recog 2.3.23 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +25 -16
- data/Rakefile +2 -9
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +0 -1
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +0 -0
- data/{xml → recog/xml}/architecture.xml +0 -0
- data/{xml → recog/xml}/dhcp_vendor_class.xml +9 -9
- data/{xml → recog/xml}/dns_versionbind.xml +0 -0
- data/{xml → recog/xml}/favicons.xml +63 -1
- data/{xml → recog/xml}/fingerprints.xsd +0 -0
- data/{xml → recog/xml}/ftp_banners.xml +0 -0
- data/{xml → recog/xml}/h323_callresp.xml +0 -0
- data/{xml → recog/xml}/hp_pjl_id.xml +0 -0
- data/{xml → recog/xml}/html_title.xml +47 -0
- data/{xml → recog/xml}/http_cookies.xml +19 -0
- data/{xml → recog/xml}/http_servers.xml +74 -1
- data/{xml → recog/xml}/http_wwwauth.xml +13 -0
- data/{xml → recog/xml}/imap_banners.xml +0 -0
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +0 -0
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +0 -0
- data/{xml → recog/xml}/ntp_banners.xml +0 -0
- data/{xml → recog/xml}/operating_system.xml +0 -0
- data/{xml → recog/xml}/pop_banners.xml +0 -0
- data/{xml → recog/xml}/rsh_resp.xml +0 -0
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +0 -0
- data/{xml → recog/xml}/sip_user_agents.xml +0 -0
- data/{xml → recog/xml}/smb_native_lm.xml +0 -0
- data/{xml → recog/xml}/smb_native_os.xml +0 -0
- data/{xml → recog/xml}/smtp_banners.xml +0 -0
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +0 -0
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +0 -0
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +21 -6
- data/{xml → recog/xml}/snmp_sysobjid.xml +11 -0
- data/{xml → recog/xml}/ssh_banners.xml +0 -0
- data/{xml → recog/xml}/telnet_banners.xml +34 -1
- data/{xml → recog/xml}/tls_jarm.xml +8 -0
- data/{xml → recog/xml}/x11_banners.xml +0 -0
- data/{xml → recog/xml}/x509_issuers.xml +13 -2
- data/{xml → recog/xml}/x509_subjects.xml +0 -0
- data/recog.gemspec +9 -5
- data/spec/spec_helper.rb +4 -0
- metadata +56 -145
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/dependabot.yml +0 -8
- data/.github/workflows/ci.yml +0 -26
- data/.github/workflows/verify.yml +0 -89
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/.vscode/bin/monitor-recog-fingerprints.sh +0 -54
- data/.vscode/extensions.json +0 -5
- data/.vscode/settings.json +0 -8
- data/.vscode/tasks.json +0 -77
- data/CONTRIBUTING.md +0 -278
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -163
- data/bin/recog_verify +0 -98
- data/cpe-remap.yaml +0 -374
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/schema_failure.xml +0 -4
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -26
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/support/hooks.rb +0 -9
- data/features/verify.feature +0 -112
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -105
- data/identifiers/hw_device.txt +0 -86
- data/identifiers/hw_family.txt +0 -121
- data/identifiers/hw_product.txt +0 -463
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -77
- data/identifiers/os_family.txt +0 -235
- data/identifiers/os_product.txt +0 -357
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -778
- data/identifiers/vendor.txt +0 -859
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -175
- data/tools/dev/hooks/pre-commit +0 -21
- data/update_cpes.py +0 -343
@@ -749,6 +749,21 @@
|
|
749
749
|
<param pos="0" name="os.device" value="WAP"/>
|
750
750
|
</fingerprint>
|
751
751
|
|
752
|
+
<!--======================================================================
|
753
|
+
Aruba Networks
|
754
|
+
=======================================================================-->
|
755
|
+
|
756
|
+
<fingerprint pattern="^Aruba\s(JL\d+A)\s(\d+[A-Z]?)\S+\sSwitch.+ROM\s([A-Z]+(?:\.\d+)+)">
|
757
|
+
<description>HP Aruba Network Switch</description>
|
758
|
+
<example hw.model="JL256A" hw.product="2930F" os.version="WC.16.01.0010">Aruba JL256A 2930F-48G-PoE+-4SFP+ Switch, revision WC.16.11.0004, ROM WC.16.01.0010</example>
|
759
|
+
<param pos="0" name="os.vendor" value="Aruba Networks"/>
|
760
|
+
<param pos="3" name="os.version"/>
|
761
|
+
<param pos="0" name="hw.vendor" value="Aruba Networks"/>
|
762
|
+
<param pos="2" name="hw.product"/>
