macbook_pro
331
- macbook_pro_(retina_13-inch_early_2015): macbook_pro
332
- macbook_pro_(retina_15-inch_mid_2015): macbook_pro
333
- cisco:
334
- products:
335
- nam: network_analysis_module
336
- citrix:
337
- products:
338
- netscaler_sdx_gateway: netscaler_sdx
339
- emc:
340
- products:
341
- celerra: celerra_network_attached_storage
342
- hp:
343
- products:
344
- ilo: integrated_lights-out
345
- kace:
346
- vendor: dell
347
- products:
348
- k1000: kace_k1000_systems_management_appliance
349
- phoenix_contact:
350
- vendor: phoenixcontact
351
- software_house:
352
- vendor: swhouse
353
- tandberg:
354
- vendor: cisco
355
- ubiquiti:
356
- vendor: ui
@@ -1,20 +0,0 @@
1
- <?xml version="1.0"?>
2
- <fingerprints>
3
- <fingerprint pattern="^=\(.\*.\)=-\.:\. \(\( Welcome to PureFTPd (\d+\..+) \)\) \.:\.-=\(.\*.\)=-$">
4
- <example>=(&lt;*&gt;)=-.:. (( Welcome to PureFTPd 1.1.0 )) .:.-=(&lt;*&gt;)=-</example>
5
- <description>Older Pure-FTPd versions</description>
6
- <param pos="0" name="service.family" value="Pure-FTPd"/>
7
- <param pos="0" name="service.product" value="Pure-FTPd"/>
8
- <param pos="1" name="service.version"/>
9
- </fingerprint>
10
- <fingerprint pattern="^(\S+) FTP Server \(Solaris (\S+)\) ready\.?$" flags="REG_ICASE">
11
- <description>SunOS/Solaris</description>
12
- <example>example.com FTP server (Solaris 5.7) ready.</example>
13
- <param pos="0" name="os.vendor" value="Sun"/>
14
- <param pos="0" name="os.family" value="Solaris"/>
15
- <param pos="0" name="os.product" value="Solaris"/>
16
- <param pos="0" name="os.device" value="General"/>
17
- <param pos="1" name="host.name"/>
18
- <param pos="2" name="os.version"/>
19
- </fingerprint>
20
- </fingerprints>
@@ -1,23 +0,0 @@
1
- <?xml version="1.0"?>
2
- <fingerprints protocol="ftp" database_type="service">
3
- <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
4
- <example>---------- Welcome to Pure-FTPd ----------</example>
5
- <description>Pure-FTPd
6
- Config data can be zero or more of: [privsep] [TLS]
7
- </description>
8
- <param pos="1" name="pureftpd.config"/>
9
- <param pos="0" name="service.family" value="Pure-FTPd"/>
10
- <param pos="0" name="service.product" value="Pure-FTPd"/>
11
- <param pos="0" name="service.protocol" value="ftp"/>
12
- </fingerprint>
13
- <fingerprint pattern="^(\S+) FTP Server \(SunOS (\S+)\) ready\.?$" flags="REG_ICASE">
14
- <description>SunOS/Solaris</description>
15
- <example>example.com FTP server (SunOS 5.7) ready.</example>
16
- <param pos="0" name="os.vendor" value="Sun"/>
17
- <param pos="0" name="os.family" value="Solaris"/>
18
- <param pos="0" name="os.product" value="Solaris"/>
19
- <param pos="0" name="os.device" value="General"/>
20
- <param pos="1" name="host.name"/>
21
- <param pos="2" name="os.version"/>
22
- </fingerprint>
23
- </fingerprints>
@@ -1,32 +0,0 @@
1
- <?xml version="1.0"?>
2
- <fingerprints>
3
- <fingerprint pattern="FTP">
4
- <example>---- FTP Stuff ----</example>
5
- <example>FTP server</example>
6
- <description>Generic FTP,
7
- Checks for the existence of the word FTP in the line
8
- </description>
9
- <!-- Asserting nothing -->
10
- </fingerprint>
11
- <fingerprint pattern="^-{10} Welcome to Pure-FTPd (.*)-{10}$">
12
- <example>---------- Welcome to Pure-FTPd ----------</example>
13
- <description>Pure-FTPd
14
- Config data can be zero or more of: [privsep] [TLS]
15
- </description>
16
- <param pos="1" name="pureftpd.config"/>
17
- <param pos="0" name="service.family" value="Pure-FTPd"/>
18
- <param pos="0" name="service.product" value="Pure-FTPd"/>
19
- <param pos="0" name="service.protocol" value="ftp"/>
20
- </fingerprint>
21
- <fingerprint pattern="^(\S+) FTP Server \(SunOS (\S+)\) ready\.?$" flags="REG_ICASE">
22
- <description>SunOS/Solaris</description>
23
- <example>example.com FTP server (SunOS 5.7) ready.</example>
24
- <param pos="0" name="service.protocol" value="ftp"/>
25
- <param pos="0" name="os.vendor" value="Sun"/>
26
- <param pos="0" name="os.family" value="Solaris"/>
27
- <param pos="0" name="os.product" value="Solaris"/>
28
- <param pos="0" name="os.device" value="General"/>
29
- <param pos="1" name="host.name"/>
30
- <param pos="2" name="os.version"/>
31
- </fingerprint>
32
- </fingerprints>
@@ -1,3 +0,0 @@
1
- <?xml version="1.0"?>
2
- <fingerprints>
3
- </fingerprints>
@@ -1,2 +0,0 @@
1
- ---------- Welcome to Pure-FTPd [privsep] [TLS] ----------
2
- polaris FTP server (SunOS 5.8) ready.
@@ -1,18 +0,0 @@
1
- <?xml version="1.0"?>
2
- <fingerprints>
3
- <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
4
- <description>Cisco SIPGateway</description>
5
- <example os.version="12.x">Cisco-SIPGateway/IOS-12.x</example>
6
- <param pos="0" name="os.vendor" value="Cisco"/>
7
- <param pos="0" name="os.product" value="IOS"/>
8
- <param pos="1" name="os.version"/>
9
- </fingerprint>
10
- <fingerprint pattern="^bar ([\d.]+)$">
11
- <description>bar test</description>
12
- <example os.version="1.0" >bar 1.0</example>
13
- <example os.version="2.0" >bar 2.0</example>
14
- <example os.version="2.1" >bar 2.1</example>
15
- <param pos="1" name="os.version" />
16
- <param pos="0" name="os.name" value="Bar" />
17
- </fingerprint>
18
- </fingerprints>