recog 2.3.7 → 2.3.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +9 -2
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +2 -4
- data/CONTRIBUTING.md +136 -37
- data/Gemfile +2 -5
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +142 -0
- data/cpe-remap.yaml +36 -1
- data/features/match.feature +4 -0
- data/features/support/aruba.rb +3 -0
- data/features/verify.feature +5 -0
- data/identifiers/README.md +56 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +20 -0
- data/identifiers/os_device.txt +94 -0
- data/identifiers/os_family.txt +325 -0
- data/identifiers/os_product.txt +420 -0
- data/identifiers/service_family.txt +272 -0
- data/identifiers/service_product.txt +557 -0
- data/identifiers/software_class.txt +26 -0
- data/identifiers/software_family.txt +91 -0
- data/identifiers/software_product.txt +333 -0
- data/identifiers/vendor.txt +891 -0
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -1
- data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
- data/update_cpes.py +4 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +50 -2
- data/xml/architecture.xml +19 -7
- data/xml/dns_versionbind.xml +200 -26
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +276 -16
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1419 -72
- data/xml/http_cookies.xml +77 -10
- data/xml/http_servers.xml +898 -47
- data/xml/http_wwwauth.xml +154 -27
- data/xml/imap_banners.xml +23 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +194 -17
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +554 -45
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +95 -11
- data/xml/operating_system.xml +90 -3
- data/xml/pop_banners.xml +32 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +43 -23
- data/xml/sip_banners.xml +9 -14
- data/xml/sip_user_agents.xml +69 -3
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +80 -2
- data/xml/smtp_banners.xml +233 -13
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +776 -52
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +259 -80
- data/xml/telnet_banners.xml +376 -23
- data/xml/x11_banners.xml +27 -4
- data/xml/x509_issuers.xml +37 -13
- data/xml/x509_subjects.xml +525 -55
- metadata +29 -6
data/xml/operating_system.xml
CHANGED
@@ -1,9 +1,11 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
|
3
3
|
<!--
|
4
4
|
Patterns for common names of various operating systems.
|
5
5
|
-->
|
6
|
+
|
6
7
|
<!-- Windows begin -->
|
8
|
+
|
7
9
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
8
10
|
<description>Windows Server 2003 and later</description>
|
9
11
|
<example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
|
@@ -23,6 +25,7 @@
|
|
23
25
|
<param pos="2" name="os.edition"/>
|
24
26
|
<param pos="3" name="os.version"/>
|
25
27
|
</fingerprint>
|
28
|
+
|
26
29
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
|
27
30
|
<description>Windows 10 Mobile</description>
|
28
31
|
<example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
|
@@ -32,7 +35,9 @@
|
|
32
35
|
<param pos="0" name="os.product" value="Windows 10 Mobile"/>
|
33
36
|
<param pos="1" name="os.edition"/>
|
34
37
|
<param pos="0" name="os.device" value="Mobile"/>
|
38
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
|
35
39
|
</fingerprint>
|
40
|
+
|
36
41
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
37
42
|
<description>Windows Desktop XP and later</description>
|
38
43
|
<example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
|
@@ -50,6 +55,7 @@
|
|
50
55
|
<param pos="2" name="os.edition"/>
|
51
56
|
<param pos="3" name="os.version"/>
|
52
57
|
</fingerprint>
|
58
|
+
|
53
59
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
54
60
|
<description>Windows 2000</description>
|
55
61
|
<example os.edition="Professional">Windows 2000 Professional</example>
|
@@ -61,6 +67,7 @@
|
|
61
67
|
<param pos="2" name="os.version"/>
|
62
68
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
|
63
69
|
</fingerprint>
|
70
|
+
|
64
71
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
|
65
72
|
<description>Windows NT</description>
|
66
73
|
<example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
|
@@ -74,6 +81,7 @@
|
|
74
81
|
<param pos="2" name="os.edition"/>
|
75
82
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