|
763
|
+
<param pos="1" name="hw.model"/>
|
764
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
765
|
+
</fingerprint>
|
766
|
+
|
752
767
|
<!--======================================================================
|
753
768
|
Asentria
|
754
769
|
=======================================================================-->
|
@@ -1951,7 +1966,7 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
1951
1966
|
<example os.product="136T">DELL PowerVault 136T</example>
|
1952
1967
|
<param pos="0" name="os.vendor" value="Dell"/>
|
1953
1968
|
<param pos="0" name="os.family" value="PowerVault"/>
|
1954
|
-
<param pos="0" name="os.device" value="Tape
|
1969
|
+
<param pos="0" name="os.device" value="Tape Library"/>
|
1955
1970
|
<param pos="1" name="os.product"/>
|
1956
1971
|
</fingerprint>
|
1957
1972
|
|
@@ -2028,7 +2043,7 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
2028
2043
|
<param pos="0" name="os.vendor" value="Dell"/>
|
2029
2044
|
<param pos="0" name="os.family" value="PowerVault"/>
|
2030
2045
|
<param pos="0" name="os.product" value="PowerVault"/>
|
2031
|
-
<param pos="0" name="os.device" value="Tape
|
2046
|
+
<param pos="0" name="os.device" value="Tape Library"/>
|
2032
2047
|
</fingerprint>
|
2033
2048
|
|
2034
2049
|
<!--======================================================================
|
@@ -5672,11 +5687,11 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
5672
5687
|
=======================================================================-->
|
5673
5688
|
|
5674
5689
|
<fingerprint pattern="^PARADYNE T1 DSU/CSU; model: ([^;]+); S/W Release: ([^;]+);">
|
5675
|
-
<description>Paradyne CSU
|
5690
|
+
<description>Paradyne DSU/CSU</description>
|
5676
5691
|
<example os.product="3165-A4-210" os.version="05.01.16">PARADYNE T1 DSU/CSU; model: 3165-A4-210; S/W Release: 05.01.16; H/W CCA1: 3996-82C; Serial number: 5796841</example>
|
5677
5692
|
<param pos="0" name="os.certainty" value="1.0"/>
|
5678
5693
|
<param pos="0" name="os.vendor" value="Paradyne"/>
|
5679
|
-
<param pos="0" name="os.device" value="CSU
|
5694
|
+
<param pos="0" name="os.device" value="DSU/CSU"/>
|
5680
5695
|
<param pos="1" name="os.product"/>
|
5681
5696
|
<param pos="2" name="os.version"/>
|
5682
5697
|
</fingerprint>
|
@@ -6446,8 +6461,8 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
6446
6461
|
<example os.product="GE Series " os.version="V5 R3.10404.0">HiPath Wireless Access Controller - GE Series , System Version V5 R3.10404.0</example>
|
6447
6462
|
<example os.product="V2110" os.version="08.01.01.0251">HiPath Wireless Access Controller - V2110, System Version 08.01.01.0251</example>
|
6448
6463
|
<param pos="0" name="os.vendor" value="Siemens"/>
|
6449
|
-
<param pos="0" name="os.
|
6450
|
-
<param pos="0" name="os.
|
6464
|
+
<param pos="0" name="os.family" value="HiPath"/>
|
6465
|
+
<param pos="0" name="os.device" value="WAP"/>
|
6451
6466
|
<param pos="1" name="os.product"/>
|
6452
6467
|
<param pos="2" name="os.version"/>
|
6453
6468
|
</fingerprint>
|
@@ -472,4 +472,15 @@
|
|
472
472
|
<param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
|
473
473
|
</fingerprint>
|
474
474
|
|
475
|
+
<fingerprint pattern="^1\.3\.6\.1\.4\.1\.11\.2\.3\.7\.11\.181\.21\sAruba\s(JL\d+A)\s(\d+[A-Z]?)\S+\sSwitch.+ROM\s([A-Z]+(?:\.\d+)+)">
|
476
|
+
<description>HP Aruba Network Switch</description>
|
477
|
+
<example hw.model="JL256A" hw.product="2930F" os.version="WC.16.01.0010">1.3.6.1.4.1.11.2.3.7.11.181.21 Aruba JL256A 2930F-48G-PoE+-4SFP+ Switch, revision WC.16.11.0004, ROM WC.16.01.0010</example>
|
478
|
+
<param pos="0" name="os.vendor" value="Aruba Networks"/>
|
479
|
+
<param pos="3" name="os.version"/>
|
480
|
+
<param pos="0" name="hw.vendor" value="Aruba Networks"/>
|
481
|
+
<param pos="2" name="hw.product"/>
|
482
|
+
<param pos="1" name="hw.model"/>
|
483
|
+
<param pos="0" name="hw.device" value="Switch"/>
|
484
|
+
</fingerprint>
|
485
|
+
|
475
486
|
</fingerprints>
|
File without changes
|
@@ -1095,7 +1095,7 @@
|
|
1095
1095
|
</example>
|
1096
1096
|
<param pos="0" name="os.vendor" value="Red Hat"/>
|
1097
1097
|
<param pos="0" name="os.family" value="Linux"/>
|
1098
|
-
<param pos="0" name="os.
