recog 2.3.7 → 2.3.12
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +9 -2
- data/.ruby-gemset +1 -0
- data/.ruby-version +1 -0
- data/.travis.yml +2 -4
- data/CONTRIBUTING.md +136 -37
- data/Gemfile +2 -5
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +142 -0
- data/cpe-remap.yaml +36 -1
- data/features/match.feature +4 -0
- data/features/support/aruba.rb +3 -0
- data/features/verify.feature +5 -0
- data/identifiers/README.md +56 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +20 -0
- data/identifiers/os_device.txt +94 -0
- data/identifiers/os_family.txt +325 -0
- data/identifiers/os_product.txt +420 -0
- data/identifiers/service_family.txt +272 -0
- data/identifiers/service_product.txt +557 -0
- data/identifiers/software_class.txt +26 -0
- data/identifiers/software_family.txt +91 -0
- data/identifiers/software_product.txt +333 -0
- data/identifiers/vendor.txt +891 -0
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +1 -1
- data/spec/lib/recog/fingerprint/regexp_factory_spec.rb +1 -1
- data/update_cpes.py +4 -1
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +50 -2
- data/xml/architecture.xml +19 -7
- data/xml/dns_versionbind.xml +200 -26
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +276 -16
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1419 -72
- data/xml/http_cookies.xml +77 -10
- data/xml/http_servers.xml +898 -47
- data/xml/http_wwwauth.xml +154 -27
- data/xml/imap_banners.xml +23 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +194 -17
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +554 -45
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +95 -11
- data/xml/operating_system.xml +90 -3
- data/xml/pop_banners.xml +32 -31
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +43 -23
- data/xml/sip_banners.xml +9 -14
- data/xml/sip_user_agents.xml +69 -3
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +80 -2
- data/xml/smtp_banners.xml +233 -13
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +776 -52
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +259 -80
- data/xml/telnet_banners.xml +376 -23
- data/xml/x11_banners.xml +27 -4
- data/xml/x509_issuers.xml +37 -13
- data/xml/x509_subjects.xml +525 -55
- metadata +29 -6
data/xml/sip_banners.xml
CHANGED
@@ -1,18 +1,18 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="sip_header.server" protocol="sip" database_type="service">
|
3
3
|
<!--
|
4
4
|
SIP Server header values are matched against these patterns to fingerprint SIP devices.
|
5
5
|
-->
|
6
6
|
|
7
7
|
<!-- Cisco/Tandberg Products -->
|
8
|
-
|
8
|
+
|
9
9
|
<fingerprint pattern="^Cisco-SIPGateway/IOS-(\S+)\.x$">
|
10
10
|
<description>Cisco IOS SIP Gateway w/ Vague Version</description>
|
11
11
|
<example os.version="12">Cisco-SIPGateway/IOS-12.x</example>
|
12
12
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
13
13
|
<param pos="0" name="service.family" value="IOS"/>
|
14
14
|
<param pos="0" name="service.product" value="IOS"/>
|
15
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios
|
15
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:-"/>
|
16
16
|
<param pos="0" name="os.vendor" value="Cisco"/>
|
17
17
|
<param pos="0" name="os.family" value="IOS"/>
|
18
18
|
<param pos="0" name="os.product" value="IOS"/>
|
@@ -30,11 +30,11 @@
|
|
30
30
|
<example os.version="15.2.3.T">Cisco-SIPGateway/IOS-15.2.3.T</example>
|
31
31
|
<example os.version="15.4.3.S5">Cisco-SIPGateway/IOS-15.4.3.S5</example>
|
32
32
|
<example os.version="15.6.3.M0a">Cisco-SIPGateway/IOS-15.6.3.M0a</example>
|
33
|
-
<example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>
|
33
|
+
<example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>
|
34
34
|
<param pos="0" name="service.vendor" value="Cisco"/>
|
35
35
|
<param pos="0" name="service.family" value="IOS"/>
|
36
36
|
<param pos="0" name="service.product" value="IOS"/>
|
37
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios
|
37
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:cisco:ios:-"/>
|
38
38
|
<param pos="0" name="os.vendor" value="Cisco"/>
|
39
39
|
<param pos="0" name="os.family" value="IOS"/>
|
40
40
|
<param pos="0" name="os.product" value="IOS"/>
|
@@ -130,7 +130,6 @@
|
|
130
130
|
<param pos="0" name="os.product" value="Linux"/>
|
131
131
|
<param pos="1" name="tandberg.model"/>
|
132
132
|
<param pos="2" name="os.version"/>
|
133
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
|
134
133
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
135
134
|
<param pos="0" name="hw.family" value="TelePresence"/>
|
136
135
|
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
@@ -144,13 +143,12 @@
|
|
144
143
|
<example os.version="X8.2.1" hw.product="TANDBERG/4130">TANDBERG/4130 (X8.2.1)</example>
|
145
144
|
<example os.version="XC2.2.1-b2bua-1.0" hw.product="TANDBERG/4353" tandberg.model="4353">TANDBERG/4353 (XC2.2.1-b2bua-1.0)</example>
|
146
145
|
<example os.version="TC5.1.4.295090" hw.product="TANDBERG/516" tandberg.model="516">TANDBERG/516 (TC5.1.4.295090)</example>
|
147
|
-
<example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
|
146
|
+
<example os.version="TCNC5.1.4.295090" hw.product="TANDBERG/517" tandberg.model="517">TANDBERG/517 (TCNC5.1.4.295090)</example>
|
148
147
|
<param pos="0" name="os.vendor" value="Tandberg"/>
|
149
148
|
<param pos="0" name="os.family" value="Linux"/>
|
150
149
|
<param pos="0" name="os.product" value="Linux"/>
|
151
150
|
<param pos="2" name="tandberg.model"/>
|
152
151
|
<param pos="3" name="os.version"/>
|
153
|
-
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:telepresence:{os.version}"/>
|
154
152
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
155
153
|
<param pos="0" name="hw.family" value="TelePresence"/>
|
156
154
|
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
@@ -256,10 +254,10 @@
|
|
256
254
|
<example hw.product="MP-124" os.version="6.00A.034.003">Audiocodes-Sip-Gateway-MP-124 FXS/v.6.00A.034.003</example>
|
257
255
|
<example hw.product="MP-124" os.version="6.60A.342.003">MP-124 FXS/v.6.60A.342.003</example>
