recog 2.3.23 → 3.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/LICENSE +1 -1
- data/README.md +25 -16
- data/Rakefile +2 -9
- data/lib/recog/db_manager.rb +1 -1
- data/lib/recog/version.rb +1 -1
- data/{bin → recog/bin}/recog_match +0 -1
- data/{xml → recog/xml}/apache_modules.xml +0 -0
- data/{xml → recog/xml}/apache_os.xml +0 -0
- data/{xml → recog/xml}/architecture.xml +0 -0
- data/{xml → recog/xml}/dhcp_vendor_class.xml +9 -9
- data/{xml → recog/xml}/dns_versionbind.xml +0 -0
- data/{xml → recog/xml}/favicons.xml +63 -1
- data/{xml → recog/xml}/fingerprints.xsd +0 -0
- data/{xml → recog/xml}/ftp_banners.xml +0 -0
- data/{xml → recog/xml}/h323_callresp.xml +0 -0
- data/{xml → recog/xml}/hp_pjl_id.xml +0 -0
- data/{xml → recog/xml}/html_title.xml +47 -0
- data/{xml → recog/xml}/http_cookies.xml +19 -0
- data/{xml → recog/xml}/http_servers.xml +74 -1
- data/{xml → recog/xml}/http_wwwauth.xml +13 -0
- data/{xml → recog/xml}/imap_banners.xml +0 -0
- data/{xml → recog/xml}/ldap_searchresult.xml +0 -0
- data/{xml → recog/xml}/mdns_device-info_txt.xml +0 -0
- data/{xml → recog/xml}/mdns_workstation_txt.xml +0 -0
- data/{xml → recog/xml}/mysql_banners.xml +0 -0
- data/{xml → recog/xml}/mysql_error.xml +0 -0
- data/{xml → recog/xml}/nntp_banners.xml +0 -0
- data/{xml → recog/xml}/ntp_banners.xml +0 -0
- data/{xml → recog/xml}/operating_system.xml +0 -0
- data/{xml → recog/xml}/pop_banners.xml +0 -0
- data/{xml → recog/xml}/rsh_resp.xml +0 -0
- data/{xml → recog/xml}/rtsp_servers.xml +0 -0
- data/{xml → recog/xml}/sip_banners.xml +0 -0
- data/{xml → recog/xml}/sip_user_agents.xml +0 -0
- data/{xml → recog/xml}/smb_native_lm.xml +0 -0
- data/{xml → recog/xml}/smb_native_os.xml +0 -0
- data/{xml → recog/xml}/smtp_banners.xml +0 -0
- data/{xml → recog/xml}/smtp_debug.xml +0 -0
- data/{xml → recog/xml}/smtp_ehlo.xml +0 -0
- data/{xml → recog/xml}/smtp_expn.xml +0 -0
- data/{xml → recog/xml}/smtp_help.xml +0 -0
- data/{xml → recog/xml}/smtp_mailfrom.xml +0 -0
- data/{xml → recog/xml}/smtp_noop.xml +0 -0
- data/{xml → recog/xml}/smtp_quit.xml +0 -0
- data/{xml → recog/xml}/smtp_rcptto.xml +0 -0
- data/{xml → recog/xml}/smtp_rset.xml +0 -0
- data/{xml → recog/xml}/smtp_turn.xml +0 -0
- data/{xml → recog/xml}/smtp_vrfy.xml +0 -0
- data/{xml → recog/xml}/snmp_sysdescr.xml +21 -6
- data/{xml → recog/xml}/snmp_sysobjid.xml +11 -0
- data/{xml → recog/xml}/ssh_banners.xml +0 -0
- data/{xml → recog/xml}/telnet_banners.xml +34 -1
- data/{xml → recog/xml}/tls_jarm.xml +8 -0
- data/{xml → recog/xml}/x11_banners.xml +0 -0
- data/{xml → recog/xml}/x509_issuers.xml +13 -2
- data/{xml → recog/xml}/x509_subjects.xml +0 -0
- data/recog.gemspec +9 -5
- data/spec/spec_helper.rb +4 -0
- metadata +56 -145
- data/.github/ISSUE_TEMPLATE/bug_report.md +0 -37
- data/.github/ISSUE_TEMPLATE/feature_request.md +0 -17
- data/.github/ISSUE_TEMPLATE/fingerprint_request.md +0 -27
- data/.github/PULL_REQUEST_TEMPLATE +0 -24
- data/.github/SECURITY.md +0 -35
- data/.github/dependabot.yml +0 -8
- data/.github/workflows/ci.yml +0 -26
- data/.github/workflows/verify.yml +0 -89
- data/.gitignore +0 -23
- data/.rspec +0 -3
- data/.ruby-gemset +0 -1
- data/.ruby-version +0 -1
