recog 2.3.22 → 3.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +2 -0
- data/LICENSE +1 -1
- data/README.md +25 -16
- data/Rakefile +2 -9
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/fingerprint.rb +21 -7
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/match_reporter.rb +37 -3
- data/lib/recog/matcher.rb +5 -10
- data/lib/recog/verifier.rb +4 -4
- data/lib/recog/verify_reporter.rb +7 -6
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +20 -7
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +61 -19
- data/{xml → recog/xml}/architecture.xml +15 -1
- data/{xml → recog/xml}/dhcp_vendor_class.xml +10 -10
- data/{xml → recog/xml}/dns_versionbind.xml +16 -13
- data/{xml → recog/xml}/favicons.xml +167 -9
- data/{xml → recog/xml}/fingerprints.xsd +9 -1
- data/{xml → recog/xml}/ftp_banners.xml +131 -141
- data/{xml → recog/xml}/h323_callresp.xml +2 -2
- data/{xml → recog/xml}/hp_pjl_id.xml +81 -81
- data/{xml → recog/xml}/html_title.xml +250 -9
- data/{xml → recog/xml}/http_cookies.xml +111 -34
- data/{xml → recog/xml}/http_servers.xml +483 -270
- data/{xml → recog/xml}/http_wwwauth.xml +83 -37
- data/{xml → recog/xml}/imap_banners.xml +10 -10
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +0 -0
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +8 -5
- data/{xml → recog/xml}/ntp_banners.xml +33 -33
- data/{xml → recog/xml}/operating_system.xml +92 -77
- data/{xml → recog/xml}/pop_banners.xml +25 -25
- data/{xml → recog/xml}/rsh_resp.xml +0 -0
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +16 -5
- data/{xml → recog/xml}/sip_user_agents.xml +122 -27
- data/{xml → recog/xml}/smb_native_lm.xml +5 -5
- data/{xml → recog/xml}/smb_native_os.xml +25 -25
- data/{xml → recog/xml}/smtp_banners.xml +132 -131
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +1 -1
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +0 -0
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +1248 -1233
- data/{xml → recog/xml}/snmp_sysobjid.xml +13 -2
- data/{xml → recog/xml}/ssh_banners.xml +9 -5
- data/{xml → recog/xml}/telnet_banners.xml +83 -1
- data/{xml → recog/xml}/tls_jarm.xml +30 -2
- data/{xml → recog/xml}/x11_banners.xml +3 -3
- data/{xml → recog/xml}/x509_issuers.xml +24 -4
- data/{xml → recog/xml}/x509_subjects.xml +32 -3
- data/recog.gemspec +9 -5
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/match_reporter_spec.rb +22 -8
- data/spec/lib/recog/verify_reporter_spec.rb +8 -8
- data/spec/spec_helper.rb +4 -0
- data.tar.gz.sig +0 -0
- metadata +154 -142
- metadata.gz.sig +0 -0
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/dependabot.yml +0 -8
- data/.github/workflows/ci.yml +0 -26
- data/.github/workflows/verify.yml +0 -89
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/CONTRIBUTING.md +0 -276
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -163
- data/bin/recog_verify +0 -63
- data/cpe-remap.yaml +0 -356
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -20
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/verify.feature +0 -48
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -105
- data/identifiers/hw_device.txt +0 -84
- data/identifiers/hw_family.txt +0 -121
- data/identifiers/hw_product.txt +0 -461
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -75
- data/identifiers/os_family.txt +0 -234
- data/identifiers/os_product.txt +0 -350
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -764
- data/identifiers/vendor.txt +0 -847
- data/lib/recog/verifier_factory.rb +0 -13
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -175
- data/tools/dev/hooks/pre-commit +0 -21
- data/update_cpes.py +0 -250
@@ -8,6 +8,7 @@
|
|
8
8
|
|
9
9
|
<fingerprint pattern="\(iSeries\)">
|
10
10
|
<description>IBM i5/OS iSeries (OS/400)</description>