|
1098
|
+
<param pos="0" name="os.product" value="Linux"/>
|
1099
1099
|
<param pos="1" name="os.version"/>
|
1100
1100
|
</fingerprint>
|
1101
1101
|
|
@@ -2294,4 +2294,37 @@
|
|
2294
2294
|
<param pos="0" name="os.product" value="Fermentrack"/>
|
2295
2295
|
</fingerprint>
|
2296
2296
|
|
2297
|
+
<fingerprint pattern="(?m)^Welcome to the SIGMA Spectrum Diagnostic Terminal(?:\r|\n)*Wireless Battery Module \(802\.11[abgn\/]+\)(?:\r|\n)*MAC Address: ((?:[0-9a-f]{2}-?){6}) SW: \d+[\sD]*\d+\s*(?:\r|\n)*Sigma Spectrum SN: (\d+) SW: v([\d.]+)(?:\r|\n)*Radio up since: [\w\s:]+(?:\r|\n)*login:\s*$">
|
2298
|
+
<description>Baxter SIGMA Spectrum Infusion System with Wireless Battery Module</description>
|
2299
|
+
<!--
|
2300
|
+
Welcome to the SIGMA Spectrum Diagnostic Terminal
|
2301
|
+
|
2302
|
+
Wireless Battery Module (802.11a/b/g/n)
|
2303
|
+
MAC Address: 00-40-9d-12-34-56 SW: 20 D29
|
2304
|
+
Sigma Spectrum SN: 1234567 SW: v8.00.01
|
2305
|
+
Radio up since: Fri Mar 1 03:14:24 2019
|
2306
|
+
|
2307
|
+
login:
|
2308
|
+
-->
|
2309
|
+
|
2310
|
+
<example host.mac="00-40-9d-12-34-56" hw.serial_number="1234567" os.version="8.00.01" _encoding="base64">
|
2311
|
+
V2VsY29tZSB0byB0aGUgU0lHTUEgU3BlY3RydW0gRGlhZ25vc3RpYyBUZXJtaW5hbA0KDQpXa
|
2312
|
+
XJlbGVzcyBCYXR0ZXJ5IE1vZHVsZSAoODAyLjExYS9iL2cvbikNCk1BQyBBZGRyZXNzOiAwMC
|
2313
|
+
00MC05ZC0xMi0zNC01NiBTVzogMjAgRDI5DQpTaWdtYSBTcGVjdHJ1bSBTTjogMTIzNDU2NyB
|
2314
|
+
TVzogdjguMDAuMDENClJhZGlvIHVwIHNpbmNlOiBGcmkgTWFyICAxIDAzOjE0OjI0IDIwMTkN
|
2315
|
+
Cg0KbG9naW46IA==
|
2316
|
+
</example>
|
2317
|
+
<param pos="0" name="os.vendor" value="Baxter"/>
|
2318
|
+
<param pos="0" name="os.product" value="SIGMA Spectrum Infusion System Firmware"/>
|
2319
|
+
<param pos="0" name="os.device" value="Medical"/>
|
2320
|
+
<param pos="3" name="os.version"/>
|
2321
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:baxter:sigma_spectrum_infusion_system_firmware:{os.version}"/>
|
2322
|
+
<param pos="0" name="hw.vendor" value="Baxter"/>
|
2323
|
+
<param pos="0" name="hw.product" value="SIGMA Spectrum Infusion System"/>
|
2324
|
+
<param pos="0" name="hw.device" value="Medical"/>
|
2325
|
+
<param pos="2" name="hw.serial_number"/>
|
2326
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:baxter:sigma_spectrum_infusion_system:-"/>
|
2327
|
+
<param pos="1" name="host.mac"/>
|
2328
|
+
</fingerprint>
|
2329
|
+
|
2297
2330
|
</fingerprints>
|
@@ -179,4 +179,12 @@
|
|
179
179
|
<param pos="0" name="os.device" value="Printer"/>
|
180
180
|
</fingerprint>
|
181
181
|
|
182
|
+
<fingerprint pattern="^27d27d27d00027d00041d41d00041dea7155aeeb5fe0855bcdf1e51aa692cd$">
|
183
|
+
<description>openHAB - open-source home automation</description>
|
184
|
+
<example>27d27d27d00027d00041d41d00041dea7155aeeb5fe0855bcdf1e51aa692cd</example>
|
185
|
+
<param pos="0" name="service.vendor" value="openHAB"/>
|
186
|
+
<param pos="0" name="service.product" value="openHAB"/>
|
187
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:openhab:openhab:-"/>
|
188
|
+
</fingerprint>
|
189
|
+
|
182
190
|
</fingerprints>
|
File without changes
|
@@ -227,7 +227,7 @@
|
|
227
227
|
<fingerprint pattern="^CN=Temporary CA [a-fA-F0-9]{8}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{4}\-[a-fA-F0-9]{12},OU=Temporary CA">
|
228
228
|
<description>Cisco Video Communication Server</description>
|
229
229
|
<example>CN=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,OU=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74,O=Temporary CA 218131fe-8af4-11e7-aa6e-9950d6bbaf74</example>
|
230
|
-
<param pos="0" name="hw.device" value="Video
|
230
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
231
231
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
232
232
|
<param pos="0" name="hw.product" value="TelePresence"/>