- data/.snyk +0 -10
- data/.travis.yml +0 -25
- data/.vscode/bin/monitor-recog-fingerprints.sh +0 -54
- data/.vscode/extensions.json +0 -5
- data/.vscode/settings.json +0 -8
- data/.vscode/tasks.json +0 -77
- data/CONTRIBUTING.md +0 -278
- data/bin/recog_cleanup +0 -16
- data/bin/recog_export +0 -81
- data/bin/recog_standardize +0 -163
- data/bin/recog_verify +0 -98
- data/cpe-remap.yaml +0 -374
- data/features/data/failing_banners_fingerprints.xml +0 -20
- data/features/data/matching_banners_fingerprints.xml +0 -23
- data/features/data/multiple_banners_fingerprints.xml +0 -32
- data/features/data/no_tests.xml +0 -3
- data/features/data/sample_banner.txt +0 -2
- data/features/data/schema_failure.xml +0 -4
- data/features/data/successful_tests.xml +0 -18
- data/features/data/tests_with_failures.xml +0 -26
- data/features/data/tests_with_warnings.xml +0 -17
- data/features/match.feature +0 -36
- data/features/support/aruba.rb +0 -3
- data/features/support/env.rb +0 -6
- data/features/support/hooks.rb +0 -9
- data/features/verify.feature +0 -112
- data/identifiers/README.md +0 -70
- data/identifiers/fields.txt +0 -105
- data/identifiers/hw_device.txt +0 -86
- data/identifiers/hw_family.txt +0 -121
- data/identifiers/hw_product.txt +0 -463
- data/identifiers/os_architecture.txt +0 -10
- data/identifiers/os_device.txt +0 -77
- data/identifiers/os_family.txt +0 -235
- data/identifiers/os_product.txt +0 -357
- data/identifiers/service_family.txt +0 -249
- data/identifiers/service_product.txt +0 -778
- data/identifiers/vendor.txt +0 -859
- data/misc/convert_mysql_err +0 -61
- data/misc/order.xsl +0 -17
- data/requirements.txt +0 -2
- data/spec/lib/fingerprint_self_test_spec.rb +0 -175
- data/tools/dev/hooks/pre-commit +0 -21
- data/update_cpes.py +0 -343
data/.github/workflows/ci.yml
DELETED
@@ -1,26 +0,0 @@
|
|
1
|
-
name: CI
|
2
|
-
|
3
|
-
on: [push, pull_request]
|
4
|
-
|
5
|
-
jobs:
|
6
|
-
test:
|
7
|
-
name: 'Ruby: ${{ matrix.ruby-version }}'
|
8
|
-
runs-on: ubuntu-latest
|
9
|
-
strategy:
|
10
|
-
fail-fast: false
|
11
|
-
matrix:
|
12
|
-
ruby-version: ['2.5', '2.6', '2.7', '3.0', 'jruby-9.2.20.1', 'jruby']
|
13
|
-
|
14
|
-
steps:
|
15
|
-
- uses: actions/checkout@v2
|
16
|
-
- name: Set up Ruby
|
17
|
-
uses: ruby/setup-ruby@v1
|
18
|
-
with:
|
19
|
-
ruby-version: ${{ matrix.ruby-version }}
|
20
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
21
|
-
- name: Run tests
|
22
|
-
run: |
|
23
|
-
bundle exec rake --version
|
24
|
-
bundle exec rake tests
|
25
|
-
env:
|
26
|
-
JRUBY_OPTS: --server -J-Xms512m -J-Xmx2G
|
@@ -1,89 +0,0 @@
|
|
1
|
-
name: Verify
|
2
|
-
|
3
|
-
on:
|
4
|
-
push:
|
5
|
-
branches:
|
6
|
-
- master
|
7
|
-
paths:
|
8
|
-
- 'xml/**.xml'
|
9
|
-
pull_request:
|
10
|
-
paths:
|
11
|
-
- 'xml/**.xml'
|
12
|
-
|
13
|
-
jobs:
|
14
|
-
standardize:
|
15
|
-
name: 'Standardize'
|
16
|
-
runs-on: ubuntu-latest
|
17
|
-
strategy:
|
18
|
-
fail-fast: false
|
19
|
-
|
20
|
-
steps:
|
21
|
-
- uses: actions/checkout@v2
|
22
|
-
- uses: ruby/setup-ruby@v1
|
23
|
-
with:
|
24
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
25
|
-
- name: Run recog standardize
|
26
|
-