|
11
|
+
<example>Apache/2.0.52 (iSeries)</example>
|
11
12
|
<param pos="0" name="os.vendor" value="IBM"/>
|
12
13
|
<param pos="0" name="os.family" value="OS/400"/>
|
13
14
|
<param pos="0" name="os.product" value="OS/400"/>
|
@@ -16,6 +17,7 @@
|
|
16
17
|
|
17
18
|
<fingerprint pattern="\(Mandrake Linux/\d+\.\d+\.92mdk\)">
|
18
19
|
<description>Mandriva (formerly Mandrake) Linux 9.2</description>
|
20
|
+
<example>Apache-AdvancedExtranetServer/2.0.47 (Mandrake Linux/6.3.92mdk) mod_ssl/2.0.47 OpenSSL/0.9.7b PHP/4.3.2</example>
|
19
21
|
<param pos="0" name="os.certainty" value="0.9"/>
|
20
22
|
<param pos="0" name="os.vendor" value="Mandriva"/>
|
21
23
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -26,6 +28,7 @@
|
|
26
28
|
|
27
29
|
<fingerprint pattern="\(Mandrake Linux/\d+\.\d+\.100mdk\)">
|
28
30
|
<description>Mandriva (formerly Mandrake) Linux 10.0</description>
|
31
|
+
<example>Apache-AdvancedExtranetServer/2.0.48 (Mandrake Linux/6.11.100mdk)</example>
|
29
32
|
<param pos="0" name="os.certainty" value="0.9"/>
|
30
33
|
<param pos="0" name="os.vendor" value="Mandriva"/>
|
31
34
|
<param pos="0" name="os.family" value="Linux"/>
|
@@ -36,6 +39,7 @@
|
|
36
39
|
|
37
40
|
<fingerprint pattern="\((?:Mandrake|Mandriva) Linux/">
|
38
41
|
<description>Mandriva (formerly Mandrake) Linux unknown version</description>
|
42
|
+
<example>Apache-AdvancedExtranetServer/2.0.44 (Mandrake Linux/11mdk) mod_perl/1.99_08 Perl/v5.8.0 mod_ssl/2.0.44 OpenSSL/0.9.7a PHP/4.3.1 mod_jk2/2.0.0</example>
|
39
43
|
<param pos="0" name="os.vendor" value="Mandriva"/>
|
40
44
|
<param pos="0" name="os.family" value="Linux"/>
|
41
45
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -44,6 +48,7 @@
|
|
44
48
|
|
45
49
|
<fingerprint pattern="\(Mandrakelinux/">
|
46
50
|
<description>Mandriva (formerly Mandrake) Linux unknown version - variant 2</description>
|
51
|
+
<example>Apache-AdvancedExtranetServer/2.0.53 (Mandrakelinux/PREFORK-9mdk) mod_ssl/2.0.53 OpenSSL/0.9.7e PHP/4.3.10 mod_perl/1.999.21 Perl/v5.8.6</example>
|
47
52
|
<param pos="0" name="os.vendor" value="Mandriva"/>
|
48
53
|
<param pos="0" name="os.family" value="Linux"/>
|
49
54
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -52,6 +57,7 @@
|
|
52
57
|
|
53
58
|
<fingerprint pattern="\(PalmOS\)">
|
54
59
|
<description>PalmOS</description>
|
60
|
+
<example>Apache/1.2.42 (PalmOS)</example>
|
55
61
|
<param pos="0" name="os.vendor" value="Palm"/>
|
56
62
|
<param pos="0" name="os.family" value="PalmOS"/>
|
57
63
|
<param pos="0" name="os.product" value="PalmOS"/>
|
@@ -59,6 +65,7 @@
|
|
59
65
|
|
60
66
|
<fingerprint pattern="\(Win32\)">
|
61
67
|
<description>Microsoft Windows</description>
|
68
|
+
<example>Apache/2.2.25 (Win32)</example>
|
62
69
|
<param pos="0" name="os.certainty" value="0.75"/>
|
63
70
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
64
71
|
<param pos="0" name="os.family" value="Windows"/>
|
@@ -68,6 +75,7 @@
|
|
68
75
|
|
69
76
|
<fingerprint pattern="\(Darwin\)">
|
70
77
|
<description>Apple Mac OS X</description>
|
78
|
+
<example>Apache/1.3.33 (Darwin)</example>
|
71
79
|
<param pos="0" name="os.vendor" value="Apple"/>
|
72
80
|
<param pos="0" name="os.family" value="Mac OS X"/>
|
73
81
|
<param pos="0" name="os.product" value="Mac OS X"/>
|
@@ -76,6 +84,7 @@
|
|
76
84
|
|
77
85
|
<fingerprint pattern="\(Ubuntu\)">
|
78
86
|
<description>Ubuntu</description>
|
87
|
+
<example>Apache (Ubuntu)</example>
|
79
88
|
<param pos="0" name="os.vendor" value="Ubuntu"/>
|
80
89
|
<param pos="0" name="os.family" value="Linux"/>
|
81
90
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -84,6 +93,7 @@
|
|
84
93
|
|
85
94
|
<fingerprint pattern=".{0,512}(?:Sun )?Cobalt \(Unix\)?">
|
86
95