|
76
83
|
</fingerprint>
|
84
|
+
|
77
85
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
|
78
86
|
<description>Windows Phone 7 and later</description>
|
79
87
|
<example os.version="7.5">Windows Phone 7.5</example>
|
@@ -84,6 +92,7 @@
|
|
84
92
|
<param pos="1" name="os.version"/>
|
85
93
|
<param pos="0" name="os.device" value="Mobile"/>
|
86
94
|
</fingerprint>
|
95
|
+
|
87
96
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
|
88
97
|
<description>Windows 9x</description>
|
89
98
|
<example os.product="Windows 98 SE">Windows 98 SE</example>
|
@@ -91,6 +100,7 @@
|
|
91
100
|
<param pos="0" name="os.family" value="Windows"/>
|
92
101
|
<param pos="1" name="os.product"/>
|
93
102
|
</fingerprint>
|
103
|
+
|
94
104
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
|
95
105
|
<description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
|
96
106
|
<example>Windows 6.1</example>
|
@@ -98,6 +108,7 @@
|
|
98
108
|
<param pos="0" name="os.family" value="Windows"/>
|
99
109
|
<param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
|
100
110
|
</fingerprint>
|
111
|
+
|
101
112
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
|
102
113
|
<description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
|
103
114
|
<example>Windows 6.2</example>
|
@@ -105,6 +116,7 @@
|
|
105
116
|
<param pos="0" name="os.family" value="Windows"/>
|
106
117
|
<param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
|
107
118
|
</fingerprint>
|
119
|
+
|
108
120
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
|
109
121
|
<description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
|
110
122
|
<example>Windows 6.3</example>
|
@@ -112,6 +124,7 @@
|
|
112
124
|
<param pos="0" name="os.family" value="Windows"/>
|
113
125
|
<param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
|
114
126
|
</fingerprint>
|
127
|
+
|
115
128
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
|
116
129
|
<description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
|
117
130
|
<example>Windows 10.0</example>
|
@@ -119,6 +132,7 @@
|
|
119
132
|
<param pos="0" name="os.family" value="Windows"/>
|
120
133
|
<param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
|
121
134
|
</fingerprint>
|
135
|
+
|
122
136
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
|
123
137
|
<description>Windows catch-all</description>
|
124
138
|
<example>Windows for Workgroups 3.11</example>
|
@@ -129,8 +143,11 @@
|
|
129
143
|
<param pos="0" name="os.certainty" value="0.5"/>
|
130
144
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
131
145
|
</fingerprint>
|
146
|
+
|
132
147
|
<!-- Windows end -->
|
148
|
+
|
133
149
|
<!-- Liunx begin -->
|
150
|
+
|
134
151
|
<fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
|
135
152
|
<description>Alpine Linux</description>
|
136
153
|
<example os.version="3.4.0">Alpine Linux v3.4.0</example>
|
@@ -140,7 +157,9 @@
|
|
140
157
|
<param pos="0" name="os.product" value="Linux"/>
|
141
158
|
<param pos="1" name="os.version"/>
|
142
159
|
</fingerprint>
|
160
|
+
|
143
161
|
<!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
|
162
|
+
|
144
163
|
<fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
|
145
164
|
<description>Arch Linux</description>
|
146
165
|
<example os.version="2016.04.01">Arch Linux 2016.04.01</example>
|
@@ -149,7 +168,9 @@
|
|
149
168
|
<param pos="0" name="os.product" value="Linux"/>
|
150
169
|
<param pos="1" name="os.version"/>
|
151
170
|
</fingerprint>
|
171
|
+
|
152
172
|
<!-- Red Hat Enterprise Linux derivative -->
|
173
|
+
|
153
174
|
<fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
154
175
|
<description>Amazon Linux AMI</description>
|
155
176
|
<example os.version="5.11">Amazon Linux AMI 5.11</example>
|
@@ -160,7 +181,9 @@
|
|
160
181
|
<param pos="0" name="os.product" value="Linux AMI"/>
|
161
182
|
<param pos="1" name="os.version"/>
|
162
183
|
</fingerprint>
|
184
|
+
|
163
185
|
<!-- Red Hat Enterprise Linux derivative -->
|
186
|
+
|
164
187
|
<fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
|
165
188
|
<description>Centos Linux</description>
|
166
189
|
<example os.version="5.11">Centos Linux 5.11</example>
|
@@ -173,6 +196,7 @@
|
|
173
196
|
<param pos="1" name="os.version"/>