run: bundle exec bin/recog_standardize xml/*.xml
|
27
|
-
ruby-verify:
|
28
|
-
name: 'Ruby Verify'
|
29
|
-
runs-on: ubuntu-latest
|
30
|
-
strategy:
|
31
|
-
fail-fast: false
|
32
|
-
|
33
|
-
steps:
|
34
|
-
- name: Checkout Ruby implementation
|
35
|
-
uses: actions/checkout@v2
|
36
|
-
- uses: ruby/setup-ruby@v1
|
37
|
-
with:
|
38
|
-
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
39
|
-
- name: Run recog verify
|
40
|
-
run: bundle exec recog_verify --schema-location xml/fingerprints.xsd --no-warnings xml/*.xml
|
41
|
-
java-verify:
|
42
|
-
name: 'Java Verify'
|
43
|
-
runs-on: ubuntu-latest
|
44
|
-
strategy:
|
45
|
-
fail-fast: false
|
46
|
-
|
47
|
-
steps:
|
48
|
-
- name: Checkout Java implementation
|
49
|
-
uses: actions/checkout@v2
|
50
|
-
with:
|
51
|
-
repository: rapid7/recog-java
|
52
|
-
- name: Checkout recog content
|
53
|
-
uses: actions/checkout@v2
|
54
|
-
with:
|
55
|
-
path: recog-content
|
56
|
-
- uses: actions/setup-java@v2
|
57
|
-
with:
|
58
|
-
distribution: zulu
|
59
|
-
java-version: '17'
|
60
|
-
- name: Cache Maven packages
|
61
|
-
uses: actions/cache@v2
|
62
|
-
with:
|
63
|
-
path: ~/.m2
|
64
|
-
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
65
|
-
restore-keys: ${{ runner.os }}-m2
|
66
|
-
- name: Build with Maven
|
67
|
-
run: mvn --batch-mode --no-transfer-progress install -Dmaven.antrun.skip=true -DskipTests
|
68
|
-
- name: Run recog verify
|
69
|
-
run: mvn --batch-mode --no-transfer-progress --projects recog-verify exec:java -Dexec.mainClass="com.rapid7.recog.verify.RecogVerifier" -Dexec.args="--no-warnings recog-content/xml/*.xml"
|
70
|
-
go-verify:
|
71
|
-
name: 'Go Verify'
|
72
|
-
runs-on: ubuntu-latest
|
73
|
-
strategy:
|
74
|
-
fail-fast: false
|
75
|
-
|
76
|
-
steps:
|
77
|
-
- name: Checkout Go implementation
|
78
|
-
uses: actions/checkout@v2
|
79
|
-
with:
|
80
|
-
repository: RumbleDiscovery/recog-go
|
81
|
-
- name: Checkout recog content
|
82
|
-
uses: actions/checkout@v2
|
83
|
-
with:
|
84
|
-
path: recog-content
|
85
|
-
- uses: actions/setup-go@v2
|
86
|
-
with:
|
87
|
-
go-version: '^1.17.1'
|
88
|
-
- name: Run recog verify
|
89
|
-
run: go run cmd/recog_verify/main.go recog-content/xml/
|
data/.gitignore
DELETED
@@ -1,23 +0,0 @@
|
|
1
|
-
# Ruby and tooling specific
|
2
|
-
.yardoc
|
3
|
-
coverage/
|
4
|
-
doc/
|
5
|
-
pkg/
|
6
|
-
|
7
|
-
/Gemfile.lock
|
8
|
-
|
9
|
-
#Python specific
|
10
|
-
venv
|
11
|
-
|
12
|
-
# IDE specific
|
13
|
-
.vscode/
|
14
|
-
.idea
|
15
|
-
|
16
|
-
# Misc
|
17
|
-
**/.DS_Store
|
18
|
-
|
19
|
-
# CPE XML
|
20
|
-
official-cpe-dictionary*.xml
|
21
|
-
|
22
|
-
# CPE Remap Errors
|
23
|
-
errors.txt
|
data/.rspec
DELETED
data/.ruby-gemset
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
recog
|
data/.ruby-version
DELETED
@@ -1 +0,0 @@
|
|
1
|
-
2.6.6
|
data/.snyk
DELETED
@@ -1,10 +0,0 @@
|
|
1
|
-
# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
|
2
|
-
python: 3.6.0
|
3
|
-
version: v1.14.1
|
4
|
-
# ignores vulnerabilities until expiry date; change duration by modifying expiry date
|
5
|
-
ignore:
|
6
|
-
SNYK-PYTHON-PYYAML-590151:
|
7
|
-
- pyyaml:
|
8
|
-
reason: Project doesn't use vulnerable code path.