|
233
233
|
</fingerprint>
|
@@ -363,7 +363,7 @@
|
|
363
363
|
<description>Avaya Video Conferencing Device - CU360</description>
|
364
364
|
<example hw.serial_number="11YT11111111">CN=Avaya cu360 11YT11111111</example>
|
365
365
|
<param pos="0" name="hw.vendor" value="Avaya"/>
|
366
|
-
<param pos="0" name="hw.device" value="Video
|
366
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
367
367
|
<param pos="0" name="hw.product" value="CU360"/>
|
368
368
|
<param pos="1" name="hw.serial_number"/>
|
369
369
|
</fingerprint>
|
@@ -394,4 +394,15 @@
|
|
394
394
|
<param pos="2" name="host.mac"/>
|
395
395
|
</fingerprint>
|
396
396
|
|
397
|
+
<fingerprint pattern="^CN=Proxmox Virtual Environment,OU=[a-f0-9-]+,O=PVE Cluster Manager CA$">
|
398
|
+
<description>Proxmox open-source virtualization platform</description>
|
399
|
+
<example>CN=Proxmox Virtual Environment,OU=dd69676f-e203-490e-b040-79b75ed6a9d7,O=PVE Cluster Manager CA</example>
|
400
|
+
<param pos="0" name="service.vendor" value="Proxmox"/>
|
401
|
+
<param pos="0" name="service.product" value="Virtual Environment"/>
|
402
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:proxmox:virtual_environment:-"/>
|
403
|
+
<param pos="0" name="os.vendor" value="Proxmox"/>
|
404
|
+
<param pos="0" name="os.family" value="Linux"/>
|
405
|
+
<param pos="0" name="os.product" value="Proxmox"/>
|
406
|
+
</fingerprint>
|
407
|
+
|
397
408
|
</fingerprints>
|
File without changes
|
data/recog.gemspec
CHANGED
@@ -12,7 +12,7 @@ Gem::Specification.new do |s|
|
|
12
12
|
s.email = [
|
13
13
|
'research@rapid7.com'
|
14
14
|
]
|
15
|
-
s.homepage = "https://www.github.com/rapid7/recog"
|
15
|
+
s.homepage = "https://www.github.com/rapid7/recog-ruby"
|
16
16
|
s.summary = %q{Network service fingerprint database, classes, and utilities}
|
17
17
|
s.description = %q{
|
18
18
|
Recog is a framework for identifying products, services, operating systems, and hardware by matching
|
@@ -20,9 +20,14 @@ Gem::Specification.new do |s|
|
|
20
20
|
information from web server banners, snmp system description fields, and a whole lot more.
|
21
21
|
}.gsub(/\s+/, ' ').strip
|
22
22
|
|
23
|
-
s.
|
24
|
-
s.
|
25
|
-
|
23
|
+
s.bindir = 'recog/bin'
|
24
|
+
s.files = %w(Gemfile Rakefile COPYING LICENSE README.md recog.gemspec .yardopts) +
|
25
|
+
Dir.glob('lib/**/*.rb') +
|
26
|
+
Dir.glob('spec/**/*') +
|
27
|
+
Dir.glob('recog/xml/*') +
|
28
|
+
Dir.glob('recog/bin/recog_match')
|
29
|
+
s.test_files = s.files.grep(%r{^(test|spec|features)/})
|
30
|
+
s.executables = s.files.grep(%r{^recog/bin/}).map{ |f| File.basename(f) }
|
26
31
|
s.require_paths = ['lib']
|
27
32
|
|
28
33
|
# ---- Dependencies ----
|
@@ -36,7 +41,6 @@ Gem::Specification.new do |s|
|
|
36
41
|
# markdown formatting for yard
|
37
42
|
s.add_development_dependency 'redcarpet'
|
38
43
|
end
|
39
|
-
s.add_development_dependency 'cucumber'
|
40
44
|
s.add_development_dependency 'aruba'
|
41
45
|
s.add_development_dependency 'simplecov'
|
42
46
|
|
data/spec/spec_helper.rb
CHANGED
@@ -1,6 +1,10 @@
|
|
1
|
+
FINGERPRINT_DIR = File.expand_path(File.join('..', 'recog', 'xml'), __dir__)
|
2
|
+
|
3
|
+
# setup code coverage
|
1
4
|
require 'simplecov'
|
2
5
|
SimpleCov.start
|
3
6
|
|
7
|
+
require 'rspec'
|
4
8
|
# This file was generated by the `rspec --init` command. Conventionally, all
|
5
9
|
# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
|
6
10
|
# The generated `.rspec` file contains `--require spec_helper` which will cause this
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: recog
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version:
|
4
|
+
version: 3.0.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rapid7 Research
|
8
8
|
autorequire:
|
9
|
-
bindir: bin
|
9
|
+