|
<description>Sun Cobalt RaQ (Red Hat based Linux)</description>
|
96
|
+
<example>Apache/1.3.3 Cobalt (Unix) (Red Hat/Linux)</example>
|
87
97
|
<param pos="0" name="os.vendor" value="Sun"/>
|
88
98
|
<param pos="0" name="os.family" value="Linux"/>
|
89
99
|
<param pos="0" name="os.product" value="Cobalt RaQ"/>
|
@@ -91,6 +101,7 @@
|
|
91
101
|
|
92
102
|
<fingerprint pattern="\(BlueQuartz\)">
|
93
103
|
<description>Blue Quartz is created by a Cobalt RaQ UG</description>
|
104
|
+
<example>Apache/2.0.52 (BlueQuartz)</example>
|
94
105
|
<param pos="0" name="os.vendor" value="Sun"/>
|
95
106
|
<param pos="0" name="os.family" value="Linux"/>
|
96
107
|
<param pos="0" name="os.product" value="Cobalt RaQ"/>
|
@@ -98,59 +109,66 @@
|
|
98
109
|
|
99
110
|
<fingerprint pattern="^Apache\/2\.2\.11.*\(Fedora\)">
|
100
111
|
<description>Red Hat Fedora 11</description>
|
101
|
-
<
|
112
|
+
<example>Apache/2.2.11 (Fedora)</example>
|
113
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
102
114
|
<param pos="0" name="os.family" value="Linux"/>
|
103
|
-
<param pos="0" name="os.product" value="Fedora Core
|
115
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
104
116
|
<param pos="0" name="os.version" value="11"/>
|
105
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
117
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:11"/>
|
106
118
|
</fingerprint>
|
107
119
|
|
108
120
|
<fingerprint pattern="^Apache\/2\.2\.15.*\(Fedora\)">
|
109
121
|
<description>Red Hat Fedora 13</description>
|
110
|
-
<
|
122
|
+
<example>Apache/2.2.15 (Fedora)</example>
|
123
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
111
124
|
<param pos="0" name="os.family" value="Linux"/>
|
112
|
-
<param pos="0" name="os.product" value="Fedora Core
|
125
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
113
126
|
<param pos="0" name="os.version" value="13"/>
|
114
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
127
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:13"/>
|
115
128
|
</fingerprint>
|
116
129
|
|
117
130
|
<fingerprint pattern="^Apache\/2\.2\.16.*\(Fedora\)">
|
118
131
|
<description>Red Hat Fedora 14</description>
|
119
|
-
<
|
132
|
+
<example>Apache/2.2.16 (Fedora)</example>
|
133
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
120
134
|
<param pos="0" name="os.family" value="Linux"/>
|
121
|
-
<param pos="0" name="os.product" value="Fedora Core
|
135
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
122
136
|
<param pos="0" name="os.version" value="14"/>
|
123
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
137
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:14"/>
|
124
138
|
</fingerprint>
|
125
139
|
|
126
140
|
<fingerprint pattern="^Apache\/2\.2\.23.*\(Fedora\)">
|
127
141
|
<description>Red Hat Fedora 17</description>
|
128
|
-
<
|
142
|
+
<example>Apache/2.2.23 (Fedora)</example>
|
143
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
129
144
|
<param pos="0" name="os.family" value="Linux"/>
|
130
|
-
<param pos="0" name="os.product" value="Fedora Core
|
145
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
131
146
|
<param pos="0" name="os.version" value="17"/>
|
132
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
147
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:17"/>
|
133
148
|
</fingerprint>
|
134
149
|
|
135
150
|
<fingerprint pattern="^Apache\/2\.4\.3.*\(Fedora\)">
|
136
151
|
<description>Red Hat Fedora 18</description>
|
137
|
-
<
|
152
|
+
<example>Apache/2.4.3 (Fedora) PHP/5.4.12</example>
|
153
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
138
154
|
<param pos="0" name="os.family" value="Linux"/>
|
139
|
-
<param pos="0" name="os.product" value="Fedora Core
|
155
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