|
174
197
|
<param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
|
175
198
|
</fingerprint>
|
199
|
+
|
176
200
|
<fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
|
177
201
|
<description>Debian Linux</description>
|
178
202
|
<example os.version="6.0">Debian 6.0</example>
|
@@ -185,6 +209,7 @@
|
|
185
209
|
<param pos="1" name="os.version"/>
|
186
210
|
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
|
187
211
|
</fingerprint>
|
212
|
+
|
188
213
|
<fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
|
189
214
|
<description>Fedora Linux</description>
|
190
215
|
<example os.version="6">Fedora Core 6</example>
|
@@ -196,7 +221,9 @@
|
|
196
221
|
<param pos="1" name="os.version"/>
|
197
222
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
198
223
|
</fingerprint>
|
224
|
+
|
199
225
|
<!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
|
226
|
+
|
200
227
|
<fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
|
201
228
|
<description>Gentoo Linux</description>
|
202
229
|
<example>Gentoo Linux</example>
|
@@ -206,7 +233,9 @@
|
|
206
233
|
<param pos="1" name="os.version"/>
|
207
234
|
<param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
|
208
235
|
</fingerprint>
|
236
|
+
|
209
237
|
<!-- Kali switched to rolling release in January 2016. -->
|
238
|
+
|
210
239
|
<fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
|
211
240
|
<description>Kali Linux</description>
|
212
241
|
<example os.version="1.0.0">Kali Linux 1.0.0</example>
|
@@ -218,7 +247,9 @@
|
|
218
247
|
<param pos="0" name="os.product" value="Linux"/>
|
219
248
|
<param pos="1" name="os.version"/>
|
220
249
|
</fingerprint>
|
250
|
+
|
221
251
|
<!-- Ubuntu derivative -->
|
252
|
+
|
222
253
|
<fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
223
254
|
<description>Kubuntu Linux</description>
|
224
255
|
<example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
|
@@ -230,7 +261,9 @@
|
|
230
261
|
<param pos="1" name="os.version"/>
|
231
262
|
<param pos="2" name="os.edition"/>
|
232
263
|
</fingerprint>
|
264
|
+
|
233
265
|
<!-- Red Hat Enterprise Linux derivative -->
|
266
|
+
|
234
267
|
<fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
|
235
268
|
<description>Oracle Enterprise Linux</description>
|
236
269
|
<example os.version="5.11">Oracle Enterprise Linux 5.11</example>
|
@@ -241,6 +274,7 @@
|
|
241
274
|
<param pos="1" name="os.version"/>
|
242
275
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
|
243
276
|
</fingerprint>
|
277
|
+
|
244
278
|
<fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
|
245
279
|
<description>OpenSUSE Linux</description>
|
246
280
|
<example os.version="10.1">OpenSUSE Linux 10.1</example>
|
@@ -251,6 +285,7 @@
|
|
251
285
|
<param pos="0" name="os.product" value="Linux"/>
|
252
286
|
<param pos="1" name="os.version"/>
|
253
287
|
</fingerprint>
|
288
|
+
|
254
289
|
<fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
255
290
|
<description>Red Hat Enterprise Linux</description>
|
256
291
|
<example>Red Hat Enterprise Linux AS</example>
|
@@ -264,7 +299,9 @@
|
|
264
299
|
<param pos="1" name="os.version"/>
|
265
300
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
|
266
301
|
</fingerprint>
|
302
|
+
|
267
303
|
<!-- Red Hat Enterprise Linux derivative -->
|
304
|
+
|
268
305
|
<fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
269
306
|
<description>Scientific Linux</description>
|
270
307
|
<example os.version="5.11">Scientific Linux 5.11</example>
|
@@ -275,6 +312,7 @@
|
|
275
312
|
<param pos="0" name="os.product" value="Linux"/>
|
276
313
|
<param pos="1" name="os.version"/>
|
277
314
|
</fingerprint>
|
315
|
+
|
278
316
|
<fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
|
279
317
|
<description>Slackware Linux</description>
|
280
318
|
<example os.version="14.1">Slackware Linux 14.1</example>
|
@@ -283,6 +321,7 @@
|
|
283
321
|
<param pos="0" name="os.product" value="Linux"/>
|
284
322
|
<param pos="1" name="os.version"/>
|
285
323
|
</fingerprint>
|
324
|
+
|
286
325
|
<fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
287
326
|
<description>SUSE Linux Enterprise Desktop</description>
|
288
327
|
<example os.version="11">SUSE SLED 11</example>
|
@@ -293,6 +332,7 @@