|
258
256
|
<example hw.product="MP-114" os.version="6.60A.241.010">MP-114 FXS_FXO/v.6.60A.241.010</example>
|
259
|
-
<param pos="0" name="os.vendor" value="
|
257
|
+
<param pos="0" name="os.vendor" value="AudioCodes"/>
|
260
258
|
<param pos="0" name="os.family" value="SIP Gateway"/>
|
261
259
|
<param pos="2" name="os.version"/>
|
262
|
-
<param pos="0" name="hw.vendor" value="
|
260
|
+
<param pos="0" name="hw.vendor" value="AudioCodes"/>
|
263
261
|
<param pos="0" name="hw.family" value="SIP Gateway"/>
|
264
262
|
<param pos="0" name="hw.device" value="SIP Gateway"/>
|
265
263
|
<param pos="1" name="hw.product"/>
|
@@ -296,7 +294,6 @@
|
|
296
294
|
<param pos="0" name="service.family" value="PBX"/>
|
297
295
|
<param pos="0" name="service.product" value="PBX"/>
|
298
296
|
<param pos="1" name="service.version"/>
|
299
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:{service.version}"/>
|
300
297
|
</fingerprint>
|
301
298
|
|
302
299
|
<fingerprint pattern="^Asterisk PBX$">
|
@@ -305,7 +302,6 @@
|
|
305
302
|
<param pos="0" name="service.vendor" value="Asterisk"/>
|
306
303
|
<param pos="0" name="service.family" value="PBX"/>
|
307
304
|
<param pos="0" name="service.product" value="PBX"/>
|
308
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:asterisk:asterisk:-"/>
|
309
305
|
</fingerprint>
|
310
306
|
|
311
307
|
<fingerprint pattern="^FPBX-(\S+)$">
|
@@ -316,7 +312,6 @@
|
|
316
312
|
<param pos="0" name="service.family" value="PBX"/>
|
317
313
|
<param pos="0" name="service.product" value="PBX"/>
|
318
314
|
<param pos="1" name="service.version"/>
|
319
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:freepbx:freepbx:{service.version}"/>
|
320
315
|
</fingerprint>
|
321
316
|
|
322
317
|
<fingerprint pattern="^kamailio \((\S+) \((.*)\)\)$">
|
@@ -327,10 +322,10 @@
|
|
327
322
|
<param pos="0" name="service.product" value="SIP Server"/>
|
328
323
|
<param pos="1" name="service.version"/>
|
329
324
|
<param pos="2" name="kamailio.platform"/>
|
330
|
-
<param pos="0" name="service.cpe23" value="cpe:/a:kamailio:kamailio:{service.version}"/>
|
331
325
|
</fingerprint>
|
332
326
|
|
333
327
|
<!-- This match covers multiple product families and should be split up further -->
|
328
|
+
|
334
329
|
<fingerprint pattern="^Algo-([^/]+)/(.*)$">
|
335
330
|
<description>Algo SIP Device</description>
|
336
331
|
<example hw.product="8186" os.version="1.7">Algo-8186/1.7</example>
|
data/xml/sip_user_agents.xml
CHANGED
@@ -1,9 +1,11 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="sip_header.user_agent" protocol="sip" database_type="service">
|
3
3
|
<!--
|
4
4
|
SIP User Agent header values are matched against these patterns to fingerprint SIP devices.
|
5
5
|
-->
|
6
|
+
|
6
7
|
<!-- Axis devices -->
|
8
|
+
|
7
9
|
<fingerprint pattern="(?i)^AXIS (\S+) Network Video Door Station$">
|
8
10
|
<description>Axis Network Video Door stations, which have voice</description>
|
9
11
|
<example hw.product="A8105-E">AXIS A8105-E Network Video Door Station</example>
|
@@ -11,7 +13,10 @@
|
|
11
13
|
<param pos="0" name="hw.device" value="Web cam"/>
|
12
14
|
<param pos="0" name="hw.family" value="Network Video Door Station"/>
|
13
15
|
<param pos="1" name="hw.product"/>
|
16
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
17
|
+
<param pos="0" name="os.family" value="Linux"/>
|
14
18
|
</fingerprint>
|
19
|
+
|
15
20
|
<fingerprint pattern="(?i)^AXIS (\S+) Network (?:Audio Bridge|(?:Cabinet|Horn) Speaker)$">
|
16
21
|
<description>Axis Network audio devices</description>
|
17
22
|
<example hw.product="C3003-E">AXIS C3003-E Network Horn Speaker</example>
|
@@ -20,8 +25,12 @@
|
|
20
25
|
<param pos="0" name="hw.vendor" value="Axis"/>
|
21
26
|
<param pos="0" name="hw.family" value="Network Audio"/>
|
22
27
|
<param pos="1" name="hw.product"/>
|
28
|
+
<param pos="0" name="os.vendor" value="AXIS"/>
|
29
|
+
<param pos="0" name="os.family" value="Linux"/>
|
23
30
|
</fingerprint>
|
31
|
+
|
24
32
|
<!-- Cisco Devices -->
|
33
|
+
|
25
34
|
<fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
|
26
35
|
<description>Cisco SIPGateway</description>
|
27
36
|
<example>Cisco-SIPGateway/IOS-12.x</example>
|
@@ -30,13 +39,16 @@
|
|
30
39
|
<param pos="1" name="os.version"/>
|
31
40
|
<param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
|
32
41
|
</fingerprint>
|
42
|
+
|
33
43
|
<!-- AVM.DE Devices -->
|
44
|
+
|
34
45
|
<fingerprint pattern="^FRITZ!OS$">
|
35
46
|
<description>AVM FritzOS Device</description>
|
36
47
|
<example>FRITZ!OS</example>
|
37
48
|
<param pos="0" name="os.vendor" value="AVM"/>
|
38
49
|
<param pos="0" name="os.product" value="FRITZ!BOX"/>
|
39
50
|
</fingerprint>
|
51
|
+
|
40
52
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Box .*) +(\d+\.\d+\.\d+)">
|
41
53
|
<description>AVM FritzBox</description>
|
42
54
|
<example>AVM FRITZ!Box Fon 06.03.13</example>
|
@@ -56,6 +68,7 @@
|
|
56
68
|
<param pos="1" name="os.product"/>
|
57
69
|
<param pos="2" name="os.version"/>
|
58
70
|
</fingerprint>
|
71
|
+
|
59
72
|
<fingerprint pattern="^(?:AVM )?(FRITZ!Fon .*) +(\d+\.\d+\.\d+)">
|
60
73
|
<description>AVM FritzFon</description>
|
61
74
|
<example>AVM FRITZ!Fon 7150 (fs) 38.04.56 (Mar 31 2008)</example>
|
@@ -65,6 +78,7 @@
|
|
65
78
|
<param pos="1" name="os.product"/>
|
66
79
|
<param pos="2" name="os.version"/>
|
67
80
|
</fingerprint>
|
81
|
+
|
68
82
|
<fingerprint pattern="^(?:AVM )?(Multibox .*) +(\d+\.\d+\.\d+)">
|
69
83
|
<description>AVM Multibox</description>
|
70
84
|
<example>AVM Multibox 7390 NGN 84.05.09 (Jan 13 2012)</example>
|
@@ -73,12 +87,15 @@
|
|
73
87
|
<param pos="1" name="os.product"/>
|
74
88
|
<param pos="2" name="os.version"/>
|
75
89
|
</fingerprint>
|
90
|
+
|
76
91
|
<!-- Huawei devices -->
|
92
|
+
|
77
93
|
<fingerprint pattern="(?i)^Huawei$">
|
78
94
|
<description>Huawei generic</description>
|
79
95
|
<example>Huawei</example>
|
80
96
|
<param pos="0" name="hw.vendor" value="Huawei"/>
|