|
9
|
-
expires: 2021-06-01T00:00:00.000Z
|
10
|
-
patch: {}
|
data/.travis.yml
DELETED
@@ -1,25 +0,0 @@
|
|
1
|
-
language: ruby
|
2
|
-
sudo: false
|
3
|
-
cache: bundler
|
4
|
-
rvm:
|
5
|
-
- '2.5.8'
|
6
|
-
- '2.6.6'
|
7
|
-
- 'jruby-9.1.9.0'
|
8
|
-
jdk:
|
9
|
-
- openjdk8
|
10
|
-
matrix:
|
11
|
-
allow_failures:
|
12
|
-
- rvm: 'jruby-9.1.9.0'
|
13
|
-
before_install:
|
14
|
-
- "echo 'gem: --no-ri --no-rdoc' > ~/.gemrc"
|
15
|
-
- rake --version
|
16
|
-
before_script:
|
17
|
-
- bundle exec rake --version
|
18
|
-
script: bundle exec rake tests
|
19
|
-
env:
|
20
|
-
global:
|
21
|
-
- CI="travis"
|
22
|
-
- JRUBY_OPTS="--server -J-Xms512m -J-Xmx2G"
|
23
|
-
branches:
|
24
|
-
only:
|
25
|
-
- master
|
@@ -1,54 +0,0 @@
|
|
1
|
-
#!/bin/bash
|
2
|
-
|
3
|
-
ARGS=()
|
4
|
-
while [[ $# -gt 0 ]]; do
|
5
|
-
case $1 in
|
6
|
-
-s|--schema-location)
|
7
|
-
VALIDATE_SCHEMA="--schema-location $2"
|
8
|
-
shift
|
9
|
-
shift
|
10
|
-
;;
|
11
|
-
-*|--*)
|
12
|
-
echo "Unknown option $1"
|
13
|
-
exit 1
|
14
|
-
;;
|
15
|
-
*)
|
16
|
-
ARGS+=("$1")
|
17
|
-
shift
|
18
|
-
;;
|
19
|
-
esac
|
20
|
-
done
|
21
|
-
set -- "${ARGS[@]}"
|
22
|
-
|
23
|
-
if [ $# -eq 0 ]
|
24
|
-
then
|
25
|
-
echo "Usage: $(basename $0) [--schema-location SCHEMA_LOCATION] <xml fingerprint directory>"
|
26
|
-
exit 1
|
27
|
-
fi
|
28
|
-
|
29
|
-
if [ ! -d "$1" ]
|
30
|
-
then
|
31
|
-
echo "The XML fingerprint file directory must be supplied."
|
32
|
-
exit 1
|
33
|
-
fi
|
34
|
-
|
35
|
-
bin/recog_verify $VALIDATE_SCHEMA "$1/*.xml"
|
36
|
-
|
37
|
-
if ! type fswatch &>/dev/null;
|
38
|
-
then
|
39
|
-
echo "'fswatch' is required to monitor fingerprint files for changes and update the editor."
|
40
|
-
echo "See: https://emcrisostomo.github.io/fswatch/ or install with:"
|
41
|
-
echo " MacOS Homebrew: brew install fswatch"
|
42
|
-
echo " Ubuntu/Debian: apt install fswatch"
|
43
|
-
echo
|
44
|
-
echo "Otherwise, you can re-run this task using the Visual Studio Code command palette"
|
45
|
-
exit 1
|
46
|
-
fi
|
47
|
-
|
48
|
-
echo "Waiting for changes..."
|
49
|
-
fswatch -0 $1 | while read -d "" event; do {
|
50
|
-
echo "Changes detected, validating: ${event}"
|
51
|
-
# TODO: VSCode doesn't support individual/incremental updates to files yet.
|
52
|
-
bin/recog_verify $VALIDATE_SCHEMA "$1/*.xml"
|
53
|
-
echo "Waiting for changes..."
|
54
|
-
}; done
|
data/.vscode/extensions.json
DELETED
data/.vscode/settings.json
DELETED
data/.vscode/tasks.json
DELETED
@@ -1,77 +0,0 @@
|
|
1
|
-
{
|
2
|
-
"version": "2.0.0",
|
3
|
-
"tasks": [
|
4
|
-
{
|
5
|
-
"label": "Recog Verify - Background Monitor",
|
6
|
-
"command": ".vscode/bin/monitor-recog-fingerprints.sh",
|
7
|
-
"args": [
|
8
|
-
"--schema-location",
|
9
|
-
"xml/fingerprints.xsd",
|
10
|
-
"${workspaceFolder}/xml"
|
11
|
-
],
|
12
|
-
"windows": {
|
13
|
-
"command": ""
|
14
|
-
},
|
15
|
-
"type": "process",
|
16
|
-
"isBackground": true,
|
17
|
-
"problemMatcher": {
|
18
|
-
"owner": "recog",
|
19
|
-
"fileLocation": [
|
20
|
-
"absolute"
|
21
|
-
],
|
22
|
-
"pattern": {
|
23
|
-
"regexp": "^(.*):(\\d+):\\s+(WARN|FAIL):\\s+(.*)$",
|
24
|
-
"file": 1,
|
25
|
-
"severity": 3,
|
26
|
-
"message": 4,
|
27
|
-
"location": 2
|
28
|
-
},
|
29
|
-
"background": {
|
30
|
-
"activeOnStart": true,
|
31
|
-
"beginsPattern": "^Changes detected",
|
32
|
-
"endsPattern": "^Waiting for changes"
|
33
|
-
},
|
34
|
-
},
|
35
|
-
"presentation": {
|
36
|
-
"reveal": "always",
|
37
|
-
"revealProblems": "onProblem"
|
38
|
-
},
|
39
|
-
"runOptions": {
|
40
|
-
"runOn": "folderOpen"
|
41
|
-
}
|
42
|
-
},
|
43
|
-
{
|
44
|
-