bindir: recog/bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-06-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rspec
|
@@ -52,20 +52,6 @@ dependencies:
|
|
52
52
|
- - ">="
|
53
53
|
- !ruby/object:Gem::Version
|
54
54
|
version: '0'
|
55
|
-
- !ruby/object:Gem::Dependency
|
56
|
-
name: cucumber
|
57
|
-
requirement: !ruby/object:Gem::Requirement
|
58
|
-
requirements:
|
59
|
-
- - ">="
|
60
|
-
- !ruby/object:Gem::Version
|
61
|
-
version: '0'
|
62
|
-
type: :development
|
63
|
-
prerelease: false
|
64
|
-
version_requirements: !ruby/object:Gem::Requirement
|
65
|
-
requirements:
|
66
|
-
- - ">="
|
67
|
-
- !ruby/object:Gem::Version
|
68
|
-
version: '0'
|
69
55
|
- !ruby/object:Gem::Dependency
|
70
56
|
name: aruba
|
71
57
|
requirement: !ruby/object:Gem::Requirement
|
@@ -115,71 +101,16 @@ description: Recog is a framework for identifying products, services, operating
|
|
115
101
|
email:
|
116
102
|
- research@rapid7.com
|
117
103
|
executables:
|
118
|
-
- recog_cleanup
|
119
|
-
- recog_export
|
120
104
|
- recog_match
|
121
|
-
- recog_standardize
|
122
|
-
- recog_verify
|
123
105
|
extensions: []
|
124
106
|
extra_rdoc_files: []
|
125
107
|
files:
|
126
|
-
- ".github/ISSUE_TEMPLATE/bug_report.md"
|
127
|
-
- ".github/ISSUE_TEMPLATE/feature_request.md"
|
128
|
-
- ".github/ISSUE_TEMPLATE/fingerprint_request.md"
|
129
|
-
- ".github/PULL_REQUEST_TEMPLATE"
|
130
|
-
- ".github/SECURITY.md"
|
131
|
-
- ".github/dependabot.yml"
|
132
|
-
- ".github/workflows/ci.yml"
|
133
|
-
- ".github/workflows/verify.yml"
|
134
|
-
- ".gitignore"
|
135
|
-
- ".rspec"
|
136
|
-
- ".ruby-gemset"
|
137
|
-
- ".ruby-version"
|
138
|
-
- ".snyk"
|
139
|
-
- ".travis.yml"
|
140
|
-
- ".vscode/bin/monitor-recog-fingerprints.sh"
|
141
|
-
- ".vscode/extensions.json"
|
142
|
-
- ".vscode/settings.json"
|
143
|
-
- ".vscode/tasks.json"
|
144
108
|
- ".yardopts"
|
145
|
-
- CONTRIBUTING.md
|
146
109
|
- COPYING
|
147
110
|
- Gemfile
|
148
111
|
- LICENSE
|
149
112
|
- README.md
|
150
113
|
- Rakefile
|
151
|
-
- bin/recog_cleanup
|
152
|
-
- bin/recog_export
|
153
|
-
- bin/recog_match
|
154
|
-
- bin/recog_standardize
|
155
|
-
- bin/recog_verify
|
156
|
-
- cpe-remap.yaml
|
157
|
-
- features/data/failing_banners_fingerprints.xml
|
158
|
-
- features/data/matching_banners_fingerprints.xml
|
159
|
-
- features/data/multiple_banners_fingerprints.xml
|
160
|
-
- features/data/no_tests.xml
|
161
|
-
- features/data/sample_banner.txt
|
162
|
-
- features/data/schema_failure.xml
|
163
|
-
- features/data/successful_tests.xml
|
164
|
-
- features/data/tests_with_failures.xml
|
165
|
-
- features/data/tests_with_warnings.xml
|
166
|
-
- features/match.feature
|
167
|
-
- features/support/aruba.rb
|
168
|
-
- features/support/env.rb
|
169
|
-
- features/support/hooks.rb
|
170
|
-
- features/verify.feature
|
171
|
-
- identifiers/README.md
|
172
|
-
- identifiers/fields.txt
|
173
|
-
- identifiers/hw_device.txt
|
174
|
-
- identifiers/hw_family.txt
|
175
|
-
- identifiers/hw_product.txt
|
176
|
-
- identifiers/os_architecture.txt
|
177
|
-
- identifiers/os_device.txt
|
178
|
-
- identifiers/os_family.txt
|
179
|
-
- identifiers/os_product.txt
|
180
|
-
- identifiers/service_family.txt
|
181
|
-
- identifiers/service_product.txt
|
182
|
-
- identifiers/vendor.txt
|
183
114
|
- lib/recog.rb
|
184
115
|
- lib/recog/db.rb
|
185
116
|
- lib/recog/db_manager.rb
|
@@ -195,10 +126,58 @@ files:
|
|
195
126
|
- lib/recog/verifier.rb
|
196
127
|
- lib/recog/verify_reporter.rb
|
197
128
|
- lib/recog/version.rb
|
198
|
-
- misc/convert_mysql_err
|
199
|
-
- misc/order.xsl
|
200
129
|
- recog.gemspec
|
201
|
-
-
|
130
|
+
- recog/bin/recog_match
|
131
|
+
- recog/xml/apache_modules.xml
|
132
|
+
- recog/xml/apache_os.xml
|
133
|
+
