recog 2.3.7 → 2.3.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (81) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +9 -2
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/.travis.yml +2 -4
  6. data/CONTRIBUTING.md +136 -37
  7. data/Gemfile +2 -5
  8. data/README.md +18 -16
  9. data/bin/recog_cleanup +16 -0
  10. data/bin/recog_standardize +142 -0
  11. data/cpe-remap.yaml +36 -1
  12. data/features/match.feature +4 -0
  13. data/features/support/aruba.rb +3 -0
  14. data/features/verify.feature +5 -0
  15. data/identifiers/README.md +56 -0
  16. data/identifiers/hw_device.txt +77 -0
  17. data/identifiers/hw_family.txt +96 -0
  18. data/identifiers/hw_product.txt +328 -0
  19. data/identifiers/os_architecture.txt +20 -0
  20. data/identifiers/os_device.txt +94 -0
  21. data/identifiers/os_family.txt +325 -0
  22. data/identifiers/os_product.txt +420 -0
  23. data/identifiers/service_family.txt +272 -0
  24. data/identifiers/service_product.txt +557 -0
  25. data/identifiers/software_class.txt +26 -0
  26. data/identifiers/software_family.txt +91 -0
  27. data/identifiers/software_product.txt +333 -0
  28. data/identifiers/vendor.txt +891 -0
  29. data/lib/recog/version.rb +1 -1
  30. data/requirements.txt +1 -1
  31. data/spec/lib/fingerprint_self_test_spec.rb +1 -1
  32. data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
  33. data/update_cpes.py +4 -1
  34. data/xml/apache_modules.xml +292 -5
  35. data/xml/apache_os.xml +50 -2
  36. data/xml/architecture.xml +19 -7
  37. data/xml/dns_versionbind.xml +200 -26
  38. data/xml/favicons.xml +1701 -0
  39. data/xml/ftp_banners.xml +276 -16
  40. data/xml/h323_callresp.xml +112 -12
  41. data/xml/hp_pjl_id.xml +47 -5
  42. data/xml/html_title.xml +1419 -72
  43. data/xml/http_cookies.xml +77 -10
  44. data/xml/http_servers.xml +898 -47
  45. data/xml/http_wwwauth.xml +154 -27
  46. data/xml/imap_banners.xml +23 -13
  47. data/xml/ldap_searchresult.xml +81 -9
  48. data/xml/mdns_device-info_txt.xml +194 -17
  49. data/xml/mdns_workstation_txt.xml +4 -2
  50. data/xml/mysql_banners.xml +554 -45
  51. data/xml/mysql_error.xml +113 -6
  52. data/xml/nntp_banners.xml +10 -2
  53. data/xml/ntp_banners.xml +95 -11
  54. data/xml/operating_system.xml +90 -3
  55. data/xml/pop_banners.xml +32 -31
  56. data/xml/rsh_resp.xml +11 -2
  57. data/xml/rtsp_servers.xml +43 -23
  58. data/xml/sip_banners.xml +9 -14
  59. data/xml/sip_user_agents.xml +69 -3
  60. data/xml/smb_native_lm.xml +10 -2
  61. data/xml/smb_native_os.xml +80 -2
  62. data/xml/smtp_banners.xml +233 -13
  63. data/xml/smtp_debug.xml +6 -4
  64. data/xml/smtp_ehlo.xml +7 -5
  65. data/xml/smtp_expn.xml +13 -4
  66. data/xml/smtp_help.xml +23 -4
  67. data/xml/smtp_mailfrom.xml +5 -2
  68. data/xml/smtp_noop.xml +6 -5
  69. data/xml/smtp_quit.xml +5 -4
  70. data/xml/smtp_rcptto.xml +5 -2
  71. data/xml/smtp_rset.xml +4 -4
  72. data/xml/smtp_turn.xml +4 -4
  73. data/xml/smtp_vrfy.xml +14 -4
  74. data/xml/snmp_sysdescr.xml +776 -52
  75. data/xml/snmp_sysobjid.xml +47 -2
  76. data/xml/ssh_banners.xml +259 -80
  77. data/xml/telnet_banners.xml +376 -23
  78. data/xml/x11_banners.xml +27 -4
  79. data/xml/x509_issuers.xml +37 -13
  80. data/xml/x509_subjects.xml +525 -55
  81. metadata +29 -6
@@ -1,9 +1,11 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
3
3
  <!--
4
4
  Patterns for common names of various operating systems.
