recog 2.3.8 → 2.3.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitignore +6 -0
- data/CONTRIBUTING.md +136 -37
- data/README.md +18 -16
- data/bin/recog_cleanup +16 -0
- data/bin/recog_standardize +30 -6
- data/cpe-remap.yaml +18 -2
- data/identifiers/README.md +9 -0
- data/identifiers/hw_device.txt +77 -0
- data/identifiers/hw_family.txt +96 -0
- data/identifiers/hw_product.txt +328 -0
- data/identifiers/os_architecture.txt +6 -6
- data/identifiers/os_device.txt +45 -3
- data/identifiers/os_family.txt +206 -41
- data/identifiers/os_product.txt +238 -17
- data/identifiers/service_family.txt +144 -57
- data/identifiers/service_product.txt +385 -83
- data/identifiers/vendor.txt +554 -68
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/update_cpes.py +3 -0
- data/xml/apache_modules.xml +292 -5
- data/xml/apache_os.xml +41 -2
- data/xml/architecture.xml +11 -3
- data/xml/dns_versionbind.xml +191 -15
- data/xml/favicons.xml +1701 -0
- data/xml/ftp_banners.xml +250 -18
- data/xml/h323_callresp.xml +112 -12
- data/xml/hp_pjl_id.xml +47 -5
- data/xml/html_title.xml +1278 -25
- data/xml/http_cookies.xml +64 -9
- data/xml/http_servers.xml +1013 -96
- data/xml/http_wwwauth.xml +141 -26
- data/xml/imap_banners.xml +62 -13
- data/xml/ldap_searchresult.xml +81 -9
- data/xml/mdns_device-info_txt.xml +175 -2
- data/xml/mdns_workstation_txt.xml +4 -2
- data/xml/mysql_banners.xml +134 -7
- data/xml/mysql_error.xml +113 -6
- data/xml/nntp_banners.xml +10 -2
- data/xml/ntp_banners.xml +80 -4
- data/xml/operating_system.xml +89 -3
- data/xml/pop_banners.xml +87 -33
- data/xml/rsh_resp.xml +11 -2
- data/xml/rtsp_servers.xml +22 -2
- data/xml/sip_banners.xml +35 -4
- data/xml/sip_user_agents.xml +29 -2
- data/xml/smb_native_lm.xml +10 -2
- data/xml/smb_native_os.xml +79 -2
- data/xml/smtp_banners.xml +230 -9
- data/xml/smtp_debug.xml +6 -4
- data/xml/smtp_ehlo.xml +7 -5
- data/xml/smtp_expn.xml +13 -4
- data/xml/smtp_help.xml +23 -4
- data/xml/smtp_mailfrom.xml +5 -2
- data/xml/smtp_noop.xml +6 -5
- data/xml/smtp_quit.xml +5 -4
- data/xml/smtp_rcptto.xml +5 -2
- data/xml/smtp_rset.xml +4 -4
- data/xml/smtp_turn.xml +4 -4
- data/xml/smtp_vrfy.xml +14 -4
- data/xml/snmp_sysdescr.xml +733 -25
- data/xml/snmp_sysobjid.xml +47 -2
- data/xml/ssh_banners.xml +182 -8
- data/xml/telnet_banners.xml +493 -22
- data/xml/x11_banners.xml +26 -3
- data/xml/x509_issuers.xml +30 -6
- data/xml/x509_subjects.xml +200 -31
- metadata +8 -2
data/xml/operating_system.xml
CHANGED
@@ -1,9 +1,11 @@
|
|
1
|
-
<?xml version=
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
2
|
<fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
|
3
3
|
<!--
|
4
4
|
Patterns for common names of various operating systems.