|
|
293
332
|
<param pos="1" name="os.version"/>
|
294
333
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
|
295
334
|
</fingerprint>
|
335
|
+
|
296
336
|
<fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
297
337
|
<description>SUSE Linux Enterprise Server</description>
|
298
338
|
<example os.version="11">SUSE SLES 11</example>
|
@@ -303,6 +343,7 @@
|
|
303
343
|
<param pos="1" name="os.version"/>
|
304
344
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
305
345
|
</fingerprint>
|
346
|
+
|
306
347
|
<fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
307
348
|
<description>SLES Linux Enterprise Server</description>
|
308
349
|
<example os.version="11">SLES 11</example>
|
@@ -313,6 +354,7 @@
|
|
313
354
|
<param pos="1" name="os.version"/>
|
314
355
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
315
356
|
</fingerprint>
|
357
|
+
|
316
358
|
<fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
317
359
|
<description>Ubuntu Linux</description>
|
318
360
|
<example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
|
@@ -326,7 +368,9 @@
|
|
326
368
|
<param pos="2" name="os.edition"/>
|
327
369
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
|
328
370
|
</fingerprint>
|
371
|
+
|
329
372
|
<!-- Ubuntu derivative -->
|
373
|
+
|
330
374
|
<fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
331
375
|
<description>Xubuntu Linux</description>
|
332
376
|
<example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
|
@@ -338,17 +382,20 @@
|
|
338
382
|
<param pos="1" name="os.version"/>
|
339
383
|
<param pos="2" name="os.edition"/>
|
340
384
|
</fingerprint>
|
385
|
+
|
341
386
|
<fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
|
342
387
|
<description>Photon Linux</description>
|
343
388
|
<example>VMWare Photon Linux</example>
|
344
389
|
<example os.version="1.0">VMWare Photon 1.0</example>
|
345
|
-
<param pos="0" name="os.vendor" value="
|
390
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
346
391
|
<param pos="0" name="os.family" value="Linux"/>
|
347
392
|
<param pos="0" name="os.product" value="Photon Linux"/>
|
348
393
|
<param pos="1" name="os.version"/>
|
349
394
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
|
350
395
|
</fingerprint>
|
396
|
+
|
351
397
|
<!-- Vendor-based distribution catch-call -->
|
398
|
+
|
352
399
|
<fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
|
353
400
|
<description>Vendor-based Linux catch-all</description>
|
354
401
|
<example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
|
@@ -358,7 +405,9 @@
|
|
358
405
|
<param pos="1" name="os.vendor"/>
|
359
406
|
<param pos="2" name="os.version"/>
|
360
407
|
</fingerprint>
|
408
|
+
|
361
409
|
<!-- Linux catch-all goes at the bottom-->
|
410
|
+
|
362
411
|
<fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
|
363
412
|
<description>Linux catch-all</description>
|
364
413
|
<example os.version="2.42.6">Linux 2.42.6</example>
|
@@ -369,9 +418,13 @@
|
|
369
418
|
<param pos="1" name="os.version"/>
|
370
419
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
371
420
|
</fingerprint>
|
421
|
+
|
372
422
|
<!-- Linux end -->
|
423
|
+
|
373
424
|
<!-- Mac begin -->
|
425
|
+
|
374
426
|
<!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
|
427
|
+
|
375
428
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
|
376
429
|
<description>Mac OS 9</description>
|
377
430
|
<example os.version="9">Mac OS 9</example>
|
@@ -382,6 +435,7 @@
|
|
382
435
|
<param pos="1" name="os.version"/>
|
383
436
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
|
384
437
|
</fingerprint>
|
438
|
+
|
385
439
|
<fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
386
440
|
<description>Mac OS X with version number</description>
|
387
441
|
<example os.version="10.10.5">Mac OS X 10.10.5</example>
|
@@ -393,6 +447,7 @@
|
|
393
447
|
<param pos="1" name="os.version"/>
|
394
448
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
395
449
|
</fingerprint>
|
450
|
+
|
396
451
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
|
397
452
|
<description>Mac OS X Cheetah</description>
|
398
453
|
<example os.version="10.0">Mac OS X Cheetah</example>
|
@@ -402,6 +457,7 @@
|
|
402
457
|
<param pos="0" name="os.version" value="10.0"/>