5
5
  -->
6
+
6
7
  <!-- Windows begin -->
8
+
7
9
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
8
10
  <description>Windows Server 2003 and later</description>
9
11
  <example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
@@ -23,6 +25,7 @@
23
25
  <param pos="2" name="os.edition"/>
24
26
  <param pos="3" name="os.version"/>
25
27
  </fingerprint>
28
+
26
29
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
27
30
  <description>Windows 10 Mobile</description>
28
31
  <example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
@@ -32,7 +35,9 @@
32
35
  <param pos="0" name="os.product" value="Windows 10 Mobile"/>
33
36
  <param pos="1" name="os.edition"/>
34
37
  <param pos="0" name="os.device" value="Mobile"/>
38
+ <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
35
39
  </fingerprint>
40
+
36
41
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
37
42
  <description>Windows Desktop XP and later</description>
38
43
  <example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
@@ -50,6 +55,7 @@
50
55
  <param pos="2" name="os.edition"/>
51
56
  <param pos="3" name="os.version"/>
52
57
  </fingerprint>
58
+
53
59
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
54
60
  <description>Windows 2000</description>
55
61
  <example os.edition="Professional">Windows 2000 Professional</example>
@@ -61,6 +67,7 @@
61
67
  <param pos="2" name="os.version"/>
62
68
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
63
69
  </fingerprint>
70
+
64
71
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
65
72
  <description>Windows NT</description>
66
73
  <example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
@@ -74,6 +81,7 @@
74
81
  <param pos="2" name="os.edition"/>
75
82
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
76
83
  </fingerprint>
84
+
77
85
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
78
86
  <description>Windows Phone 7 and later</description>
79
87
  <example os.version="7.5">Windows Phone 7.5</example>
@@ -84,6 +92,7 @@
84
92
  <param pos="1" name="os.version"/>
85
93
  <param pos="0" name="os.device" value="Mobile"/>
86
94
  </fingerprint>
95
+
87
96
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
88
97
  <description>Windows 9x</description>
89
98
  <example os.product="Windows 98 SE">Windows 98 SE</example>
@@ -91,6 +100,7 @@
91
100
  <param pos="0" name="os.family" value="Windows"/>
92
101
  <param pos="1" name="os.product"/>
93
102
  </fingerprint>
103
+
94
104
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
95
105
  <description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
96
106
  <example>Windows 6.1</example>
@@ -98,6 +108,7 @@
98
108
  <param pos="0" name="os.family" value="Windows"/>
99
109
  <param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
100
110
  </fingerprint>
111
+
101
112
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
102
113
  <description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
103
114
  <example>Windows 6.2</example>
@@ -105,6 +116,7 @@
105
116
  <param pos="0" name="os.family" value="Windows"/>
106
117
  <param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
107
118
  </fingerprint>
119
+
108
120
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
109
121
  <description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
110
122
  <example>Windows 6.3</example>
@@ -112,6 +124,7 @@
112
124
  <param pos="0" name="os.family" value="Windows"/>
113
125
  <param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
114
126
  </fingerprint>
127
+
115
128
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
116
129
  <description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
117
130
  <example>Windows 10.0</example>
@@ -119,6 +132,7 @@
119
132
  <param pos="0" name="os.family" value="Windows"/>
120
133
  <param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
121
134
  </fingerprint>
135
+
122
136
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
123
137
  <description>Windows catch-all</description>
124
138
  <example>Windows for Workgroups 3.11</example>
@@ -129,8 +143,11 @@
129
143
  <param pos="0" name="os.certainty" value="0.5"/>
130
144
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
131
145
  </fingerprint>
146
+
132
147
  <!-- Windows end -->
148
+
133
149
  <!-- Liunx begin -->
150
+
134
151
  <fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