81
97
|
</fingerprint>
|
98
|
+
|
82
99
|
<fingerprint pattern="(?i)^Huawei-HomeGateway/V(?:\d.*)$">
|
83
100
|
<description>Huawei Home Gateway</description>
|
84
101
|
<example>Huawei-HomeGateway/V100R001</example>
|
@@ -86,6 +103,7 @@
|
|
86
103
|
<param pos="0" name="hw.device" value="Broadband router"/>
|
87
104
|
<param pos="0" name="hw.product" value="Home Gateway"/>
|
88
105
|
</fingerprint>
|
106
|
+
|
89
107
|
<fingerprint pattern="(?i)^Huawei-EchoLife (HG.*)/V(?:\d.*)$">
|
90
108
|
<description>Huawei EchoLife Home Gateway</description>
|
91
109
|
<example hw.model="HG8121H">HUAWEI-EchoLife HG8121H/V3R018C00S110</example>
|
@@ -94,6 +112,7 @@
|
|
94
112
|
<param pos="0" name="hw.product" value="EchoLife Home Gateway"/>
|
95
113
|
<param pos="1" name="hw.model"/>
|
96
114
|
</fingerprint>
|
115
|
+
|
97
116
|
<fingerprint pattern="(?i)^Huawei (SoftX\d+) (?:V\d.*)$">
|
98
117
|
<description>Huawei Softswitch</description>
|
99
118
|
<example hw.model="SoftX3000">Huawei SoftX3000 V300R010</example>
|
@@ -102,6 +121,7 @@
|
|
102
121
|
<param pos="0" name="hw.product" value="Softswitch"/>
|
103
122
|
<param pos="1" name="hw.model"/>
|
104
123
|
</fingerprint>
|
124
|
+
|
105
125
|
<fingerprint pattern="^Mitel-(\S+)-SIP-Phone ([\d\.]+) (.{12})$">
|
106
126
|
<description>Mitel SIP Phones</description>
|
107
127
|
<example hw.product="5320" hw.version="06.05.00.11" host.mac="010203040506">Mitel-5320-SIP-Phone 06.05.00.11 010203040506</example>
|
@@ -111,6 +131,7 @@
|
|
111
131
|
<param pos="2" name="hw.version"/>
|
112
132
|
<param pos="3" name="host.mac"/>
|
113
133
|
</fingerprint>
|
134
|
+
|
114
135
|
<fingerprint pattern="^Mitel Border GW/(\S+)$">
|
115
136
|
<description>Mitel SIP Gateway</description>
|
116
137
|
<example hw.version="4.0.0.9">Mitel Border GW/4.0.0.9</example>
|
@@ -119,13 +140,14 @@
|
|
119
140
|
<param pos="0" name="hw.product" value="Border GW"/>
|
120
141
|
<param pos="1" name="hw.version"/>
|
121
142
|
</fingerprint>
|
143
|
+
|
122
144
|
<fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(SoundPoint|VVX|SoundStation)\S+_(\d+)-UA/([\d\.]+)(?:_(.{12}))?$">
|
123
145
|
<description>Polycom SoundPoint, SountdStation, VVX VoIP phones</description>
|
124
146
|
<example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
|
125
147
|
<example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
|
126
148
|
<example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
|
127
149
|
<example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
|
128
|
-
<example hw.version="4.0.8.1608" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
|
150
|
+
<example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
|
129
151
|
<param pos="0" name="hw.vendor" value="Polycom"/>
|
130
152
|
<param pos="0" name="hw.device" value="VoIP"/>
|
131
153
|
<param pos="1" name="hw.family"/>
|
@@ -134,6 +156,7 @@
|
|
134
156
|
<param pos="3" name="hw.version"/>
|
135
157
|
<param pos="4" name="host.mac"/>
|
136
158
|
</fingerprint>
|
159
|
+
|
137
160
|
<fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(?:RealPresenceTrio)-Trio_(\S+)-UA/([\d\.]+)(?:_(.{12}))?$">
|
138
161
|
<description>Polycom RealPresence Trio Phones</description>
|
139
162
|
<example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
|
@@ -147,6 +170,7 @@
|
|
147
170
|
<param pos="2" name="hw.version"/>
|
148
171
|
<param pos="3" name="host.mac"/>
|
149
172
|
</fingerprint>
|
173
|
+
|
150
174
|
<fingerprint pattern="^Polycom ?HDX ?(\d+)(?: ?HD)?(?:/| \(Release - )([^\)]+)\)?">
|
151
175
|
<description>Polycom HDX Video Conferencing</description>
|
152
176
|
<example hw.model="9006" hw.product="HDX 9006" hw.version="3.0.6-37004">Polycom HDX 9006 (Release - 3.0.6-37004)</example>
|
@@ -160,6 +184,7 @@
|
|
160
184
|
<param pos="1" name="hw.model"/>
|
161
185
|
<param pos="2" name="hw.version"/>
|
162
186
|
</fingerprint>
|
187
|
+
|
163
188
|
<fingerprint pattern="^PolycomRealPresenceGroup(\d+)/([\d\._]+)+$">
|
164
189
|
<description>Polycom RealPresence Group Video Conferencing</description>
|
165
190
|
<example hw.model="700" hw.product="RealPresence Group 700" hw.version="6.2.0">PolycomRealPresenceGroup700/6.2.0</example>
|
@@ -170,6 +195,7 @@
|
|
170
195
|
<param pos="1" name="hw.model"/>
|
171
196
|
<param pos="2" name="hw.version"/>
|
172
197
|
</fingerprint>
|
198
|
+
|
173
199
|
<fingerprint pattern="^Nero SIPPS IP Phone Version ([\d\.]+)+$">
|
174
200
|
<description>Nero SIPPS IP Phone</description>
|
175
201
|
<example service.version="2.0.51.16">Nero SIPPS IP Phone Version 2.0.51.16</example>
|
@@ -179,4 +205,44 @@
|
|
179
205
|
<param pos="0" name="service.product" value="SIPPS IP Phone"/>
|
180
206
|
<param pos="1" name="service.version"/>
|
181
207
|
</fingerprint>
|
182
|
-
|
208
|
+
|
209
|
+
<fingerprint pattern="^ShoreGear/([\d\.]+)\s+\(ShoreTel \d+\)$">
|
210
|
+
<description>ShoreTel VoIP Switch</description>
|
211
|
+
<example hw.version="21.90.4128.0">ShoreGear/21.90.4128.0 (ShoreTel 15)</example>
|
212
|
+
<example hw.version="22.11.4900.0">ShoreGear/22.11.4900.0 (ShoreTel 15)</example>
|
213
|
+
<param pos="0" name="hw.vendor" value="ShoreTel"/>
|
214
|
+
<param pos="0" name="hw.device" value="VoIP Switch"/>
|
215
|
+
<param pos="1" name="hw.version"/>
|
216
|
+
</fingerprint>
|
217
|
+
|
218
|
+
<fingerprint pattern="^MERCURY-([a-fA-F0-9]{12})$">
|
219
|
+
<description>Crestron Mercury</description>
|
220
|
+
<example host.mac="00107F1ABAA0">MERCURY-00107F1ABAA0</example>
|
221
|
+
<param pos="0" name="hw.vendor" value="Crestron"/>
|
222
|
+
<param pos="0" name="hw.device" value="Video Conferencing"/>
|
223
|
+
<param pos="0" name="hw.product" value="Mercury"/>
|
224
|
+
<param pos="0" name="os.vendor" value="Crestron"/>
|
225
|
+
<param pos="0" name="os.family" value="Linux"/>
|
226
|
+
<param pos="0" name="os.device" value="Video Conferencing"/>
|
227
|
+
<param pos="1" name="host.mac"/>
|
228
|
+
</fingerprint>
|
229
|
+
|
230
|
+
<fingerprint pattern="^IPDECT/([\d\.]+)\s+\(MAC=([a-fA-F0-9]{12}); SER=">