|
403
458
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
|
404
459
|
</fingerprint>
|
460
|
+
|
405
461
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
|
406
462
|
<description>Mac OS X Puma</description>
|
407
463
|
<example os.version="10.1">Mac OS X Puma</example>
|
@@ -411,6 +467,7 @@
|
|
411
467
|
<param pos="0" name="os.version" value="10.1"/>
|
412
468
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
|
413
469
|
</fingerprint>
|
470
|
+
|
414
471
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
|
415
472
|
<description>Mac OS X Jaguar</description>
|
416
473
|
<example os.version="10.2">Mac OS X Jaguar</example>
|
@@ -420,6 +477,7 @@
|
|
420
477
|
<param pos="0" name="os.version" value="10.2"/>
|
421
478
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
422
479
|
</fingerprint>
|
480
|
+
|
423
481
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
|
424
482
|
<description>Mac OS X Panther</description>
|
425
483
|
<example os.version="10.3">Mac OS X Panther</example>
|
@@ -429,6 +487,7 @@
|
|
429
487
|
<param pos="0" name="os.version" value="10.3"/>
|
430
488
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
431
489
|
</fingerprint>
|
490
|
+
|
432
491
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
|
433
492
|
<description>Mac OS X Tiger</description>
|
434
493
|
<example os.version="10.4">Mac OS X Tiger</example>
|
@@ -438,6 +497,7 @@
|
|
438
497
|
<param pos="0" name="os.version" value="10.4"/>
|
439
498
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
440
499
|
</fingerprint>
|
500
|
+
|
441
501
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
|
442
502
|
<description>Mac OS X Leopard</description>
|
443
503
|
<example os.version="10.5">Mac OS X Leopard</example>
|
@@ -447,6 +507,7 @@
|
|
447
507
|
<param pos="0" name="os.version" value="10.5"/>
|
448
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
449
509
|
</fingerprint>
|
510
|
+
|
450
511
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
|
451
512
|
<description>Mac OS X Snow Leopard</description>
|
452
513
|
<example os.version="10.6">Mac OS X Snow Leopard</example>
|
@@ -456,6 +517,7 @@
|
|
456
517
|
<param pos="0" name="os.version" value="10.6"/>
|
457
518
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
458
519
|
</fingerprint>
|
520
|
+
|
459
521
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
|
460
522
|
<description>Mac OS X Lion</description>
|
461
523
|
<example os.version="10.7">Mac OS X Lion</example>
|
@@ -465,6 +527,7 @@
|
|
465
527
|
<param pos="0" name="os.version" value="10.7"/>
|
466
528
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
467
529
|
</fingerprint>
|
530
|
+
|
468
531
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
|
469
532
|
<description>Mac OS X Mountain Lion</description>
|
470
533
|
<example os.version="10.8">Mac OS X Mountain Lion</example>
|
@@ -474,6 +537,7 @@
|
|
474
537
|
<param pos="0" name="os.version" value="10.8"/>
|
475
538
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
476
539
|
</fingerprint>
|
540
|
+
|
477
541
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
|
478
542
|
<description>Mac OS X Mavericks</description>
|
479
543
|
<example os.version="10.9">Mac OS X Mavericks</example>
|
@@ -483,6 +547,7 @@
|
|
483
547
|
<param pos="0" name="os.version" value="10.9"/>
|
484
548
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
485
549
|
</fingerprint>
|
550
|
+
|
486
551
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
|
487
552
|
<description>Mac OS X Yosemite</description>
|
488
553
|
<example os.version="10.10">Mac OS X Yosemite</example>
|
@@ -492,6 +557,7 @@
|
|
492
557
|
<param pos="0" name="os.version" value="10.10"/>
|
493
558
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
494
559
|
</fingerprint>
|
560
|
+
|
495
561
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
|
496
562
|
<description>Mac OS X El Capitan</description>
|
497
563
|
<example os.version="10.11">Mac OS X El Capitan</example>
|
@@ -501,7 +567,9 @@
|
|
501
567
|
<param pos="0" name="os.version" value="10.11"/>
|
502
568
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
|
503
569
|
</fingerprint>
|
570
|
+
|
504
571
|
<!-- This can also match Cisco IOS if the vendor name is not present. -->