135
152
  <description>Alpine Linux</description>
136
153
  <example os.version="3.4.0">Alpine Linux v3.4.0</example>
@@ -140,7 +157,9 @@
140
157
  <param pos="0" name="os.product" value="Linux"/>
141
158
  <param pos="1" name="os.version"/>
142
159
  </fingerprint>
160
+
143
161
  <!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
162
+
144
163
  <fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
145
164
  <description>Arch Linux</description>
146
165
  <example os.version="2016.04.01">Arch Linux 2016.04.01</example>
@@ -149,7 +168,9 @@
149
168
  <param pos="0" name="os.product" value="Linux"/>
150
169
  <param pos="1" name="os.version"/>
151
170
  </fingerprint>
171
+
152
172
  <!-- Red Hat Enterprise Linux derivative -->
173
+
153
174
  <fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
154
175
  <description>Amazon Linux AMI</description>
155
176
  <example os.version="5.11">Amazon Linux AMI 5.11</example>
@@ -160,7 +181,9 @@
160
181
  <param pos="0" name="os.product" value="Linux AMI"/>
161
182
  <param pos="1" name="os.version"/>
162
183
  </fingerprint>
184
+
163
185
  <!-- Red Hat Enterprise Linux derivative -->
186
+
164
187
  <fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
165
188
  <description>Centos Linux</description>
166
189
  <example os.version="5.11">Centos Linux 5.11</example>
@@ -173,6 +196,7 @@
173
196
  <param pos="1" name="os.version"/>
174
197
  <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
175
198
  </fingerprint>
199
+
176
200
  <fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
177
201
  <description>Debian Linux</description>
178
202
  <example os.version="6.0">Debian 6.0</example>
@@ -185,6 +209,7 @@
185
209
  <param pos="1" name="os.version"/>
186
210
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
187
211
  </fingerprint>
212
+
188
213
  <fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
189
214
  <description>Fedora Linux</description>
190
215
  <example os.version="6">Fedora Core 6</example>
@@ -196,7 +221,9 @@
196
221
  <param pos="1" name="os.version"/>
197
222
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
198
223
  </fingerprint>
224
+
199
225
  <!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
226
+
200
227
  <fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
201
228
  <description>Gentoo Linux</description>
202
229
  <example>Gentoo Linux</example>
@@ -206,7 +233,9 @@
206
233
  <param pos="1" name="os.version"/>
207
234
  <param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
208
235
  </fingerprint>
236
+
209
237
  <!-- Kali switched to rolling release in January 2016. -->
238
+
210
239
  <fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
211
240
  <description>Kali Linux</description>
212
241
  <example os.version="1.0.0">Kali Linux 1.0.0</example>
@@ -218,7 +247,9 @@
218
247
  <param pos="0" name="os.product" value="Linux"/>
219
248
  <param pos="1" name="os.version"/>
220
249
  </fingerprint>
250
+
221
251
  <!-- Ubuntu derivative -->
252
+
222
253
  <fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
223
254
  <description>Kubuntu Linux</description>
224
255
  <example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
@@ -230,7 +261,9 @@
230
261
  <param pos="1" name="os.version"/>
231
262
  <param pos="2" name="os.edition"/>
232
263
  </fingerprint>
264
+
233
265
  <!-- Red Hat Enterprise Linux derivative -->
266
+
234
267
  <fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
235
268
  <description>Oracle Enterprise Linux</description>
236
269
  <example os.version="5.11">Oracle Enterprise Linux 5.11</example>
@@ -241,6 +274,7 @@
241
274
  <param pos="1" name="os.version"/>
242
275
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
243
276
  </fingerprint>
277
+
244
278
  <fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
245
279
  <description>OpenSUSE Linux</description>
246
280
  <example os.version="10.1">OpenSUSE Linux 10.1</example>
@@ -251,6 +285,7 @@
251
285
  <param pos="0" name="os.product" value="Linux"/>
252
286
  <param pos="1" name="os.version"/>
253
287
  </fingerprint>
288
+
254
289
  <fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
255
290
  <description>Red Hat Enterprise Linux</description>
256
291
  <example>Red Hat Enterprise Linux AS</example>
@@ -264,7 +299,9 @@
264
299
  <param pos="1" name="os.version"/>