|
231
|
+
<description>Konftel IP Phone</description>
|
232
|
+
<example host.mac="00087B0F1D30" hw.version="03.55.0013">IPDECT/03.55.0013 (MAC=00087B0F1D30; SER= 00000; HW=1)</example>
|
233
|
+
<param pos="0" name="hw.vendor" value="Konftel"/>
|
234
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
235
|
+
<param pos="1" name="hw.version"/>
|
236
|
+
<param pos="2" name="host.mac"/>
|
237
|
+
</fingerprint>
|
238
|
+
|
239
|
+
<fingerprint pattern="^Sangoma ([^\s]+) V([a-zA-Z0-9\.]+)=?">
|
240
|
+
<description>Sangoma IP Phone</description>
|
241
|
+
<example hw.product="S305" hw.version="3.0.4.72">Sangoma S305 V3.0.4.72</example>
|
242
|
+
<param pos="0" name="hw.vendor" value="Sangoma"/>
|
243
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
244
|
+
<param pos="2" name="hw.version"/>
|
245
|
+
<param pos="1" name="hw.product"/>
|
246
|
+
</fingerprint>
|
247
|
+
|
248
|
+
</fingerprints>
|
data/xml/smb_native_lm.xml
CHANGED
@@ -1,10 +1,12 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="smb.native_lm" protocol="smb" database_type="service">
|
3
3
|
<!--
|
4
4
|
SMB fingerprints obtained from the Native LM (LAN manager) field of SMB
|
5
5
|
negotations
|
6
6
|
-->
|
7
|
+
|
7
8
|
<!-- Mac OS X -->
|
9
|
+
|
8
10
|
<fingerprint pattern="^Samba (3\.0\.28a-apple)$">
|
9
11
|
<description>Samba on OS X 10.6</description>
|
10
12
|
<example service.version="3.0.28a-apple">Samba 3.0.28a-apple</example>
|
@@ -18,6 +20,7 @@
|
|
18
20
|
<param pos="1" name="service.version"/>
|
19
21
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
20
22
|
</fingerprint>
|
23
|
+
|
21
24
|
<fingerprint pattern="^Samba (3\.0\.25b-apple)$">
|
22
25
|
<description>Samba on OS X 10.5</description>
|
23
26
|
<example service.version="3.0.25b-apple">Samba 3.0.25b-apple</example>
|
@@ -31,7 +34,9 @@
|
|
31
34
|
<param pos="1" name="service.version"/>
|
32
35
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
33
36
|
</fingerprint>
|
37
|
+
|
34
38
|
<!-- TODO: Detect vendor, distribution, and package versions -->
|
39
|
+
|
35
40
|
<fingerprint pattern="^Samba (\d\.\d+.\d+\w*)">
|
36
41
|
<description>Samba</description>
|
37
42
|
<example>Samba 3.0.24</example>
|
@@ -45,11 +50,13 @@
|
|
45
50
|
<param pos="1" name="service.version"/>
|
46
51
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:{service.version}"/>
|
47
52
|
</fingerprint>
|
53
|
+
|
48
54
|
<fingerprint pattern="^Netreon LANMAN 1.0$">
|
49
55
|
<description>Netreon SAN software</description>
|
50
56
|
<example>Netreon LANMAN 1.0</example>
|
51
57
|
<param pos="0" name="service.vendor" value="Netreon"/>
|
52
58
|
</fingerprint>
|
59
|
+
|
53
60
|
<fingerprint pattern="(?i)^MikrotikSMB$">
|
54
61
|
<description>Mikrotik</description>
|
55
62
|
<example>MikrotikSMB</example>
|
@@ -59,4 +66,5 @@
|
|
59
66
|
<param pos="0" name="os.product" value="RouterOS"/>
|
60
67
|
<param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
|
61
68
|
</fingerprint>
|
62
|
-
|
69
|
+
|
70
|
+
</fingerprints>
|
data/xml/smb_native_os.xml
CHANGED
@@ -1,8 +1,9 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="smb.native_os" protocol="smb" database_type="util.os">
|
3
3
|
<!--
|
4
4
|
SMB fingerprints obtained from the Native OS field of SMB negotations
|
5
5
|
-->
|
6
|
+
|
6
7
|
<fingerprint pattern="^(Windows NT \d\.\d+)$">
|
7
8
|
<description>Windows NT</description>
|
8
9
|
<example os.product="Windows NT 4.0">Windows NT 4.0</example>
|
@@ -10,6 +11,7 @@
|
|
10
11
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
11
12
|
<param pos="1" name="os.product"/>
|
12
13
|
</fingerprint>
|
14
|
+
|
13
15
|
<fingerprint pattern="^(Windows (?:95|98|ME))$">
|
14
16
|
<description>Windows 95/98/ME</description>
|
15
17
|
<example os.product="Windows 95">Windows 95</example>
|
@@ -18,6 +20,7 @@
|
|
18
20
|
<param pos="0" name="os.vendor" value="Microsoft"/>
|
19
21
|
<param pos="1" name="os.product"/>
|
20
22
|
</fingerprint>
|
23
|
+
|
21
24
|
<fingerprint pattern="^Windows 5\.0$">
|
22
25
|
<description>Windows 2000</description>
|
23
26
|
<example>Windows 5.0</example>
|
@@ -26,6 +29,7 @@
|
|
26
29
|
<param pos="0" name="os.product" value="Windows 2000"/>
|
27
30
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
|
28
31
|
</fingerprint>
|
32
|
+
|
29
33
|
<fingerprint pattern="^Windows 5\.1$">
|
30
34
|
<description>Windows XP</description>
|
31
35
|
<example>Windows 5.1</example>
|
@@ -34,6 +38,7 @@
|
|
34
38
|
<param pos="0" name="os.product" value="Windows XP"/>
|
35
39
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_xp:-"/>
|
36
40
|
</fingerprint>
|
41
|
+
|
37
42
|
<fingerprint pattern="^Windows XP (\d+) (Service Pack \d+)$">
|
38
43
|
<description>Windows XP with Service Pack</description>
|
39
44
|
<example os.build="2600" os.version="Service Pack 1">Windows XP 2600 Service Pack 1</example>
|
@@ -44,6 +49,7 @@
|
|
44
49
|
<param pos="2" name="os.version"/>
|
45
50
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_xp:{os.version}"/>
|
46
51
|
</fingerprint>
|
52
|
+
|
47
53
|
<fingerprint pattern="^Windows XP (\d+)$">
|
48
54
|
<description>Windows XP with build number</description>
|
49
55
|
<example os.build="2600">Windows XP 2600</example>
|
@@ -53,6 +59,7 @@
|
|
53
59
|
<param pos="1" name="os.build"/>
|
54
60
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_xp:-"/>
|
55
61
|
</fingerprint>
|
62
|
+
|
56
63
|
<fingerprint pattern="^Windows XP (Home|Professional)(?: Edition)?$">
|
57
64
|
<description>Windows XP without a version</description>
|
58
65
|
<example os.edition="Home">Windows XP Home Edition</example>
|
@@ -63,6 +70,7 @@
|
|
63
70
|
<param pos="1" name="os.edition"/>
|
64
71
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_xp:-"/>
|
65
72
|
</fingerprint>
|
73
|
+
|
66
74
|
<fingerprint pattern="^Windows \.NET">
|
67
75
|
<description>Windows Server 2003 Beta</description>
|
68
76
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -71,6 +79,7 @@
|
|
71
79
|
<param pos="0" name="os.version" value="Beta"/>