140
156
|
<param pos="0" name="os.version" value="18"/>
|
141
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
157
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:18"/>
|
142
158
|
</fingerprint>
|
143
159
|
|
144
160
|
<fingerprint pattern="\(Fedora\)">
|
145
161
|
<description>Red Hat Fedora</description>
|
146
|
-
<
|
162
|
+
<example>Apache (Fedora)</example>
|
163
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
147
164
|
<param pos="0" name="os.family" value="Linux"/>
|
148
|
-
<param pos="0" name="os.product" value="Fedora Core
|
149
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
165
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
166
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:-"/>
|
150
167
|
</fingerprint>
|
151
168
|
|
152
169
|
<fingerprint pattern="\(RHEL\)">
|
153
170
|
<description>Red Hat Enterprise Linux</description>
|
171
|
+
<example>Apache/2.0.53 (RHEL)</example>
|
154
172
|
<param pos="0" name="os.vendor" value="Red Hat"/>
|
155
173
|
<param pos="0" name="os.family" value="Linux"/>
|
156
174
|
<param pos="0" name="os.product" value="Enterprise Linux"/>
|
@@ -159,6 +177,8 @@
|
|
159
177
|
|
160
178
|
<fingerprint pattern="\(Red[ -]Hat(?:[/ ]Linux)?\)">
|
161
179
|
<description>Red Hat Linux</description>
|
180
|
+
<example>Apache (Red Hat Linux)</example>
|
181
|
+
<example>Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12 OpenSSL/0.9.6b PHP/4.3.11</example>
|
162
182
|
<param pos="0" name="os.vendor" value="Red Hat"/>
|
163
183
|
<param pos="0" name="os.family" value="Linux"/>
|
164
184
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -176,6 +196,8 @@
|
|
176
196
|
|
177
197
|
<fingerprint pattern="Debian(?:[/ ]GNU)?(?:/Linux)?">
|
178
198
|
<description>Debian Linux</description>
|
199
|
+
<example>Debian GNU/Linux</example>
|
200
|
+
<example>Apache/1.3.26 (Unix) Debian GNU/Linux</example>
|
179
201
|
<param pos="0" name="os.vendor" value="Debian"/>
|
180
202
|
<param pos="0" name="os.family" value="Linux"/>
|
181
203
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -184,6 +206,8 @@
|
|
184
206
|
|
185
207
|
<fingerprint pattern="\((?:Linux/)?S[uU]SE(?:/Linux)?\)">
|
186
208
|
<description>Novell SuSE Linux</description>
|
209
|
+
<example>Apache (SuSE/Linux)</example>
|
210
|
+
<example>Apache/2.2.12 (Linux/SUSE)</example>
|
187
211
|
<param pos="0" name="os.vendor" value="SuSE"/>
|
188
212
|
<param pos="0" name="os.family" value="Linux"/>
|
189
213
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -192,6 +216,7 @@
|
|
192
216
|
|
193
217
|
<fingerprint pattern="\(NETWARE\)">
|
194
218
|
<description>Novell NetWare</description>
|
219
|
+
<example>Apache/2.0.64 (NETWARE)</example>
|
195
220
|
<param pos="0" name="os.vendor" value="Novell"/>
|
196
221
|
<param pos="0" name="os.family" value="NetWare"/>
|
197
222
|
<param pos="0" name="os.product" value="NetWare"/>
|
@@ -200,6 +225,7 @@
|
|
200
225
|
|
201
226
|
<fingerprint pattern="HP-UX_Apache-based_Web_Server">
|
202
227
|
<description>HP HP-UX</description>
|
228
|
+
<example>Apache/2.0.58 HP-UX_Apache-based_Web_Server</example>
|
203
229
|
<param pos="0" name="os.vendor" value="HP"/>
|
204
230
|
<param pos="0" name="os.family" value="HP-UX"/>
|
205
231
|
<param pos="0" name="os.product" value="HP-UX"/>
|
@@ -208,6 +234,7 @@
|
|
208
234
|
|
209
235
|
<fingerprint pattern="\(CentOS\)">
|
210
236
|
<description>CentOS Linux</description>
|
237
|
+
<example>Apache/2.2.15 (CentOS)</example>
|
211
238
|
<param pos="0" name="os.vendor" value="CentOS"/>
|
212
239
|
<param pos="0" name="os.family" value="Linux"/>
|
213
240
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -216,6 +243,7 @@
|
|
216
243
|
|
217
244
|