- recog/xml/architecture.xml
|
134
|
+
- recog/xml/dhcp_vendor_class.xml
|
135
|
+
- recog/xml/dns_versionbind.xml
|
136
|
+
- recog/xml/favicons.xml
|
137
|
+
- recog/xml/fingerprints.xsd
|
138
|
+
- recog/xml/ftp_banners.xml
|
139
|
+
- recog/xml/h323_callresp.xml
|
140
|
+
- recog/xml/hp_pjl_id.xml
|
141
|
+
- recog/xml/html_title.xml
|
142
|
+
- recog/xml/http_cookies.xml
|
143
|
+
- recog/xml/http_servers.xml
|
144
|
+
- recog/xml/http_wwwauth.xml
|
145
|
+
- recog/xml/imap_banners.xml
|
146
|
+
- recog/xml/ldap_searchresult.xml
|
147
|
+
- recog/xml/mdns_device-info_txt.xml
|
148
|
+
- recog/xml/mdns_workstation_txt.xml
|
149
|
+
- recog/xml/mysql_banners.xml
|
150
|
+
- recog/xml/mysql_error.xml
|
151
|
+
- recog/xml/nntp_banners.xml
|
152
|
+
- recog/xml/ntp_banners.xml
|
153
|
+
- recog/xml/operating_system.xml
|
154
|
+
- recog/xml/pop_banners.xml
|
155
|
+
- recog/xml/rsh_resp.xml
|
156
|
+
- recog/xml/rtsp_servers.xml
|
157
|
+
- recog/xml/sip_banners.xml
|
158
|
+
- recog/xml/sip_user_agents.xml
|
159
|
+
- recog/xml/smb_native_lm.xml
|
160
|
+
- recog/xml/smb_native_os.xml
|
161
|
+
- recog/xml/smtp_banners.xml
|
162
|
+
- recog/xml/smtp_debug.xml
|
163
|
+
- recog/xml/smtp_ehlo.xml
|
164
|
+
- recog/xml/smtp_expn.xml
|
165
|
+
- recog/xml/smtp_help.xml
|
166
|
+
- recog/xml/smtp_mailfrom.xml
|
167
|
+
- recog/xml/smtp_noop.xml
|
168
|
+
- recog/xml/smtp_quit.xml
|
169
|
+
- recog/xml/smtp_rcptto.xml
|
170
|
+
- recog/xml/smtp_rset.xml
|
171
|
+
- recog/xml/smtp_turn.xml
|
172
|
+
- recog/xml/smtp_vrfy.xml
|
173
|
+
- recog/xml/snmp_sysdescr.xml
|
174
|
+
- recog/xml/snmp_sysobjid.xml
|
175
|
+
- recog/xml/ssh_banners.xml
|
176
|
+
- recog/xml/telnet_banners.xml
|
177
|
+
- recog/xml/tls_jarm.xml
|
178
|
+
- recog/xml/x11_banners.xml
|
179
|
+
- recog/xml/x509_issuers.xml
|
180
|
+
- recog/xml/x509_subjects.xml
|
202
181
|
- spec/data/best_os_match_1.yml
|
203
182
|
- spec/data/best_os_match_2.yml
|
204
183
|
- spec/data/best_service_match_1.yml
|
@@ -210,7 +189,6 @@ files:
|
|
210
189
|
- spec/data/test_fingerprints.xml
|
211
190
|
- spec/data/verification_fingerprints.xml
|
212
191
|
- spec/data/whitespaced_fingerprint.xml
|
213
|
-
- spec/lib/fingerprint_self_test_spec.rb
|
214
192
|
- spec/lib/recog/db_spec.rb
|
215
193
|
- spec/lib/recog/fingerprint/regexp_factory_spec.rb
|
216
194
|
- spec/lib/recog/fingerprint_spec.rb
|
@@ -219,59 +197,7 @@ files:
|
|
219
197
|
- spec/lib/recog/nizer_spec.rb
|
220
198
|
- spec/lib/recog/verify_reporter_spec.rb
|
221
199
|
- spec/spec_helper.rb
|
222
|
-
|
223
|
-
- update_cpes.py
|
224
|
-
- xml/apache_modules.xml
|
225
|
-
- xml/apache_os.xml
|
226
|
-
- xml/architecture.xml
|
227
|
-
- xml/dhcp_vendor_class.xml
|
228
|
-
- xml/dns_versionbind.xml
|
229
|
-
- xml/favicons.xml
|
230
|
-
- xml/fingerprints.xsd
|
231
|
-
- xml/ftp_banners.xml
|
232
|
-
- xml/h323_callresp.xml
|
233
|
-
- xml/hp_pjl_id.xml
|
234
|
-
- xml/html_title.xml
|
235
|
-
- xml/http_cookies.xml
|
236
|
-
- xml/http_servers.xml
|
237
|
-
- xml/http_wwwauth.xml
|
238
|
-
- xml/imap_banners.xml
|
239
|
-
- xml/ldap_searchresult.xml
|
240
|
-
- xml/mdns_device-info_txt.xml
|
241
|
-
- xml/mdns_workstation_txt.xml
|
242
|
-
- xml/mysql_banners.xml
|
243
|
-
- xml/mysql_error.xml
|
244
|
-
- xml/nntp_banners.xml
|
245
|
-
- xml/ntp_banners.xml
|
246
|
-
- xml/operating_system.xml
|
247
|
-
- xml/pop_banners.xml
|
248
|
-
- xml/rsh_resp.xml
|
249
|
-
- xml/rtsp_servers.xml
|
250
|
-
- xml/sip_banners.xml
|
251
|
-
- xml/sip_user_agents.xml
|
252
|
-
- xml/smb_native_lm.xml
|
253
|
-
- xml/smb_native_os.xml
|
254
|
-
- xml/smtp_banners.xml
|
255
|
-
- xml/smtp_debug.xml
|
256
|
-
- xml/smtp_ehlo.xml
|
257
|
-
- xml/smtp_expn.xml
|
258
|
-
- xml/smtp_help.xml
|
259
|
-
- xml/smtp_mailfrom.xml
|
260
|
-