|
72
80
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:Beta"/>
|
73
81
|
</fingerprint>
|
82
|
+
|
74
83
|
<fingerprint pattern="^Windows Server 2003 R2 (\d+)$">
|
75
84
|
<description>Windows Server 2003 R2</description>
|
76
85
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -79,6 +88,7 @@
|
|
79
88
|
<param pos="1" name="os.build"/>
|
80
89
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
81
90
|
</fingerprint>
|
91
|
+
|
82
92
|
<fingerprint pattern="^Windows Server 2003 R2 (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
83
93
|
<description>Windows Server 2003 R2 (SP)</description>
|
84
94
|
<example os.build="3790" os.version="Service Pack 2">Windows Server 2003 R2 3790 Service Pack 2</example>
|
@@ -90,6 +100,7 @@
|
|
90
100
|
<param pos="2" name="os.version"/>
|
91
101
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:{os.version}"/>
|
92
102
|
</fingerprint>
|
103
|
+
|
93
104
|
<fingerprint pattern="^Windows Server 2003 (\d+)$">
|
94
105
|
<description>Windows Server 2003 with a build</description>
|
95
106
|
<example os.build="3790">Windows Server 2003 3790</example>
|
@@ -99,6 +110,7 @@
|
|
99
110
|
<param pos="1" name="os.build"/>
|
100
111
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
101
112
|
</fingerprint>
|
113
|
+
|
102
114
|
<fingerprint pattern="^Windows Server 2003$">
|
103
115
|
<description>Windows Server 2003 without a build</description>
|
104
116
|
<example>Windows Server 2003</example>
|
@@ -107,6 +119,7 @@
|
|
107
119
|
<param pos="0" name="os.product" value="Windows Server 2003"/>
|
108
120
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
|
109
121
|
</fingerprint>
|
122
|
+
|
110
123
|
<fingerprint pattern="^Windows Server 2003 (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
111
124
|
<description>Windows Server 2003 (SP)</description>
|
112
125
|
<example os.build="3790" os.version="Service Pack 1">Windows Server 2003 3790 Service Pack 1, v.3309</example>
|
@@ -118,7 +131,9 @@
|
|
118
131
|
<param pos="2" name="os.version"/>
|
119
132
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:{os.version}"/>
|
120
133
|
</fingerprint>
|
134
|
+
|
121
135
|
<!-- Note that 2008 SP1 is technically "2008 Gold" according to Microsoft -->
|
136
|
+
|
122
137
|
<fingerprint pattern="^Windows Server 2008$">
|
123
138
|
<description>Windows Server 2008 without a build</description>
|
124
139
|
<example>Windows Server 2008</example>
|
@@ -127,6 +142,7 @@
|
|
127
142
|
<param pos="0" name="os.product" value="Windows Server 2008"/>
|
128
143
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
129
144
|
</fingerprint>
|
145
|
+
|
130
146
|
<fingerprint pattern="^Windows Server \(R\) 2008 (\w+|\w+ \w+|\w+ \w+ \w+)(?: (?:with|without) Hyper-V|) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
131
147
|
<description>Windows Server 2008</description>
|
132
148
|
<example os.edition="Enterprise" os.version="Service Pack 1">Windows Server (R) 2008 Enterprise without Hyper-V 6001 Service Pack 1</example>
|
@@ -139,6 +155,7 @@
|
|
139
155
|
<param pos="3" name="os.version"/>
|
140
156
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
141
157
|
</fingerprint>
|
158
|
+
|
142
159
|
<fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+) (Service Pack \d+)$">
|
143
160
|
<description>Windows Web Server 2008 (SP)</description>
|
144
161
|
<example os.edition="Web" os.version="Service Pack 2">Windows (R) Web Server 2008 6002 Service Pack 2</example>
|
@@ -150,6 +167,7 @@
|
|
150
167
|
<param pos="2" name="os.version"/>
|
151
168
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
152
169
|
</fingerprint>
|
170
|
+
|
153
171
|
<fingerprint pattern="^Windows \(R\) Web Server 2008 (\d+)$">
|
154
172
|
<description>Windows Web Server 2008</description>
|
155
173
|
<example>Windows (R) Web Server 2008 6002</example>
|
@@ -160,7 +178,9 @@
|
|
160
178
|
<param pos="1" name="os.build"/>
|
161
179
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
162
180
|
</fingerprint>
|
181
|
+
|
163
182
|
<!-- TODO: Need an example string -->
|
183
|
+
|
164
184
|
<fingerprint pattern="^Windows \(R\) Storage Server 2008 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
165
185
|
<description>Windows Server 2008 Storage (SP)</description>
|
166
186
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -171,7 +191,9 @@
|
|
171
191
|
<param pos="2" name="os.version"/>
|
172
192
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
173
193
|
</fingerprint>
|
194
|
+
|
174
195
|
<!-- TODO: Need an example string -->
|
196
|
+
|
175
197
|
<fingerprint pattern="^Windows \(R\) Storage Server 2008 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
176
198
|
<description>Windows Web Server 2008 Storage</description>
|
177
199
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -181,6 +203,7 @@
|
|
181
203
|
<param pos="1" name="os.build"/>
|
182
204
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
183
205
|
</fingerprint>
|
206
|
+
|
184
207
|
<fingerprint pattern="^Windows Server 2008 HPC Edition (\d+) (Service Pack \d+)$">
|
185
208
|
<description>Windows Server 2008 HPC</description>
|
186
209
|
<example>Windows Server 2008 HPC Edition 7601 Service Pack 1</example>
|
@@ -192,7 +215,9 @@
|
|
192
215
|
<param pos="2" name="os.version"/>
|
193
216
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
194
217
|
</fingerprint>
|
218
|
+
|
195
219
|
<!-- TODO: Need an example string -->
|
220
|
+
|
196
221
|
<fingerprint pattern="^Windows Server 2008 HPC Edition (\d+)$">
|
197
222
|
<description>Windows Web Server 2008 HPC</description>
|
198
223
|
<example>Windows Server 2008 HPC Edition 7600</example>
|
@@ -203,7 +228,9 @@
|
|
203
228
|
<param pos="1" name="os.build"/>
|
204
229
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
205
230
|
</fingerprint>
|
231
|
+
|
206
232
|
<!-- 2008 R2 -->
|
233
|
+
|
207
234
|
<fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
208
235
|
<description>Windows Server 2008 R2</description>
|
209
236
|