<fingerprint pattern="\(Turbolinux\)">
|
218
245
|
<description>Turbolinux</description>
|
246
|
+
<example>Apache/2.2.6 (Turbolinux)</example>
|
219
247
|
<param pos="0" name="os.vendor" value="Turbolinux"/>
|
220
248
|
<param pos="0" name="os.family" value="Linux"/>
|
221
249
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -223,6 +251,7 @@
|
|
223
251
|
|
224
252
|
<fingerprint pattern="\(FreeBSD\)">
|
225
253
|
<description>FreeBSD</description>
|
254
|
+
<example>Apache/2.4.51 (FreeBSD) OpenSSL/1.1.1h-freebsd</example>
|
226
255
|
<param pos="0" name="os.vendor" value="FreeBSD"/>
|
227
256
|
<param pos="0" name="os.family" value="FreeBSD"/>
|
228
257
|
<param pos="0" name="os.product" value="FreeBSD"/>
|
@@ -231,6 +260,7 @@
|
|
231
260
|
|
232
261
|
<fingerprint pattern="\(Asianux\)">
|
233
262
|
<description>Asianux Linux</description>
|
263
|
+
<example>Apache/2.2.15 (Asianux)</example>
|
234
264
|
<param pos="0" name="os.vendor" value="Asianux"/>
|
235
265
|
<param pos="0" name="os.family" value="Linux"/>
|
236
266
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -238,6 +268,7 @@
|
|
238
268
|
|
239
269
|
<fingerprint pattern="\(Gentoo(?:/Linux)?\)">
|
240
270
|
<description>Gentoo Linux</description>
|
271
|
+
<example>Apache/2.2.6 (Gentoo) DAV/2 mod_python/3.3.1</example>
|
241
272
|
<param pos="0" name="os.vendor" value="Gentoo"/>
|
242
273
|
<param pos="0" name="os.family" value="Linux"/>
|
243
274
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -246,6 +277,7 @@
|
|
246
277
|
|
247
278
|
<fingerprint pattern="\(Conectiva(?:/Linux)?\)">
|
248
279
|
<description>Conectiva Linux</description>
|
280
|
+
<example>Apache/1.3.33 (Unix) (Conectiva/Linux)</example>
|
249
281
|
<param pos="0" name="os.vendor" value="Conectiva"/>
|
250
282
|
<param pos="0" name="os.family" value="Linux"/>
|
251
283
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -254,6 +286,7 @@
|
|
254
286
|
|
255
287
|
<fingerprint pattern="\(Trustix Secure Linux(?:/Linux)?\)">
|
256
288
|
<description>Trustix Linux</description>
|
289
|
+
<example>Apache/2.0.55 (Trustix Secure Linux/Linux)</example>
|
257
290
|
<param pos="0" name="os.vendor" value="Trustix"/>
|
258
291
|
<param pos="0" name="os.family" value="Linux"/>
|
259
292
|
<param pos="0" name="os.product" value="Secure Linux"/>
|
@@ -262,6 +295,7 @@
|
|
262
295
|
|
263
296
|
<fingerprint pattern="\(White Box\)">
|
264
297
|
<description>White Box Enterprise Linux</description>
|
298
|
+
<example>Apache/2.0.46 (White Box)</example>
|
265
299
|
<param pos="0" name="os.vendor" value="White Box"/>
|
266
300
|
<param pos="0" name="os.family" value="Linux"/>
|
267
301
|
<param pos="0" name="os.product" value="Enterprise Linux"/>
|
@@ -269,6 +303,7 @@
|
|
269
303
|
|
270
304
|
<fingerprint pattern="\(UnitedLinux\)">
|
271
305
|
<description>UnitedLinux</description>
|
306
|
+
<example>Apache/1.3.26 (UnitedLinux) mod_ssl/2.8.10</example>
|
272
307
|
<param pos="0" name="os.vendor" value="UnitedLinux"/>
|
273
308
|
<param pos="0" name="os.family" value="Linux"/>
|
274
309
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -276,6 +311,7 @@
|
|
276
311
|
|
277
312
|
<fingerprint pattern="\(PLD/Linux\)">
|
278
313
|
<description>PLD Linux</description>
|
314
|
+
<example>Apache/1.3.42 (PLD/Linux)</example>
|
279
315
|
<param pos="0" name="os.vendor" value="PLD"/>
|
280
316
|
<param pos="0" name="os.family" value="Linux"/>
|
281
317
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -283,6 +319,7 @@
|
|
283
319
|
|
284
320
|
<fingerprint pattern="\(Vine/Linux\)">
|
285
321
|
<description>Vine Linux</description>
|
322
|
+
<example>Apache/1.3.27 (Unix) (Vine/Linux)</example>
|
286
323
|
<param pos="0" name="os.vendor" value="Vine"/>
|
287
324
|