- xml/smtp_noop.xml
|
261
|
-
- xml/smtp_quit.xml
|
262
|
-
- xml/smtp_rcptto.xml
|
263
|
-
- xml/smtp_rset.xml
|
264
|
-
- xml/smtp_turn.xml
|
265
|
-
- xml/smtp_vrfy.xml
|
266
|
-
- xml/snmp_sysdescr.xml
|
267
|
-
- xml/snmp_sysobjid.xml
|
268
|
-
- xml/ssh_banners.xml
|
269
|
-
- xml/telnet_banners.xml
|
270
|
-
- xml/tls_jarm.xml
|
271
|
-
- xml/x11_banners.xml
|
272
|
-
- xml/x509_issuers.xml
|
273
|
-
- xml/x509_subjects.xml
|
274
|
-
homepage: https://www.github.com/rapid7/recog
|
200
|
+
homepage: https://www.github.com/rapid7/recog-ruby
|
275
201
|
licenses: []
|
276
202
|
metadata: {}
|
277
203
|
post_install_message:
|
@@ -289,25 +215,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
289
215
|
- !ruby/object:Gem::Version
|
290
216
|
version: '0'
|
291
217
|
requirements: []
|
292
|
-
rubygems_version: 3.
|
218
|
+
rubygems_version: 3.1.6
|
293
219
|
signing_key:
|
294
220
|
specification_version: 4
|
295
221
|
summary: Network service fingerprint database, classes, and utilities
|
296
222
|
test_files:
|
297
|
-
- features/data/failing_banners_fingerprints.xml
|
298
|
-
- features/data/matching_banners_fingerprints.xml
|
299
|
-
- features/data/multiple_banners_fingerprints.xml
|
300
|
-
- features/data/no_tests.xml
|
301
|
-
- features/data/sample_banner.txt
|
302
|
-
- features/data/schema_failure.xml
|
303
|
-
- features/data/successful_tests.xml
|
304
|
-
- features/data/tests_with_failures.xml
|
305
|
-
- features/data/tests_with_warnings.xml
|
306
|
-
- features/match.feature
|
307
|
-
- features/support/aruba.rb
|
308
|
-
- features/support/env.rb
|
309
|
-
- features/support/hooks.rb
|
310
|
-
- features/verify.feature
|
311
223
|
- spec/data/best_os_match_1.yml
|
312
224
|
- spec/data/best_os_match_2.yml
|
313
225
|
- spec/data/best_service_match_1.yml
|
@@ -319,7 +231,6 @@ test_files:
|
|
319
231
|
- spec/data/test_fingerprints.xml
|
320
232
|
- spec/data/verification_fingerprints.xml
|
321
233
|
- spec/data/whitespaced_fingerprint.xml
|
322
|
-
- spec/lib/fingerprint_self_test_spec.rb
|
323
234
|
- spec/lib/recog/db_spec.rb
|
324
235
|
- spec/lib/recog/fingerprint/regexp_factory_spec.rb
|
325
236
|
- spec/lib/recog/fingerprint_spec.rb
|
@@ -1,37 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: Bug report
|
3
|
-
about: Create a report to help us improve
|
4
|
-
|
5
|
-
---
|
6
|
-
|
7
|
-
**Describe the bug**
|
8
|
-
A clear and concise description of what the bug is.
|
9
|
-
|
10
|
-
**To Reproduce**
|
11
|
-
Steps to reproduce the behavior:
|
12
|
-
|
13
|
-
1. Do this...
|
14
|
-
2. Do that...
|
15
|
-
3. Then something happens...
|
16
|
-
|
17
|
-
Code that reproduces the behavior: <!-- This is optional -->
|
18
|
-
```ruby
|
19
|
-
# paste code here, or create a gist, or link to public code snippet
|
20
|
-
```
|
21
|
-
|
22
|
-
Matcher that reproduces the behavior: <!-- This is optional -->
|
23
|
-
```xml
|
24
|
-
<!-- paste matcher xml here, or create a gist, or link to public code snippet -->
|
25
|
-
```
|
26
|
-
|
27
|
-
**Expected behavior**
|
28
|
-
A clear and concise description of what you expected to happen.
|
29
|
-
|
30
|
-
|
31
|
-
**Environment (please complete the following information):**
|
32
|
-
- Operating System:
|
33
|
-
- Ruby Version:
|
34
|
-
- Recog Version:
|
35
|
-
|
36
|
-
**Additional context**
|
37
|
-
Add any other context about the problem here.
|
@@ -1,17 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: Feature request
|
3
|
-
about: Suggest an idea for this project
|
4
|
-
|
5
|
-
---
|
6
|
-
|
7
|
-
**Is your feature request related to a problem? Please describe.**
|
8
|
-
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
|
9
|
-
|
10
|
-
**Describe the solution you'd like**
|
11
|
-
A clear and concise description of what you want to happen.