"label": "Recog Verify",
|
45
|
-
"command": "bin/recog_verify",
|
46
|
-
"args": [
|
47
|
-
"--schema-location",
|
48
|
-
"xml/fingerprints.xsd",
|
49
|
-
"${workspaceFolder}/xml/*.xml"
|
50
|
-
],
|
51
|
-
"windows": {
|
52
|
-
"command": ""
|
53
|
-
},
|
54
|
-
"type": "process",
|
55
|
-
"problemMatcher": {
|
56
|
-
"owner": "recog",
|
57
|
-
"fileLocation": [
|
58
|
-
"absolute"
|
59
|
-
],
|
60
|
-
"pattern": {
|
61
|
-
"regexp": "^(.*):(\\d+):\\s+(WARN|FAIL):\\s+(.*)$",
|
62
|
-
"file": 1,
|
63
|
-
"severity": 3,
|
64
|
-
"message": 4,
|
65
|
-
"location": 2
|
66
|
-
}
|
67
|
-
},
|
68
|
-
"presentation": {
|
69
|
-
"reveal": "always",
|
70
|
-
"revealProblems": "onProblem"
|
71
|
-
},
|
72
|
-
"runOptions": {
|
73
|
-
"runOn": "folderOpen"
|
74
|
-
}
|
75
|
-
}
|
76
|
-
]
|
77
|
-
}
|
data/CONTRIBUTING.md
DELETED
@@ -1,278 +0,0 @@
|
|
1
|
-
# Contributing to Recog
|
2
|
-
|
3
|
-
The users and maintainers of Recog would greatly appreciate any contributions
|
4
|
-
you can make to the project. These contributions typically come in the form of
|
5
|
-
filed bugs/issues or pull requests (PRs). These contributions routinely result
|
6
|
-
in new versions of the [recog gem](https://rubygems.org/gems/recog) being
|
7
|
-
released. The process for everything is described below.
|
8
|
-
|
9
|
-
## Table of Contents
|
10
|
-
|
11
|
-
1. [Contributing Issues / Bug Reports](#contributing-issues-/-bug-reports)
|
12
|
-
1. [Contributing Code](#contributing-code)
|
13
|
-
1. [Fork and Clone](#fork-and-clone)
|
14
|
-
1. [Branch and Improve](#branch-and-improve)
|
15
|
-
1. [Testing](#testing)
|
16
|
-
1. [Fingerprints](#fingerprints)
|
17
|
-
1. [Best Practices](#best-practices)
|
18
|
-
1. [Fingerprint Testing](#fingerprint-testing)
|
19
|
-
1. [Updating CPEs](#updating-cpes)
|
20
|
-
1. [Project Operations](#project-operations)
|
21
|
-
1. [Landing PRs](#landing-prs)
|
22
|
-
1. [Releasing New Versions](#releasing-new-versions)
|
23
|
-
|
24
|
-
## Contributing Issues / Bug Reports
|
25
|
-
|
26
|
-
If you encounter any bugs or problems with Recog, please file them
|
27
|
-
[here](https://github.com/rapid7/recog/issues/new), providing as much detail as
|
28
|
-
possible. If the bug is straight-forward enough and you understand the fix for
|
29
|
-
the bug well enough, you may take the simpler, less-paperwork route and simply
|
30
|
-
fill a PR with the fix and the necessary details.
|
31
|
-
|
32
|
-
[^back to top](#contributing-to-recog)
|
33
|
-
|
34
|
-
## Contributing Code
|
35
|
-
|
36
|
-
Recog uses a model nearly identical to that of
|
37
|
-
[Metasploit](https://github.com/rapid7/metasploit-framework) as outlined
|
38
|
-
[here](https://github.com/rapid7/metasploit-framework/wiki/Setting-Up-a-Metasploit-Development-Environment),
|
39
|
-
at least from a ```git``` perspective. If you've been through that process
|
40
|
-
(or, even better, you've been through it many times with many people), you can
|
41
|
-
do exactly what you did for Metasploit but with Recog and ignore the rest of
|
42
|
-
this document.
|
43
|
-
|
44
|
-
On the other hand, if you haven't, read on!
|
45
|
-
|
46
|
-
[^back to top](#contributing-to-recog)
|
47
|
-
|
48
|
-
### Fork and Clone
|
49
|
-
|
50
|
-
Generally, this should only need to be done once, or if you need to start over.
|
51
|
-
|
52
|
-
1. Fork Recog: Visit https://github.com/rapid7/recog and click Fork,
|
53
|
-
selecting your github account if prompted
|
54
|
-
1. Clone `git@github.com:<your-github-username>/recog.git`, replacing
|
55
|
-
`<your-github-username>` with, you guessed it, your Github username.