<param pos="0" name="os.family" value="Linux"/>
|
288
325
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -290,13 +327,17 @@
|
|
290
327
|
|
291
328
|
<fingerprint pattern="\(rPath\)">
|
292
329
|
<description>rPath Linux</description>
|
330
|
+
<example>Apache/2.2.9 (rPath)</example>
|
293
331
|
<param pos="0" name="os.vendor" value="rPath"/>
|
294
332
|
<param pos="0" name="os.family" value="Linux"/>
|
295
333
|
<param pos="0" name="os.product" value="Linux"/>
|
296
334
|
</fingerprint>
|
297
335
|
|
298
|
-
<fingerprint pattern="\(StartCom Linux
|
336
|
+
<fingerprint pattern="\(StartCom(?: Linux)?\)">
|
299
337
|
<description>StartCom Linux</description>
|
338
|
+
<example>Apache/2.2.3 (StartCom)</example>
|
339
|
+
<example>Apache/2.2.3 (StartCom) (Release 31.SEL5_4)</example>
|
340
|
+
<example>Apache/2.2.0 (StartCom Linux)</example>
|
300
341
|
<param pos="0" name="os.vendor" value="StartCom"/>
|
301
342
|
<param pos="0" name="os.family" value="Linux"/>
|
302
343
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -304,6 +345,7 @@
|
|
304
345
|
|
305
346
|
<fingerprint pattern="Linux">
|
306
347
|
<description>Generic Linux fallback</description>
|
348
|
+
<example>Apache/Linux</example>
|
307
349
|
<param pos="0" name="os.certainty" value="0.75"/>
|
308
350
|
<param pos="0" name="os.family" value="Linux"/>
|
309
351
|
<param pos="0" name="os.product" value="Linux"/>
|
@@ -16,28 +16,42 @@
|
|
16
16
|
<param pos="0" name="os.arch" value="x86"/>
|
17
17
|
</fingerprint>
|
18
18
|
|
19
|
-
<fingerprint pattern="PowerPC|PPC|POWER
|
19
|
+
<fingerprint pattern="PowerPC|PPC|POWER" flags="REG_ICASE">
|
20
20
|
<description>PowerPC</description>
|
21
|
+
<example>PowerPC</example>
|
22
|
+
<example>PPC</example>
|
23
|
+
<example>POWER</example>
|
24
|
+
<example>ppc</example>
|
21
25
|
<param pos="0" name="os.arch" value="PowerPC"/>
|
22
26
|
</fingerprint>
|
23
27
|
|
24
28
|
<fingerprint pattern="SPARC" flags="REG_ICASE">
|
25
29
|
<description>SPARC</description>
|
30
|
+
<example>SPARC</example>
|
31
|
+
<example>sparc</example>
|
26
32
|
<param pos="0" name="os.arch" value="Sparc"/>
|
27
33
|
</fingerprint>
|
28
34
|
|
29
35
|
<fingerprint pattern="mips" flags="REG_ICASE">
|
30
36
|
<description>MIPS</description>
|
37
|
+
<example>MIPS</example>
|
38
|
+
<example>mips</example>
|
31
39
|
<param pos="0" name="os.arch" value="MIPS"/>
|
32
40
|
</fingerprint>
|
33
41
|
|
34
42
|
<fingerprint pattern="arm64|aarch64" flags="REG_ICASE">
|
35
43
|
<description>ARM64 (aarch64)</description>
|
44
|
+
<example>arm64</example>
|
45
|
+
<example>ARM64</example>
|
46
|
+
<example>aarch64</example>
|
47
|
+
<example>AARCH64</example>
|
36
48
|
<param pos="0" name="os.arch" value="ARM64"/>
|
37
49
|
</fingerprint>
|
38
50
|
|
39
51
|
<fingerprint pattern="arm" flags="REG_ICASE">
|
40
52
|
<description>ARM</description>
|
53
|
+
<example>arm</example>
|
54
|
+
<example>ARM</example>
|
41
55
|
<param pos="0" name="os.arch" value="ARM"/>
|
42
56
|
</fingerprint>
|
43
57
|
|
@@ -48,7 +48,7 @@
|
|
48
48
|
<example hw.family="OfficeJet">Hewlett-Packard OfficeJet</example>
|
49
49
|
<example hw.family="LaserJet">HP LaserJet</example>
|
50
50
|
<example hw.family="Printer">HP Printer</example>
|
51
|
-
<example>Hewlett-Packard JetDirect</example>
|
51
|
+
<example hw.family="JetDirect">Hewlett-Packard JetDirect</example>
|
52
52
|
<param pos="0" name="hw.device" value="Printer"/>
|
53
53
|
<param pos="0" name="hw.vendor" value="HP"/>
|
54
54
|
<param pos="1" name="hw.family"/>
|
@@ -108,16 +108,16 @@
|
|
108
108
|
|
109
109
|
<fingerprint pattern="^Aruba\s(JL\d+A)\s(\d+[A-Z]?)\S+\sSwitch(?:\sdslforum.org)?$">
|
110
110
|
<description>HP Aruba Network Switch</description>
|
111
|
-
<example hw.