|
12
|
-
|
13
|
-
**Describe alternatives you've considered**
|
14
|
-
A clear and concise description of any alternative solutions or features you've considered.
|
15
|
-
|
16
|
-
**Additional context**
|
17
|
-
Add any other context or screenshots about the feature request here.
|
@@ -1,27 +0,0 @@
|
|
1
|
-
---
|
2
|
-
name: Fingerprint request
|
3
|
-
about: Request new fingerprint coverage
|
4
|
-
|
5
|
-
---
|
6
|
-
|
7
|
-
**Request for new fingerprint(s) for a product**
|
8
|
-
Briefly describe the product to be fingerprinted, including vendor and version information.
|
9
|
-
<!-- Include links to relevant public documentation from the vendor or other sources, if available -->
|
10
|
-
|
11
|
-
**Provide details about the product**
|
12
|
-
What protocol(s) can be used to retrieve identifiable information about the product?
|
13
|
-
<!-- Examples: Telnet, SSH, SNMP, SMTP, HTTP(S), Vendor Proprietary Protocol -->
|
14
|
-
|
15
|
-
What information can be collected on each protocol?
|
16
|
-
<!-- Example: HTTP Server banner: nginx/0.8.53 -->
|
17
|
-
|
18
|
-
What request, command, and/or payload can be used to retrieve information on each protocol?
|
19
|
-
<!-- Use code fences like the below example to preserve formatting -->
|
20
|
-
```
|
21
|
-
HTTP HEAD /
|
22
|
-
|
23
|
-
HTTP GET /info.php
|
24
|
-
```
|
25
|
-
|
26
|
-
**Example banner(s) with specific version info**
|
27
|
-
<!-- Paste raw text here, using code fences to preserve formatting if needed-->
|
@@ -1,24 +0,0 @@
|
|
1
|
-
## Description
|
2
|
-
A detailed description of your changes.
|
3
|
-
|
4
|
-
|
5
|
-
## Motivation and Context
|
6
|
-
Explanation of why these changes are being proposed, including any links to other relevant issues or pull requests.
|
7
|
-
|
8
|
-
|
9
|
-
## How Has This Been Tested?
|
10
|
-
A clear and concise description of your changes were tested.
|
11
|
-
|
12
|
-
|
13
|
-
## Types of changes
|
14
|
-
<!--- What types of changes does your code introduce? Remove any that do not apply: -->
|
15
|
-
- Bug fix (non-breaking change which fixes an issue)
|
16
|
-
- New feature (non-breaking change which adds functionality)
|
17
|
-
- Breaking change (fix or feature that would cause existing functionality to change)
|
18
|
-
|
19
|
-
|
20
|
-
## Checklist:
|
21
|
-
<!--- After submitting the PR, check all of the boxes that apply. -->
|
22
|
-
- [ ] I have updated the documentation accordingly (or changes are not required).
|
23
|
-
- [ ] I have added tests to cover my changes (or new tests are not required).
|
24
|
-
- [ ] All new and existing tests passed.
|
data/.github/SECURITY.md
DELETED
@@ -1,35 +0,0 @@
|
|
1
|
-
# Reporting security issues
|
2
|
-
|
3
|
-
Thanks for your interest in making Recog more secure! If you feel
|
4
|
-
that you have found a security issue involving Metasploit, Meterpreter,
|
5
|
-
Recog, or any other Rapid7 open source project, you are welcome to let
|
6
|
-
us know in the way that's most comfortable for you.
|
7
|
-
|
8
|
-
## Via ZenDesk
|
9
|
-
|
10
|
-
You can click on the big blue button at [Rapid7's Vulnerability
|
11
|
-
Disclosure][r7-vulns] page, which will get you to our general
|
12
|
-
vulnerability reporting system. While this does require a (free) ZenDesk
|
13
|
-
account to use, you'll get regular updates on your issue as our software
|
14
|
-
support teams work through it. As it happens [that page][r7-vulns] also
|
15
|
-
will tell you what to expect when it comes to reporting vulns, how fast
|
16
|
-
we'll fix and respond, and all the rest, so it's a pretty good read
|
17
|
-
regardless.
|
18
|
-
|
19
|
-
## Via email
|
20
|
-
|
21
|
-
If you're more of a traditionalist, you can email your finding to
|
22
|
-
security@rapid7.com. If you like, you can use our [PGP key][pgp] to
|
23
|
-
encrypt your messages, but we certainly don't mind cleartext reports
|
24
|
-
over email.
|
25
|
-
|
26
|
-
## NOT via GitHub Issues
|
27
|
-
|
28
|
-
Please don't! Disclosing security vulnerabilities to public bug trackers
|
29
|
-
is kind of mean, even when it's well-intentioned, since you end up
|
30
|
-
dropping 0-day on pretty much everyone right out of the gate. We'd prefer
|
31
|
-
you didn't!
|
32
|
-
|
33
|
-
[r7-vulns]:https://www.rapid7.com/security/disclosure/
|
34
|
-
[pgp]:https://keybase.io/rapid7/pgp_keys.asc?fingerprint=9a90aea0576cbcafa39c502ba5e16807959d3eda
|
35
|
-
|