<example>Windows Server 2008 R2 Enterprise 7601 Service Pack 1</example>
|
@@ -216,6 +243,7 @@
|
|
216
243
|
<param pos="3" name="os.version"/>
|
217
244
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
218
245
|
</fingerprint>
|
246
|
+
|
219
247
|
<fingerprint pattern="^Windows Server 2008 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
220
248
|
<description>Windows Server 2008 R2 without Service Pack</description>
|
221
249
|
<example os.edition="Enterprise">Windows Server 2008 R2 Enterprise 7600</example>
|
@@ -228,6 +256,7 @@
|
|
228
256
|
<param pos="2" name="os.build"/>
|
229
257
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
230
258
|
</fingerprint>
|
259
|
+
|
231
260
|
<fingerprint pattern="^Windows Server 2016(?: Technical Preview \d+)? (\w+|\w+ \w+|\w+ \w+ \w+)(?: Evaluation)? (\d+)$">
|
232
261
|
<description>Windows Server 2016 with a build, without service pack</description>
|
233
262
|
<example os.edition="Datacenter" os.build="14393">Windows Server 2016 Datacenter 14393</example>
|
@@ -240,6 +269,7 @@
|
|
240
269
|
<param pos="2" name="os.build"/>
|
241
270
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
242
271
|
</fingerprint>
|
272
|
+
|
243
273
|
<fingerprint pattern="^Windows Storage Server 2016 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
244
274
|
<description>Windows Server 2016 Storage</description>
|
245
275
|
<example os.build="14393">Windows Storage Server 2016 Standard 14393</example>
|
@@ -250,6 +280,7 @@
|
|
250
280
|
<param pos="1" name="os.build"/>
|
251
281
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
|
252
282
|
</fingerprint>
|
283
|
+
|
253
284
|
<fingerprint pattern="^Windows Web Server 2008 R2 (\d+) (Service Pack \d+)$">
|
254
285
|
<description>Windows Server 2008 R2 Web</description>
|
255
286
|
<example os.version="Service Pack 1">Windows Web Server 2008 R2 7601 Service Pack 1</example>
|
@@ -261,6 +292,7 @@
|
|
261
292
|
<param pos="2" name="os.version"/>
|
262
293
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
263
294
|
</fingerprint>
|
295
|
+
|
264
296
|
<fingerprint pattern="^Windows Web Server 2008 R2 (\d+)$">
|
265
297
|
<description>Windows Web Server 2008 R2 Web</description>
|
266
298
|
<example>Windows Web Server 2008 R2 7600</example>
|
@@ -271,6 +303,7 @@
|
|
271
303
|
<param pos="1" name="os.build"/>
|
272
304
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
|
273
305
|
</fingerprint>
|
306
|
+
|
274
307
|
<fingerprint pattern="^Windows Storage Server 2008 R2 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
275
308
|
<description>Windows Server 2008 Storage R2 (SP)</description>
|
276
309
|
<example os.version="Service Pack 1" os.build="7601">Windows Storage Server 2008 R2 Essentials 7601 Service Pack 1</example>
|
@@ -282,6 +315,7 @@
|
|
282
315
|
<param pos="2" name="os.version"/>
|
283
316
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:{os.version}"/>
|
284
317
|
</fingerprint>
|
318
|
+
|
285
319
|
<fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
286
320
|
<description>Windows Vista (SP)</description>
|
287
321
|
<example os.edition="Home Premium" os.version="Service Pack 2">Windows Vista (TM) Home Premium 6002 Service Pack 2</example>
|
@@ -293,6 +327,7 @@
|
|
293
327
|
<param pos="3" name="os.version"/>
|
294
328
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_vista:{os.version}"/>
|
295
329
|
</fingerprint>
|
330
|
+
|
296
331
|
<fingerprint pattern="^Windows Vista \(TM\) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
297
332
|
<description>Windows Vista</description>
|
298
333
|
<example os.edition="Home Premium">Windows Vista (TM) Home Premium 6000</example>
|
@@ -303,6 +338,7 @@
|
|
303
338
|
<param pos="2" name="os.build"/>
|
304
339
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_vista:-"/>
|
305
340
|
</fingerprint>
|
341
|
+
|
306
342
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)(?:, v\.\d+)?$">
|
307
343
|
<description>Windows 7/8 (SP + Edition)</description>
|
308
344
|
<example os.edition="Enterprise" os.version="Service Pack 1">Windows 7 Enterprise 7601 Service Pack 1</example>
|
@@ -315,6 +351,7 @@
|
|
315
351
|
<param pos="3" name="os.build"/>
|
316
352
|
<param pos="4" name="os.version"/>
|
317
353
|
</fingerprint>
|
354
|
+
|
318
355
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+) (Service Pack \d+)$">
|
319
356
|
<description>Windows 7/8 (SP)</description>
|
320
357
|
<example os.version="Service Pack 1">Windows 7 7601 Service Pack 1</example>
|
@@ -324,6 +361,7 @@
|
|
324
361
|
<param pos="2" name="os.build"/>
|
325
362
|
<param pos="3" name="os.version"/>
|
326
363
|
</fingerprint>
|
364
|
+
|
327
365
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
328
366
|
<description>Windows 7/8 (Edition)</description>
|
329
367
|
<example os.edition="Enterprise">Windows 7 Enterprise 7600</example>
|
@@ -335,6 +373,7 @@
|
|
335
373
|
<param pos="2" name="os.edition"/>
|
336
374
|
<param pos="3" name="os.build"/>
|
337
375
|
</fingerprint>
|
376
|
+
|
338
377
|
<fingerprint pattern="^(Windows (?:7|8|8\.1)(?:| RT)) (\d+)$">
|
339
378
|
<description>Windows 7/8</description>
|
340
379
|
<example>Windows 8 9200</example>
|
@@ -343,8 +382,11 @@
|
|
343
382
|
<param pos="1" name="os.product"/>
|
344
383
|
<param pos="2" name="os.build"/>
|
345
384
|
</fingerprint>
|
385
|
+
|
346
386
|
<!-- Windows 2012 R2 matches go first to simplify the regular expressions -->
|
387
|
+
|
347
388
|
<!-- TODO: Need an example string -->
|
389
|
+
|
348
390
|
<fingerprint pattern="^Windows Server 2012 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
349
391
|
<description>Windows Server 2012 R2 (SP)</description>
|
350
392
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -355,6 +397,7 @@
|
|
355
397
|
<param pos="3" name="os.version"/>
|
356
398
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:{os.version}"/>
|
357
399
|
</fingerprint>
|
400
|
+
|
358
401
|
<fingerprint pattern="^Windows Server 2012 R2 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