|
56
|
-
1. Add the master Recog repository as your upstream:
|
57
|
-
|
58
|
-
```bash
|
59
|
-
git remote add upstream git://github.com/rapid7/recog.git
|
60
|
-
```
|
61
|
-
|
62
|
-
1. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
|
63
|
-
|
64
|
-
```bash
|
65
|
-
[remote "upstream"]
|
66
|
-
url = git@github.com:rapid7/recog.git
|
67
|
-
fetch = +refs/heads/*:refs/remotes/upstream/*
|
68
|
-
fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
|
69
|
-
```
|
70
|
-
|
71
|
-
1. Fetch the latest revisions, including PRs:
|
72
|
-
|
73
|
-
```bash
|
74
|
-
git fetch --all
|
75
|
-
```
|
76
|
-
|
77
|
-
1. Set up git hooks to help identify potential issues with your contributions:
|
78
|
-
|
79
|
-
```bash
|
80
|
-
ln -sf ../../tools/dev/hooks/pre-commit .git/hooks/pre-commit
|
81
|
-
```
|
82
|
-
|
83
|
-
[^back to top](#contributing-to-recog)
|
84
|
-
|
85
|
-
### Branch and Improve
|
86
|
-
|
87
|
-
If you have a contribution to make, first create a branch to contain your
|
88
|
-
work. The name is yours to choose, however generally it should roughly
|
89
|
-
describe what you are doing. In this example, and from here on out, the
|
90
|
-
branch will be FOO, but you should obviously change this:
|
91
|
-
|
92
|
-
```bash
|
93
|
-
git fetch --all
|
94
|
-
git checkout master
|
95
|
-
git rebase upstream/master
|
96
|
-
git checkout -b FOO
|
97
|
-
```
|
98
|
-
|
99
|
-
Now, make your changes, commit as necessary with useful commit messages.
|
100
|
-
|
101
|
-
Please note that changes to [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) in PRs are almost never necessary.
|
102
|
-
|
103
|
-
Now push your changes to your fork:
|
104
|
-
|
105
|
-
```bash
|
106
|
-
git push origin FOO
|
107
|
-
```
|
108
|
-
|
109
|
-
Finally, submit the PR. Navigate to ```https://github.com/<your-github-username>/recog/compare/FOO```, fill in the details and submit.
|
110
|
-
|
111
|
-
[^back to top](#contributing-to-recog)
|
112
|
-
|
113
|
-
### Testing
|
114
|
-
|
115
|
-
When your PR is submitted, it will be automatically subjected to the full run of tests in [Travis](https://travis-ci.org/rapid7/recog/), however you are encourage to perform testing _before_ submitting the PR. To do this, simply run `rake tests`.
|
116
|
-
|
117
|
-
[^back to top](#contributing-to-recog)
|
118
|
-
|
119
|
-
## Fingerprints
|
120
|
-
|
121
|
-
### Best Practices
|
122
|
-
|
123
|
-
* Create a single fingerprint for each product as long as the pattern remains clear and readable. If that is not possible, the pattern should be logically decomposed into additional fingerprints.
|
124
|
-
|
125
|
-
* Create regular expressions that allow for flexible version number matching. This ensures greater probability of matching a product. For example, all known public releases of a product report either `major.minor` or `major.minor.build` format version numbers. If the fingerprint strictly matches this version number format, it would fail to match a modified build of the product that reports only a `major` version number format.
|
126
|
-
|
127
|
-
[^back to top](#contributing-to-recog)
|
128
|
-
|
129
|
-
### Fingerprint Testing
|
130
|
-
|
131
|
-
Once a fingerprint has been added, the `example` entries can be tested by executing `bin/recog_verify` against the fingerprint file:
|
132
|
-
|
133
|
-
```shell
|
134
|
-
bin/recog_verify xml/ssh_banners.xml
|
135
|
-
```
|
136
|
-
|
137
|
-
Matches can be tested on the command-line in a similar fashion:
|
138
|
-
|
139
|
-
```shell
|
140
|
-
$ echo 'OpenSSH_6.6p1 Ubuntu-2ubuntu1' | bin/recog_match xml/ssh_banners.xml -
|
141
|
-
MATCH: {"matched"=>"OpenSSH running on Ubuntu 14.04", "service.version"=>"6.6p1", "openssh.comment"=>"Ubuntu-2ubuntu1", "service.vendor"=>"OpenBSD", "service.family"=>"OpenSSH", "service.product"=>"OpenSSH", "os.vendor"=>"Ubuntu", "os.device"=>"General", "os.family"=>"Linux", "os.product"=>"Linux", "os.version"=>"14.04", "service.protocol"=>"ssh", "fingerprint_db"=>"ssh.banner", "data"=>"OpenSSH_6.6p1 Ubuntu-2ubuntu1"}
|
142
|
-
```
|
143
|
-
|
144
|
-
Additionally, in Visual Studio Code, there is a task (.vscode/tasks.json) which will automatically run recog_verify in the background to watch all the XML fingerprint files (under the xml/ subdirectory of this repository). Additionally, if [fswatch](https://github.com/emcrisostomo/fswatch) is installed, whenever XML fingerprint files are added or modified this task will automatically update the Visual Studio Code user interface and highlight any errors or warnings discovered through recog_verify on the correct file/line. You can also manually run the task by bringing up the Visual Studio Code command menu (cmd + shift + P on mac, or ctrl + shift + P for linux/windows) -> Tasks: Run Task -> Recog Verify). Note that in order for the task to run successfully, you must have a valid ruby installed on your PATH with the gems from `bundle install` installed using bundler for that ruby engine. JRuby is not supported as it has issues related to line numbering due to a bug in Nokogiri.