|
5
5
|
-->
|
6
|
+
|
6
7
|
<!-- Windows begin -->
|
8
|
+
|
7
9
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
8
10
|
<description>Windows Server 2003 and later</description>
|
9
11
|
<example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
|
@@ -23,6 +25,7 @@
|
|
23
25
|
<param pos="2" name="os.edition"/>
|
24
26
|
<param pos="3" name="os.version"/>
|
25
27
|
</fingerprint>
|
28
|
+
|
26
29
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
|
27
30
|
<description>Windows 10 Mobile</description>
|
28
31
|
<example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
|
@@ -34,6 +37,7 @@
|
|
34
37
|
<param pos="0" name="os.device" value="Mobile"/>
|
35
38
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
|
36
39
|
</fingerprint>
|
40
|
+
|
37
41
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
38
42
|
<description>Windows Desktop XP and later</description>
|
39
43
|
<example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
|
@@ -51,6 +55,7 @@
|
|
51
55
|
<param pos="2" name="os.edition"/>
|
52
56
|
<param pos="3" name="os.version"/>
|
53
57
|
</fingerprint>
|
58
|
+
|
54
59
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
|
55
60
|
<description>Windows 2000</description>
|
56
61
|
<example os.edition="Professional">Windows 2000 Professional</example>
|
@@ -62,6 +67,7 @@
|
|
62
67
|
<param pos="2" name="os.version"/>
|
63
68
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
|
64
69
|
</fingerprint>
|
70
|
+
|
65
71
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
|
66
72
|
<description>Windows NT</description>
|
67
73
|
<example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
|
@@ -75,6 +81,7 @@
|
|
75
81
|
<param pos="2" name="os.edition"/>
|
76
82
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
|
77
83
|
</fingerprint>
|
84
|
+
|
78
85
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
|
79
86
|
<description>Windows Phone 7 and later</description>
|
80
87
|
<example os.version="7.5">Windows Phone 7.5</example>
|
@@ -85,6 +92,7 @@
|
|
85
92
|
<param pos="1" name="os.version"/>
|
86
93
|
<param pos="0" name="os.device" value="Mobile"/>
|
87
94
|
</fingerprint>
|
95
|
+
|
88
96
|
<fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
|
89
97
|
<description>Windows 9x</description>
|
90
98
|
<example os.product="Windows 98 SE">Windows 98 SE</example>
|
@@ -92,6 +100,7 @@
|
|
92
100
|
<param pos="0" name="os.family" value="Windows"/>
|
93
101
|
<param pos="1" name="os.product"/>
|
94
102
|
</fingerprint>
|
103
|
+
|
95
104
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
|
96
105
|
<description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
|
97
106
|
<example>Windows 6.1</example>
|
@@ -99,6 +108,7 @@
|
|
99
108
|
<param pos="0" name="os.family" value="Windows"/>
|
100
109
|
<param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
|
101
110
|
</fingerprint>
|
111
|
+
|
102
112
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
|
103
113
|
<description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
|
104
114
|
<example>Windows 6.2</example>
|
@@ -106,6 +116,7 @@
|
|
106
116
|
<param pos="0" name="os.family" value="Windows"/>
|
107
117
|
<param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
|
108
118
|
</fingerprint>
|
119
|
+
|
109
120
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
|
110
121
|
<description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
|
111
122
|
<example>Windows 6.3</example>
|
@@ -113,6 +124,7 @@
|
|
113
124
|
<param pos="0" name="os.family" value="Windows"/>
|
114
125
|
<param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
|
115
126
|
</fingerprint>
|
127
|
+
|
116
128
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
|
117
129
|
<description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
|
118
130
|
<example>Windows 10.0</example>
|
@@ -120,6 +132,7 @@
|
|
120
132
|
<param pos="0" name="os.family" value="Windows"/>
|
121
133
|
<param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
|
122
134
|
</fingerprint>
|
135
|
+
|
123
136
|
<fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
|
124
137
|
<description>Windows catch-all</description>
|
125
138
|
<example>Windows for Workgroups 3.11</example>
|
@@ -130,8 +143,11 @@
|
|
130
143
|
<param pos="0" name="os.certainty" value="0.5"/>
|
131
144
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
132
145
|
</fingerprint>
|
146
|
+
|
133
147
|
<!-- Windows end -->
|
148
|
+
|
134
149
|
<!-- Liunx begin -->
|
150
|
+
|
135
151
|
<fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
|
136
152
|
<description>Alpine Linux</description>
|
137
153
|
<example os.version="3.4.0">Alpine Linux v3.4.0</example>
|
@@ -141,7 +157,9 @@
|
|
141
157
|