359
402
|
<description>Windows Server 2012 R2</description>
|
360
403
|
<example os.edition="Standard">Windows Server 2012 R2 Standard 9600</example>
|
@@ -365,7 +408,9 @@
|
|
365
408
|
<param pos="2" name="os.build"/>
|
366
409
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
367
410
|
</fingerprint>
|
411
|
+
|
368
412
|
<!-- TODO: Need an example string -->
|
413
|
+
|
369
414
|
<fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
370
415
|
<description>Windows Server 2012 (SP)</description>
|
371
416
|
<param pos="0" name="os.certainty" value="1.0"/>
|
@@ -376,6 +421,7 @@
|
|
376
421
|
<param pos="3" name="os.version"/>
|
377
422
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:{os.version}"/>
|
378
423
|
</fingerprint>
|
424
|
+
|
379
425
|
<fingerprint pattern="^Windows Server 2012 (\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
380
426
|
<description>Windows Server 2012</description>
|
381
427
|
<example>Windows Server 2012 Standard 9200</example>
|
@@ -386,6 +432,7 @@
|
|
386
432
|
<param pos="2" name="os.build"/>
|
387
433
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
388
434
|
</fingerprint>
|
435
|
+
|
389
436
|
<fingerprint pattern="^Windows MultiPoint Server 2012 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+) (Service Pack \d+)$">
|
390
437
|
<description>Windows MultiPoint Server 2012 (SP)</description>
|
391
438
|
<example os.build="9201" os.version="Service Pack 1">Windows MultiPoint Server 2012 Premium 9201 Service Pack 1</example>
|
@@ -397,6 +444,7 @@
|
|
397
444
|
<param pos="2" name="os.version"/>
|
398
445
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:{os.version}"/>
|
399
446
|
</fingerprint>
|
447
|
+
|
400
448
|
<fingerprint pattern="^Windows MultiPoint Server 2012 (?:\w+|\w+ \w+|\w+ \w+ \w+) (\d+)$">
|
401
449
|
<description>Windows MultiPoint Server 2012</description>
|
402
450
|
<example os.build="9200">Windows MultiPoint Server 2012 Premium 9200</example>
|
@@ -407,7 +455,9 @@
|
|
407
455
|
<param pos="1" name="os.build"/>
|
408
456
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
|
409
457
|
</fingerprint>
|
458
|
+
|
410
459
|
<!-- Windows 10 Preview -->
|
460
|
+
|
411
461
|
<fingerprint pattern="^Windows 10 (\w+|\w+ \w+|\w+ \w+ \w+) Insider Preview (\d+)$">
|
412
462
|
<description>Windows 10 Enterprise Insider Preview</description>
|
413
463
|
<example os.build="10130" os.edition="Enterprise">Windows 10 Enterprise Insider Preview 10130</example>
|
@@ -418,6 +468,7 @@
|
|
418
468
|
<param pos="2" name="os.build"/>
|
419
469
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
|
420
470
|
</fingerprint>
|
471
|
+
|
421
472
|
<fingerprint pattern="^Windows 10 ((?:\w+|\w+ \w+|\w+ \w+ \w+)(?: LTSB(?: Evaluation)?)?) (\d+)$">
|
422
473
|
<description>Windows 10</description>
|
423
474
|
<example os.build="10130" os.edition="Enterprise">Windows 10 Enterprise 10130</example>
|
@@ -435,6 +486,7 @@
|
|
435
486
|
<param pos="2" name="os.build"/>
|
436
487
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10:-"/>
|
437
488
|
</fingerprint>
|
489
|
+
|
438
490
|
<fingerprint pattern="^VxWorks">
|
439
491
|
<description>VxWorks</description>
|
440
492
|
<example>VxWorks</example>
|
@@ -445,6 +497,7 @@
|
|
445
497
|
<param pos="0" name="service.vendor" value="Wind River"/>
|
446
498
|
<param pos="0" name="service.product" value="VxWorks CIFS"/>
|
447
499
|
</fingerprint>
|
500
|
+
|
448
501
|
<fingerprint pattern="^OS/400 \D(\d+)\D(\d+)\D(\d+)">
|
449
502
|
<description>OS/400</description>
|
450
503
|
<example os.version="4" os.version.version="5" os.version.version.version="0">OS/400 V4R5M0</example>
|
@@ -453,13 +506,16 @@
|
|
453
506
|
<param pos="1" name="os.version"/>
|
454
507
|
<param pos="2" name="os.version.version"/>
|
455
508
|
<param pos="3" name="os.version.version.version"/>
|
509
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:ibm:os_400:{os.version}"/>
|
456
510
|
</fingerprint>
|
511
|
+
|
457
512
|
<fingerprint pattern="^Apple Base Station$">
|
458
513
|
<description>SMB exposed via SMB shared USB disks on Apple devices</description>
|
459
514
|
<example>Apple Base Station</example>
|
460
515
|
<param pos="0" name="os.vendor" value="Apple"/>
|
461
516
|
<param pos="0" name="hw.vendor" value="Apple"/>
|
462
517
|
</fingerprint>
|
518
|
+
|
463
519
|
<fingerprint pattern="^EMC-SNAS:T([\d\.]+)?$">
|
464
520
|
<description>EMC Celerra</description>
|
465
521
|
<example service.version="7.1.80.7">EMC-SNAS:T7.1.80.7</example>
|
@@ -474,12 +530,15 @@
|
|
474
530
|
<param pos="0" name="hw.device" value="Storage"/>
|
475
531
|
<param pos="0" name="hw.product" value="Celerra"/>
|
476
532
|
</fingerprint>
|
533
|
+
|
477
534
|
<fingerprint pattern="^Netreon OS 1.0$">
|
478
535
|
<description>Netreon SAN software</description>
|
479
536
|
<example>Netreon OS 1.0</example>
|
480
537
|
<param pos="0" name="service.vendor" value="Netreon"/>
|
481
538
|
</fingerprint>
|
539
|
+
|
482
540
|
<!-- VisionFS -->
|
541
|
+
|
483
542
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)ai(\d{4})">
|
484
543
|
<description>AIX</description>
|
485
544
|
<example service.version="9876">axai9876</example>
|
@@ -490,6 +549,7 @@
|
|
490
549
|
<param pos="0" name="service.product" value="VisionFS"/>
|
491
550
|
<param pos="1" name="service.version"/>
|
492
551
|
</fingerprint>
|
552
|
+
|
493
553
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)dg(\d{4})">
|
494
554
|
<description>DG/UX</description>
|
495
555
|
<example service.version="9876">i3dg9876</example>
|
@@ -499,6 +559,7 @@
|
|
499
559
|
<param pos="0" name="service.product" value="VisionFS"/>
|
500
560
|
<param pos="1" name="service.version"/>
|
501
561
|
</fingerprint>
|
562
|
+
|
502
563
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)dw(\d{4})">
|
503
564
|
<description>Darwin</description>
|
504
565
|
<example service.version="9876">m8dw9876</example>
|
@@ -509,6 +570,7 @@
|
|
509
570
|
<param pos="0" name="service.product" value="VisionFS"/>