|
145
|
-
|
146
|
-
[^back to top](#contributing-to-recog)
|
147
|
-
|
148
|
-
|
149
|
-
### Standardizing Vendors, Products, and Services
|
150
|
-
|
151
|
-
Given the number of fingerprints in Recog, it can be common for specific products, vendors, or services to be identified with different spellings and casing.
|
152
|
-
To limit the creep of slightly-different-names, the `bin/recog_standardize` script can be used to extract all identifiers and merge them into the known lists.
|
153
|
-
|
154
|
-
To get started, run the `recog_standardize` tool:
|
155
|
-
```shell
|
156
|
-
ruby bin/recog_standardize
|
157
|
-
```
|
158
|
-
|
159
|
-
Review any new additions to the text files under `identifiers/`. If any of these names are close to an existing name, update the offending fingerprint to use
|
160
|
-
the existing name instead. Once the fingerprints are fixed, removed the "extra" names from the identifiers files, and run the tool again.
|
161
|
-
|
162
|
-
|
163
|
-
[^back to top](#contributing-to-recog)
|
164
|
-
|
165
|
-
|
166
|
-
### Updating CPEs
|
167
|
-
|
168
|
-
There exists some automation to update the CPEs that might be asserted with
|
169
|
-
some recog fingerprints. This should be run periodically to ensure that all
|
170
|
-
fingerprints that could have CPEs do, etc.
|
171
|
-
|
172
|
-
First, setup a python3 venv:
|
173
|
-
|
174
|
-
```bash
|
175
|
-
python3 -m venv venv
|
176
|
-
source venv/{bin,Scripts}/activate
|
177
|
-
pip install -r requirements.txt
|
178
|
-
```
|
179
|
-
|
180
|
-
Download the latest CPE 2.3 dictionary:
|
181
|
-
|
182
|
-
```bash
|
183
|
-
curl -o official-cpe-dictionary_v2.3.xml.gz https://nvd.nist.gov/feeds/xml/cpe/dictionary/official-cpe-dictionary_v2.3.xml.gz && \
|
184
|
-
gunzip official-cpe-dictionary_v2.3.xml.gz
|
185
|
-
```
|
186
|
-
|
187
|
-
Run the CPE automation against every XML file:
|
188
|
-
|
189
|
-
```bash
|
190
|
-
# Update the CPEs (sequentially)
|
191
|
-
ls xml/*.xml | xargs -i python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml 2>>errors.txt
|
192
|
-
```
|
193
|
-
|
194
|
-
You may want to use GNU `parallel` to speed things up:
|
195
|
-
```bash
|
196
|
-
# Update the CPEs (with GNU Parallel)
|
197
|
-
ls xml/*.xml | parallel --gnu "python update_cpes.py {} official-cpe-dictionary_v2.3.xml cpe-remap.yaml" 2>>errors.txt
|
198
|
-
```
|
199
|
-
|
200
|
-
Clean up the whitespace across all fingerprints:
|
201
|
-
```bash
|
202
|
-
ruby bin/recog_cleanup
|
203
|
-
```
|
204
|
-
|
205
|
-
Any mismatched fingerprints will be listed in `errors.txt` for eventual
|
206
|
-
maintenance. The `cpe-remap.yaml` file can be used to map between
|
207
|
-
vendor/product/etc differences between Recog and CPE, or to work around bugs in
|
208
|
-
either.
|
209
|
-
|
210
|
-
[^back to top](#contributing-to-recog)
|
211
|
-
|
212
|
-
## Project Operations
|
213
|
-
|
214
|
-
### Landing PRs
|
215
|
-
|
216
|
-
(Note: this portion is a work-in-progress. Please update it as things change)
|
217
|
-
|
218
|
-
Much like with the process of submitting PRs, Recog's process for landing PRs
|
219
|
-
is very similar to [Metasploit's process for landing
|
220
|
-
PRs](https://github.com/rapid7/metasploit-framework/wiki/Landing-Pull-Requests).