|
112
|
-
<example hw.
|
113
|
-
<example hw.
|
114
|
-
<example hw.
|
115
|
-
<example hw.
|
116
|
-
<param pos="0" name="hw.device" value="Switch"/>
|
117
|
-
<param pos="0" name="hw.vendor" value="Aruba Networks"/>
|
118
|
-
<param pos="1" name="hw.product"/>
|
119
|
-
<param pos="2" name="hw.family"/>
|
111
|
+
<example hw.model="JL075A" hw.product="3810M">Aruba JL075A 3810M-16SFP+-2-slot Switch</example>
|
112
|
+
<example hw.model="JL253A" hw.product="2930F">Aruba JL253A 2930F-24G-4SFP+ Switch dslforum.org</example>
|
113
|
+
<example hw.model="JL256A" hw.product="2930F">Aruba JL256A 2930F-48G-PoE+-4SFP+ Switch</example>
|
114
|
+
<example hw.model="JL258A" hw.product="2930F">Aruba JL258A 2930F-8G-PoE+-2SFP+ Switch</example>
|
115
|
+
<example hw.model="JL357A" hw.product="2540">Aruba JL357A 2540-48G-PoE+-4SFP+ Switch</example>
|
120
116
|
<param pos="0" name="os.vendor" value="Aruba Networks"/>
|
117
|
+
<param pos="0" name="hw.vendor" value="Aruba Networks"/>
|
118
|
+
<param pos="2" name="hw.product"/>
|
119
|
+
<param pos="1" name="hw.model"/>
|
120
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
121
121
|
</fingerprint>
|
122
122
|
|
123
123
|
<fingerprint pattern="^AXIS,(?:PTZ Dome )?Network Camera,(.*),([\d\.]+)$">
|
@@ -68,8 +68,8 @@
|
|
68
68
|
<example service.version="9.3.6-P1" os.version="5" os.version.version="11">9.3.6-P1-RedHat-9.3.6-25.P1.el5_11.12</example>
|
69
69
|
<example service.version="9.9.1-P3" os.version="6">9.9.1-P3-RedHat-9.9.1.P3.el6</example>
|
70
70
|
<example service.version="9.9.3-rpz2+rl.13208.13-P2" os.version="6">9.9.3-rpz2+rl.13208.13-P2-RedHat-9.9.3-4.P2.el6</example>
|
71
|
-
<example os.version="6" os.version.version="1">9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.3</example>
|
72
|
-
<example os.version="6" os.version.version="">9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6</example>
|
71
|
+
<example os.version="6" os.version.version="1" service.version="9.7.3-P3">9.7.3-P3-RedHat-9.7.3-2.el6_1.P3.3</example>
|
72
|
+
<example os.version="6" os.version.version="" service.version="9.8.2rc1">9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6</example>
|
73
73
|
<param pos="0" name="service.vendor" value="ISC"/>
|
74
74
|
<param pos="0" name="service.family" value="BIND"/>
|
75
75
|
<param pos="0" name="service.product" value="BIND"/>
|
@@ -85,21 +85,21 @@
|
|
85
85
|
|
86
86
|
<fingerprint pattern="^(9.[^-]+(?:-rl[.\d]+)?(?:-[SP]\d)?)-RedHat-[\d.]+-[\w.]+fc([\d]+)$">
|
87
87
|
<description>ISC BIND: Fedora</description>
|
88
|
-
<example service.version="9.10.4-P8">9.10.4-P8-RedHat-9.10.4-4.P8.fc25</example>
|
88
|
+
<example service.version="9.10.4-P8" os.version="25">9.10.4-P8-RedHat-9.10.4-4.P8.fc25</example>
|
89
89
|
<!-- The '-rl' in the example below indicates a rate limiting patch -->
|
90
90
|
|
91
|
-
<example service.version="9.9.3-rl.13207.22-P2">9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19</example>
|
92
|
-
<example os.version="10">9.5.2-RedHat-9.5.2-1.fc10</example>
|
91
|
+
<example service.version="9.9.3-rl.13207.22-P2" os.version="19">9.9.3-rl.13207.22-P2-RedHat-9.9.3-5.P2.fc19</example>
|
92
|
+
<example os.version="10" service.version="9.5.2">9.5.2-RedHat-9.5.2-1.fc10</example>