|
572
|
+
|
505
573
|
<fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
|
506
574
|
<description>Apple iOS for iPhone and iPad</description>
|
507
575
|
<example os.version="7.1.2">iOS 7.1.2</example>
|
@@ -514,8 +582,11 @@
|
|
514
582
|
<param pos="0" name="os.device" value="Mobile"/>
|
515
583
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
|
516
584
|
</fingerprint>
|
585
|
+
|
517
586
|
<!-- Mac end -->
|
587
|
+
|
518
588
|
<!-- BSD begin -->
|
589
|
+
|
519
590
|
<fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
|
520
591
|
<description>Many BSD family OSes</description>
|
521
592
|
<example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
|
@@ -528,8 +599,11 @@
|
|
528
599
|
<param pos="1" name="os.product"/>
|
529
600
|
<param pos="2" name="os.version"/>
|
530
601
|
</fingerprint>
|
602
|
+
|
531
603
|
<!-- BSD end -->
|
604
|
+
|
532
605
|
<!-- Other Unix-likes begin -->
|
606
|
+
|
533
607
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
|
534
608
|
<description>OpenSolaris</description>
|
535
609
|
<example os.version="2009.06">OpenSolaris 2009.06</example>
|
@@ -539,6 +613,7 @@
|
|
539
613
|
<param pos="1" name="os.version"/>
|
540
614
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
541
615
|
</fingerprint>
|
616
|
+
|
542
617
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
|
543
618
|
<description>Solaris 11 and up</description>
|
544
619
|
<example os.version="11.3">Solaris 11.3</example>
|
@@ -549,6 +624,7 @@
|
|
549
624
|
<param pos="1" name="os.version"/>
|
550
625
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
551
626
|
</fingerprint>
|
627
|
+
|
552
628
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
|
553
629
|
<description>Solaris 7-10</description>
|
554
630
|
<example os.version="7">Solaris 7</example>
|
@@ -561,6 +637,7 @@
|
|
561
637
|
<param pos="1" name="os.version"/>
|
562
638
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
563
639
|
</fingerprint>
|
640
|
+
|
564
641
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
|
565
642
|
<description>SunOS/Solaris 5.7-5.10</description>
|
566
643
|
<example os.version="7">SunOS 5.7</example>
|
@@ -571,6 +648,7 @@
|
|
571
648
|
<param pos="1" name="os.version"/>
|
572
649
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
573
650
|
</fingerprint>
|
651
|
+
|
574
652
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
|
575
653
|
<description>Oracle/Solaris 5.11 and upwards</description>
|
576
654
|
<example os.version="11">SunOS 5.11</example>
|
@@ -580,6 +658,7 @@
|
|
580
658
|
<param pos="1" name="os.version"/>
|
581
659
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
582
660
|
</fingerprint>
|
661
|
+
|
583
662
|
<fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
584
663
|
<description>IBM OSes</description>
|
585
664
|
<example os.product="AIX">AIX</example>
|
@@ -595,6 +674,7 @@
|
|
595
674
|
<param pos="1" name="os.product"/>
|
596
675
|
<param pos="2" name="os.version"/>
|
597
676
|
</fingerprint>
|
677
|
+
|
598
678
|
<fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
|
599
679
|
<description>HP OSes</description>
|
600
680
|
<example os.product="HP-UX">HP-UX</example>
|
@@ -604,8 +684,11 @@
|
|
604
684
|
<param pos="1" name="os.product"/>
|
605
685
|
<param pos="2" name="os.version"/>
|
606
686
|
</fingerprint>
|
687
|
+
|
607
688
|
<!-- Other Unix-likes end -->
|
689
|
+
|
608
690
|
<!-- Network equipment begin -->
|
691
|
+
|
609
692
|
<fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
610
693
|
<description>Juniper</description>
|
611
694
|
<example>Junos</example>
|
@@ -615,7 +698,9 @@
|
|
615
698
|
<param pos="1" name="os.product"/>
|
616
699
|
<param pos="2" name="os.version"/>
|
617
700
|
</fingerprint>
|
701
|
+
|
618
702
|
<!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
|
703
|
+
|
619
704
|
<fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
|
620
705
|
<description>Cisco</description>
|
621
706
|
<example>Cisco ASA</example>
|
@@ -625,5 +710,7 @@
|
|
625
710
|
<param pos="1" name="os.product"/>
|
626
711
|
<param pos="2" name="os.version"/>
|
627
712
|
</fingerprint>
|
713
|
+
|
628
714
|
<!-- Network equipment end -->
|
629
|
-
|
715
|
+
|
716
|
+
</fingerprints>
|