|
221
|
-
In short:
|
222
|
-
|
223
|
-
1. Follow the "Fork and Clone" steps from above
|
224
|
-
2. Update your `.git/config` to ensure that the `remote ["upstream"]` section is configured to pull both branches and PRs from upstream. It should look something like the following, in particular the second `fetch` option:
|
225
|
-
|
226
|
-
```bash
|
227
|
-
[remote "upstream"]
|
228
|
-
url = git@github.com:rapid7/recog.git
|
229
|
-
fetch = +refs/heads/*:refs/remotes/upstream/*
|
230
|
-
fetch = +refs/pull/*/head:refs/remotes/upstream/pr/*
|
231
|
-
```
|
232
|
-
|
233
|
-
3. Fetch the latest revisions, including PRs:
|
234
|
-
|
235
|
-
```bash
|
236
|
-
git fetch --all
|
237
|
-
```
|
238
|
-
|
239
|
-
4. Checkout and branch the PR for testing. Replace ```PR``` below with the actual PR # in question:
|
240
|
-
|
241
|
-
```bash
|
242
|
-
git checkout -b landing-PR upstream/pr/PR
|
243
|
-
```
|
244
|
-
|
245
|
-
5. Test the PR (see the Testing section above)
|
246
|
-
6. Merge with master, re-test, validate and push:
|
247
|
-
|
248
|
-
```bash
|
249
|
-
git checkout -b upstream-master --track upstream/master
|
250
|
-
git merge -S --no-ff --edit landing-PR # merge the PR into upstream-master
|
251
|
-
|
252
|
-
# re-test if/as necessary
|
253
|
-
git push upstream upstream-master:master --dry-run # confirm you are pushing what you expect
|
254
|
-
|
255
|
-
git push upstream upstream-master:master # push upstream-master to upstream:master
|
256
|
-
```
|
257
|
-
|
258
|
-
7. If applicable, release a new version (see next section)
|
259
|
-
|
260
|
-
[^back to top](#contributing-to-recog)
|
261
|
-
|
262
|
-
### Releasing New Versions
|
263
|
-
|
264
|
-
When Recog's critical parts are modified, for example its fingerprints or underlying supporting code, a new version _must_ eventually be released. These new releases can then be optionally included in projects such as Metasploit or products such as Rapid7's Nexpose in a controlled manner. Releases for non-functional updates such as updates to documentation are not necessary.
|
265
|
-
|
266
|
-
When a new version of Recog is to be released, you _must_ follow the instructions below.
|
267
|
-
|
268
|
-
1. If are not already a Recog project contributor for the Recog gem (you'd be listed [here under OWNERS](https://rubygems.org/gems/recog)), become one:
|
269
|
-
1. Get an account on [Rubygems](https://rubygems.org)
|
270
|
-
1. Contact one of the Recog project contributors (listed [here under OWNERS](https://rubygems.org/gems/recog) and have them add you to the Recog gem. They'll need to run: `gem owner recog -a EMAIL`
|
271
|
-
|
272
|
-
1. Edit [lib/recog/version.rb](https://github.com/rapid7/recog/blob/master/lib/recog/version.rb) and increment `VERSION`. Commit and push to rapid7/recog master.
|
273
|
-
|
274
|
-
1. Run `rake release`. Among other things, this creates the new gem, uploads it to Rubygems and tags the release with a tag like `v<VERSION>`, where `<VERSION>` is replaced with the version from `version.rb`. For example, if you release version 1.2.3 of the gem, the tag will be `v1.2.3`.
|
275
|
-
|
276
|
-
1. If your default remote repository is not `rapid7/recog`, you must ensure that the tags created in the previous step are also pushed to the right location(s). For example, if `origin` is your fork of recog and `upstream` is `rapid7/master`, you should run `git push --tags --dry-run upstream` to confirm what tags will be pushed and then `git push --tags upstream` to push the tags.
|
277
|
-
|
278
|
-
[^back to top](#contributing-to-recog)
|
data/bin/recog_cleanup
DELETED
@@ -1,16 +0,0 @@
|
|
1
|
-
#!/usr/bin/env ruby
|
2
|
-
|
3
|
-
$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
|
4
|
-
require 'optparse'
|
5
|
-
require 'ostruct'
|
6
|
-
require 'recog'
|
7
|
-
|
8
|
-
# Cleanup trailing whitespace around fingerprints
|
9
|
-
Dir[ File.expand_path(File.join(File.dirname(__FILE__), "..", "xml")) + "/*.xml" ].each do |f|
|
10
|
-
data = File.read(f).
|
11
|
-
gsub(/\s+$/, ''). # Trailing whitespace and empty lines
|
12
|
-
gsub("</fingerprint>", "</fingerprint>\n"). # Every fingerprint should have an empty line after it
|
13
|
-
gsub("-->", "-->\n") # Every comment should have an empty line after it
|
14
|
-
|
15
|
-
File.write(f, data)
|
16
|
-
end
|