|
93
93
|
<param pos="0" name="service.vendor" value="ISC"/>
|
94
94
|
<param pos="0" name="service.family" value="BIND"/>
|
95
95
|
<param pos="0" name="service.product" value="BIND"/>
|
96
96
|
<param pos="1" name="service.version"/>
|
97
97
|
<param pos="0" name="service.cpe23" value="cpe:/a:isc:bind:{service.version}"/>
|
98
|
-
<param pos="0" name="os.vendor" value="
|
98
|
+
<param pos="0" name="os.vendor" value="Fedora Project"/>
|
99
99
|
<param pos="0" name="os.family" value="Linux"/>
|
100
|
-
<param pos="0" name="os.product" value="Fedora Core
|
100
|
+
<param pos="0" name="os.product" value="Fedora Core"/>
|
101
101
|
<param pos="2" name="os.version"/>
|
102
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:
|
102
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:fedoraproject:fedora_core:{os.version}"/>
|
103
103
|
</fingerprint>
|
104
104
|
|
105
105
|
<fingerprint pattern="^(9.[^-]+(?:-[SP]\d)?)-RedHat-[\w.-]+amzn1$">
|
@@ -719,8 +719,11 @@
|
|
719
719
|
-->
|
720
720
|
|
721
721
|
<fingerprint pattern="^Microsoft DNS 6.0.6100 \(2AEF76E\)$">
|
722
|
-
<description>SPOOFED - Microsoft DNS on Windows 2008 SP something
|
722
|
+
<description>SPOOFED - Microsoft DNS on Windows 2008 SP something -- assert nothing.</description>
|
723
723
|
<example>Microsoft DNS 6.0.6100 (2AEF76E)</example>
|
724
|
+
<param pos="0" name="hw.certainty" value="0.0"/>
|
725
|
+
<param pos="0" name="os.certainty" value="0.0"/>
|
726
|
+
<param pos="0" name="service.certainty" value="0.0"/>
|
724
727
|
</fingerprint>
|
725
728
|
|
726
729
|
<fingerprint pattern="^Microsoft DNS 6.0.6003(?: \(([^)]+)\))?$">
|
@@ -843,8 +846,8 @@
|
|
843
846
|
|
844
847
|
<fingerprint pattern="^ALU DNS ([\d\.]+) Build (\d+)$">
|
845
848
|
<description>ALU (Alcatel Lucent?) DNS</description>
|
846
|
-
<example service.version="6.2">ALU DNS 6.2 Build 22</example>
|
847
|
-
<example service.version.version="9">ALU DNS 6.2 Build 9</example>
|
849
|
+
<example service.version="6.2" service.version.version="22">ALU DNS 6.2 Build 22</example>
|
850
|
+
<example service.version.version="9" service.version="6.2">ALU DNS 6.2 Build 9</example>
|
848
851
|
<param pos="0" name="service.vendor" value="ALU"/>
|
849
852
|
<param pos="0" name="service.family" value="DNS"/>
|
850
853
|
<param pos="0" name="service.product" value="DNS"/>
|
@@ -910,8 +913,8 @@
|
|
910
913
|
|
911
914
|
<fingerprint pattern="^Meta IP[\s\/]DNS (?:V[\d\.]+ )?- BIND V([\d\.]+(?:-REL)?) \(Build (\d+)\s?\)$">
|
912
915
|
<description>Check Point Meta IP</description>
|
913
|
-
<example service.version="8.2.7-REL">Meta IP DNS - BIND V8.2.7-REL (Build 31)</example>
|
914
|
-
<example service.version.version="4704">Meta IP/DNS V4.1 - BIND V8.1.2 (Build 4704 )</example>
|
916
|
+
<example service.version="8.2.7-REL" service.version.version="31">Meta IP DNS - BIND V8.2.7-REL (Build 31)</example>
|
917
|
+
<example service.version.version="4704" service.version="8.1.2">Meta IP/DNS V4.1 - BIND V8.1.2 (Build 4704 )</example>
|
915
918
|
<param pos="0" name="service.vendor" value="Check Point"/>
|
916
919
|
<param pos="0" name="service.family" value="META IP"/>
|
917
920
|
<param pos="0" name="service.product" value="DNS"/>
|