265
300
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
266
301
  </fingerprint>
302
+
267
303
  <!-- Red Hat Enterprise Linux derivative -->
304
+
268
305
  <fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
269
306
  <description>Scientific Linux</description>
270
307
  <example os.version="5.11">Scientific Linux 5.11</example>
@@ -275,6 +312,7 @@
275
312
  <param pos="0" name="os.product" value="Linux"/>
276
313
  <param pos="1" name="os.version"/>
277
314
  </fingerprint>
315
+
278
316
  <fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
279
317
  <description>Slackware Linux</description>
280
318
  <example os.version="14.1">Slackware Linux 14.1</example>
@@ -283,6 +321,7 @@
283
321
  <param pos="0" name="os.product" value="Linux"/>
284
322
  <param pos="1" name="os.version"/>
285
323
  </fingerprint>
324
+
286
325
  <fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
287
326
  <description>SUSE Linux Enterprise Desktop</description>
288
327
  <example os.version="11">SUSE SLED 11</example>
@@ -293,6 +332,7 @@
293
332
  <param pos="1" name="os.version"/>
294
333
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
295
334
  </fingerprint>
335
+
296
336
  <fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
297
337
  <description>SUSE Linux Enterprise Server</description>
298
338
  <example os.version="11">SUSE SLES 11</example>
@@ -303,6 +343,7 @@
303
343
  <param pos="1" name="os.version"/>
304
344
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
305
345
  </fingerprint>
346
+
306
347
  <fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
307
348
  <description>SLES Linux Enterprise Server</description>
308
349
  <example os.version="11">SLES 11</example>
@@ -313,6 +354,7 @@
313
354
  <param pos="1" name="os.version"/>
314
355
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
315
356
  </fingerprint>
357
+
316
358
  <fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
317
359
  <description>Ubuntu Linux</description>
318
360
  <example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
@@ -326,7 +368,9 @@
326
368
  <param pos="2" name="os.edition"/>
327
369
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
328
370
  </fingerprint>
371
+
329
372
  <!-- Ubuntu derivative -->
373
+
330
374
  <fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
331
375
  <description>Xubuntu Linux</description>
332
376
  <example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
@@ -338,17 +382,20 @@
338
382
  <param pos="1" name="os.version"/>
339
383
  <param pos="2" name="os.edition"/>
340
384
  </fingerprint>
385
+
341
386
  <fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
342
387
  <description>Photon Linux</description>
343
388
  <example>VMWare Photon Linux</example>
344
389
  <example os.version="1.0">VMWare Photon 1.0</example>
345
- <param pos="0" name="os.vendor" value="VMWare"/>
390
+ <param pos="0" name="os.vendor" value="VMware"/>
346
391
  <param pos="0" name="os.family" value="Linux"/>
347
392
  <param pos="0" name="os.product" value="Photon Linux"/>
348
393
  <param pos="1" name="os.version"/>
349
394
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
350
395
  </fingerprint>
396
+
351
397
  <!-- Vendor-based distribution catch-call -->
398
+
352
399
  <fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
353
400
  <description>Vendor-based Linux catch-all</description>
354
401
  <example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
@@ -358,7 +405,9 @@
358
405
  <param pos="1" name="os.vendor"/>
359
406
  <param pos="2" name="os.version"/>
360
407
  </fingerprint>
408
+
361
409
  <!-- Linux catch-all goes at the bottom-->
410
+
362
411
  <fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
363
412
  <description>Linux catch-all</description>
364
413
  <example os.version="2.42.6">Linux 2.42.6</example>
@@ -369,9 +418,13 @@
369
418
  <param pos="1" name="os.version"/>
370
419
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
371
420
  </fingerprint>
421
+
372
422
  <!-- Linux end -->
423
+
373
424
  <!-- Mac begin -->
425
+
374
426
  <!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
427
+
375
428
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
376
429
  <description>Mac OS 9</description>
377
430
  <example os.version="9">Mac OS 9</example>
@@ -382,6 +435,7 @@
382
435
  <param pos="1" name="os.version"/>