|
510
571
|
<param pos="1" name="service.version"/>
|
511
572
|
</fingerprint>
|
573
|
+
|
512
574
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)dy(\d{4})">
|
513
575
|
<description>DYNIX</description>
|
514
576
|
<example service.version="9876">m8dy9876</example>
|
@@ -518,6 +580,7 @@
|
|
518
580
|
<param pos="0" name="service.product" value="VisionFS"/>
|
519
581
|
<param pos="1" name="service.version"/>
|
520
582
|
</fingerprint>
|
583
|
+
|
521
584
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)fb(\d{4})">
|
522
585
|
<description>FreeBSD</description>
|
523
586
|
<example service.version="9876">m8fb9876</example>
|
@@ -528,6 +591,7 @@
|
|
528
591
|
<param pos="0" name="service.product" value="VisionFS"/>
|
529
592
|
<param pos="1" name="service.version"/>
|
530
593
|
</fingerprint>
|
594
|
+
|
531
595
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)hp(\d{4})">
|
532
596
|
<description>HP-UX</description>
|
533
597
|
<example service.version="9876">m8hp9876</example>
|
@@ -538,6 +602,7 @@
|
|
538
602
|
<param pos="0" name="service.product" value="VisionFS"/>
|
539
603
|
<param pos="1" name="service.version"/>
|
540
604
|
</fingerprint>
|
605
|
+
|
541
606
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)ir(\d{4})">
|
542
607
|
<description>IRIX</description>
|
543
608
|
<example service.version="9876">m8ir9876</example>
|
@@ -548,6 +613,7 @@
|
|
548
613
|
<param pos="0" name="service.product" value="VisionFS"/>
|
549
614
|
<param pos="1" name="service.version"/>
|
550
615
|
</fingerprint>
|
616
|
+
|
551
617
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)li(\d{4})">
|
552
618
|
<description>Linux</description>
|
553
619
|
<example service.version="9876">m8li9876</example>
|
@@ -558,6 +624,7 @@
|
|
558
624
|
<param pos="0" name="service.product" value="VisionFS"/>
|
559
625
|
<param pos="1" name="service.version"/>
|
560
626
|
</fingerprint>
|
627
|
+
|
561
628
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)mo(\d{4})">
|
562
629
|
<description>SVR</description>
|
563
630
|
<example service.version="9876">m8mo9876</example>
|
@@ -567,6 +634,7 @@
|
|
567
634
|
<param pos="0" name="service.product" value="VisionFS"/>
|
568
635
|
<param pos="1" name="service.version"/>
|
569
636
|
</fingerprint>
|
637
|
+
|
570
638
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)o1(\d{4})">
|
571
639
|
<description>OSF/1</description>
|
572
640
|
<example service.version="9876">m8o19876</example>
|
@@ -576,6 +644,7 @@
|
|
576
644
|
<param pos="0" name="service.product" value="VisionFS"/>
|
577
645
|
<param pos="1" name="service.version"/>
|
578
646
|
</fingerprint>
|
647
|
+
|
579
648
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)ro(\d{4})">
|
580
649
|
<description>RISC OS</description>
|
581
650
|
<example service.version="9876">m8ro9876</example>
|
@@ -584,6 +653,7 @@
|
|
584
653
|
<param pos="0" name="service.product" value="VisionFS"/>
|
585
654
|
<param pos="1" name="service.version"/>
|
586
655
|
</fingerprint>
|
656
|
+
|
587
657
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)sc(\d{4})">
|
588
658
|
<description>OpenServer</description>
|
589
659
|
<example service.version="9876">m8sc9876</example>
|
@@ -593,6 +663,7 @@
|
|
593
663
|
<param pos="0" name="service.product" value="VisionFS"/>
|
594
664
|
<param pos="1" name="service.version"/>
|
595
665
|
</fingerprint>
|
666
|
+
|
596
667
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)so(\d{4})">
|
597
668
|
<description>SunOS</description>
|
598
669
|
<example service.version="9876">m8so9876</example>
|
@@ -603,6 +674,7 @@
|
|
603
674
|
<param pos="0" name="service.product" value="VisionFS"/>
|
604
675
|
<param pos="1" name="service.version"/>
|
605
676
|
</fingerprint>
|
677
|
+
|
606
678
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)su(\d{4})">
|
607
679
|
<description>Solaris</description>
|
608
680
|
<example service.version="9876">m8su9876</example>
|
@@ -613,6 +685,7 @@
|
|
613
685
|
<param pos="0" name="service.product" value="VisionFS"/>
|
614
686
|
<param pos="1" name="service.version"/>
|
615
687
|
</fingerprint>
|
688
|
+
|
616
689
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)sx(\d{4})">
|
617
690
|
<description>SINIX</description>
|
618
691
|
<example service.version="9876">m8sx9876</example>
|
@@ -622,6 +695,7 @@
|
|
622
695
|
<param pos="0" name="service.product" value="VisionFS"/>
|
623
696
|
<param pos="1" name="service.version"/>
|
624
697
|
</fingerprint>
|
698
|
+
|
625
699
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)ul(\d{4})">
|
626
700
|
<description>Ultrix/1</description>
|
627
701
|
<example service.version="9876">m8ul9876</example>
|
@@ -631,6 +705,7 @@
|
|
631
705
|
<param pos="0" name="service.product" value="VisionFS"/>
|
632
706
|
<param pos="1" name="service.version"/>
|
633
707
|
</fingerprint>
|
708
|
+
|
634
709
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)un(\d{4})">
|
635
710
|
<description>UnixWare</description>
|
636
711
|
<example service.version="9876">m8un9876</example>
|
@@ -640,6 +715,7 @@
|
|
640
715
|
<param pos="0" name="service.product" value="VisionFS"/>
|
641
716
|
<param pos="1" name="service.version"/>
|
642
717
|
</fingerprint>
|
718
|
+
|
643
719
|
<fingerprint pattern="^(?:ax|i3|m8|mp|pa|pp|rs|sp)wi(\d{4})">
|
644
720
|
<description>Windows</description>
|
645
721
|
<example service.version="9876">m8wi9876</example>
|
@@ -650,6 +726,7 @@
|
|
650
726
|
<param pos="0" name="service.product" value="VisionFS"/>
|
651
727
|
<param pos="1" name="service.version"/>
|
652
728
|
</fingerprint>
|
729
|
+
|
653
730
|
<fingerprint pattern="^(?i:unix)$">
|
654
731
|
<description>Generally some Samba variant, which reports Unix</description>
|
655
732
|
<example>Unix</example>
|
@@ -659,4 +736,5 @@
|
|
659
736
|
<param pos="0" name="service.vendor" value="Samba"/>
|
660
737
|
<param pos="0" name="service.cpe23" value="cpe:/a:samba:samba:-"/>
|
661
738
|
</fingerprint>
|
662
|
-
|
739
|
+
|
740
|
+
</fingerprints>
|