383
436
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
384
437
  </fingerprint>
438
+
385
439
  <fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
386
440
  <description>Mac OS X with version number</description>
387
441
  <example os.version="10.10.5">Mac OS X 10.10.5</example>
@@ -393,6 +447,7 @@
393
447
  <param pos="1" name="os.version"/>
394
448
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
395
449
  </fingerprint>
450
+
396
451
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
397
452
  <description>Mac OS X Cheetah</description>
398
453
  <example os.version="10.0">Mac OS X Cheetah</example>
@@ -402,6 +457,7 @@
402
457
  <param pos="0" name="os.version" value="10.0"/>
403
458
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
404
459
  </fingerprint>
460
+
405
461
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
406
462
  <description>Mac OS X Puma</description>
407
463
  <example os.version="10.1">Mac OS X Puma</example>
@@ -411,6 +467,7 @@
411
467
  <param pos="0" name="os.version" value="10.1"/>
412
468
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
413
469
  </fingerprint>
470
+
414
471
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
415
472
  <description>Mac OS X Jaguar</description>
416
473
  <example os.version="10.2">Mac OS X Jaguar</example>
@@ -420,6 +477,7 @@
420
477
  <param pos="0" name="os.version" value="10.2"/>
421
478
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
422
479
  </fingerprint>
480
+
423
481
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
424
482
  <description>Mac OS X Panther</description>
425
483
  <example os.version="10.3">Mac OS X Panther</example>
@@ -429,6 +487,7 @@
429
487
  <param pos="0" name="os.version" value="10.3"/>
430
488
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
431
489
  </fingerprint>
490
+
432
491
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
433
492
  <description>Mac OS X Tiger</description>
434
493
  <example os.version="10.4">Mac OS X Tiger</example>
@@ -438,6 +497,7 @@
438
497
  <param pos="0" name="os.version" value="10.4"/>
439
498
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
440
499
  </fingerprint>
500
+
441
501
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
442
502
  <description>Mac OS X Leopard</description>
443
503
  <example os.version="10.5">Mac OS X Leopard</example>
@@ -447,6 +507,7 @@
447
507
  <param pos="0" name="os.version" value="10.5"/>
448
508
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
449
509
  </fingerprint>
510
+
450
511
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
451
512
  <description>Mac OS X Snow Leopard</description>
452
513
  <example os.version="10.6">Mac OS X Snow Leopard</example>
@@ -456,6 +517,7 @@
456
517
  <param pos="0" name="os.version" value="10.6"/>
457
518
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
458
519
  </fingerprint>
520
+
459
521
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
460
522
  <description>Mac OS X Lion</description>
461
523
  <example os.version="10.7">Mac OS X Lion</example>
@@ -465,6 +527,7 @@
465
527
  <param pos="0" name="os.version" value="10.7"/>
466
528
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
467
529
  </fingerprint>
530
+
468
531
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
469
532
  <description>Mac OS X Mountain Lion</description>
470
533
  <example os.version="10.8">Mac OS X Mountain Lion</example>
@@ -474,6 +537,7 @@
474
537
  <param pos="0" name="os.version" value="10.8"/>
475
538
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
476
539
  </fingerprint>
540
+
477
541
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
478
542
  <description>Mac OS X Mavericks</description>
479
543
  <example os.version="10.9">Mac OS X Mavericks</example>
@@ -483,6 +547,7 @@
483
547
  <param pos="0" name="os.version" value="10.9"/>
484
548
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
485
549
  </fingerprint>
550
+
486
551
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
487
552
  <description>Mac OS X Yosemite</description>
488
553
  <example os.version="10.10">Mac OS X Yosemite</example>
@@ -492,6 +557,7 @@
492
557
  <param pos="0" name="os.version" value="10.10"/>
493
558
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
494
559
  </fingerprint>
560
+
495
561
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
496
562
  <description>Mac OS X El Capitan</description>
497
563
  <example os.version="10.11">Mac OS X El Capitan</example>
@@ -501,7 +567,9 @@
501
567
  <param pos="0" name="os.version" value="10.11"/>
502
568
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
503
569
  </fingerprint>
570
+
504
571
  <!-- This can also match Cisco IOS if the vendor name is not present. -->
572
+
505
573
  <fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
506
574
  <description>Apple iOS for iPhone and iPad</description>
507
575
  <example os.version="7.1.2">iOS 7.1.2</example>
@@ -514,8 +582,11 @@
514
582
  <param pos="0" name="os.device" value="Mobile"/>
515
583
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
516
584
  </fingerprint>
585
+
517
586
  <!-- Mac end -->
587
+
518
588
  <!-- BSD begin -->
589
+
519
590
  <fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
520
591
  <description>Many BSD family OSes</description>
521
592
  <example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
@@ -528,8 +599,11 @@
528
599
  <param pos="1" name="os.product"/>
529
600
  <param pos="2" name="os.version"/>
530
601
  </fingerprint>
602
+
531
603
  <!-- BSD end -->
604
+
532
605
  <!-- Other Unix-likes begin -->
606
+
533
607
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
534
608
  <description>OpenSolaris</description>
535
609
  <example os.version="2009.06">OpenSolaris 2009.06</example>
@@ -539,6 +613,7 @@
539
613
  <param pos="1" name="os.version"/>
540
614
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
541
615
  </fingerprint>
616
+
542
617
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
543
618
  <description>Solaris 11 and up</description>
544
619
  <example os.version="11.3">Solaris 11.3</example>
@@ -549,6 +624,7 @@
549
624
  <param pos="1" name="os.version"/>
550
625
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
551
626
  </fingerprint>
627
+
552
628
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
553
629
  <description>Solaris 7-10</description>
554
630
  <example os.version="7">Solaris 7</example>
@@ -561,6 +637,7 @@
561
637
  <param pos="1" name="os.version"/>
562
638
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
563
639
  </fingerprint>
640
+
564
641
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
565
642
  <description>SunOS/Solaris 5.7-5.10</description>
566
643
  <example os.version="7">SunOS 5.7</example>
@@ -571,6 +648,7 @@
571
648
  <param pos="1" name="os.version"/>
572
649
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
573
650
  </fingerprint>
651
+
574
652
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
575
653
  <description>Oracle/Solaris 5.11 and upwards</description>
576
654
  <example os.version="11">SunOS 5.11</example>
@@ -580,6 +658,7 @@
580
658
  <param pos="1" name="os.version"/>
581
659
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
582
660
  </fingerprint>
661
+
583
662
  <fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
584
663
  <description>IBM OSes</description>
585
664
  <example os.product="AIX">AIX</example>
@@ -595,6 +674,7 @@
595
674
  <param pos="1" name="os.product"/>
596
675
  <param pos="2" name="os.version"/>
597
676
  </fingerprint>
677
+
598
678
  <fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
599
679
  <description>HP OSes</description>
600
680
  <example os.product="HP-UX">HP-UX</example>
@@ -604,8 +684,11 @@
604
684
  <param pos="1" name="os.product"/>
605
685
  <param pos="2" name="os.version"/>
606
686
  </fingerprint>
687
+
607
688
  <!-- Other Unix-likes end -->
689
+
608
690
  <!-- Network equipment begin -->
691
+
609
692
  <fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
610
693
  <description>Juniper</description>
611
694
  <example>Junos</example>
@@ -615,7 +698,9 @@
615
698
  <param pos="1" name="os.product"/>
616
699
  <param pos="2" name="os.version"/>
617
700
  </fingerprint>
701
+
618
702
  <!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
703
+
619
704
  <fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
620
705
  <description>Cisco</description>
621
706
  <example>Cisco ASA</example>
@@ -625,5 +710,7 @@
625
710
  <param pos="1" name="os.product"/>
626
711
  <param pos="2" name="os.version"/>
627
712
  </fingerprint>
713
+
628
714
  <!-- Network equipment end -->
629
- </fingerprints>
715
+
716
+ </fingerprints>