<param pos="0" name="os.product" value="Linux"/>
|
142
158
|
<param pos="1" name="os.version"/>
|
143
159
|
</fingerprint>
|
160
|
+
|
144
161
|
<!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
|
162
|
+
|
145
163
|
<fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
|
146
164
|
<description>Arch Linux</description>
|
147
165
|
<example os.version="2016.04.01">Arch Linux 2016.04.01</example>
|
@@ -150,7 +168,9 @@
|
|
150
168
|
<param pos="0" name="os.product" value="Linux"/>
|
151
169
|
<param pos="1" name="os.version"/>
|
152
170
|
</fingerprint>
|
171
|
+
|
153
172
|
<!-- Red Hat Enterprise Linux derivative -->
|
173
|
+
|
154
174
|
<fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
155
175
|
<description>Amazon Linux AMI</description>
|
156
176
|
<example os.version="5.11">Amazon Linux AMI 5.11</example>
|
@@ -161,7 +181,9 @@
|
|
161
181
|
<param pos="0" name="os.product" value="Linux AMI"/>
|
162
182
|
<param pos="1" name="os.version"/>
|
163
183
|
</fingerprint>
|
184
|
+
|
164
185
|
<!-- Red Hat Enterprise Linux derivative -->
|
186
|
+
|
165
187
|
<fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
|
166
188
|
<description>Centos Linux</description>
|
167
189
|
<example os.version="5.11">Centos Linux 5.11</example>
|
@@ -174,6 +196,7 @@
|
|
174
196
|
<param pos="1" name="os.version"/>
|
175
197
|
<param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
|
176
198
|
</fingerprint>
|
199
|
+
|
177
200
|
<fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
|
178
201
|
<description>Debian Linux</description>
|
179
202
|
<example os.version="6.0">Debian 6.0</example>
|
@@ -186,6 +209,7 @@
|
|
186
209
|
<param pos="1" name="os.version"/>
|
187
210
|
<param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
|
188
211
|
</fingerprint>
|
212
|
+
|
189
213
|
<fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
|
190
214
|
<description>Fedora Linux</description>
|
191
215
|
<example os.version="6">Fedora Core 6</example>
|
@@ -197,7 +221,9 @@
|
|
197
221
|
<param pos="1" name="os.version"/>
|
198
222
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
199
223
|
</fingerprint>
|
224
|
+
|
200
225
|
<!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
|
226
|
+
|
201
227
|
<fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
|
202
228
|
<description>Gentoo Linux</description>
|
203
229
|
<example>Gentoo Linux</example>
|
@@ -207,7 +233,9 @@
|
|
207
233
|
<param pos="1" name="os.version"/>
|
208
234
|
<param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
|
209
235
|
</fingerprint>
|
236
|
+
|
210
237
|
<!-- Kali switched to rolling release in January 2016. -->
|
238
|
+
|
211
239
|
<fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
|
212
240
|
<description>Kali Linux</description>
|
213
241
|
<example os.version="1.0.0">Kali Linux 1.0.0</example>
|
@@ -219,7 +247,9 @@
|
|
219
247
|
<param pos="0" name="os.product" value="Linux"/>
|
220
248
|
<param pos="1" name="os.version"/>
|
221
249
|
</fingerprint>
|
250
|
+
|
222
251
|
<!-- Ubuntu derivative -->
|
252
|
+
|
223
253
|
<fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
224
254
|
<description>Kubuntu Linux</description>
|
225
255
|
<example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
|
@@ -231,7 +261,9 @@
|
|
231
261
|
<param pos="1" name="os.version"/>
|
232
262
|
<param pos="2" name="os.edition"/>
|
233
263
|
</fingerprint>
|
264
|
+
|
234
265
|
<!-- Red Hat Enterprise Linux derivative -->
|
266
|
+
|
235
267
|
<fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
|
236
268
|
<description>Oracle Enterprise Linux</description>
|
237
269
|
<example os.version="5.11">Oracle Enterprise Linux 5.11</example>
|
@@ -242,6 +274,7 @@
|
|
242
274
|
<param pos="1" name="os.version"/>
|
243
275
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
|
244
276
|
</fingerprint>
|
277
|
+
|
245
278
|
<fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
|
246
279
|
<description>OpenSUSE Linux</description>
|
247
280
|
<example os.version="10.1">OpenSUSE Linux 10.1</example>
|
@@ -252,6 +285,7 @@
|
|
252
285
|
<param pos="0" name="os.product" value="Linux"/>
|
253
286
|
<param pos="1" name="os.version"/>
|
254
287
|
</fingerprint>
|
288
|
+
|
255
289
|
<fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
256
290
|
<description>Red Hat Enterprise Linux</description>
|
257
291
|
<example>Red Hat Enterprise Linux AS</example>
|
@@ -265,7 +299,9 @@
|
|
265
299
|
<param pos="1" name="os.version"/>
|
266
300
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
|
267
301
|
</fingerprint>
|
302
|
+
|
268
303
|
<!-- Red Hat Enterprise Linux derivative -->
|
304
|
+
|
269
305
|
<fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
270
306
|
<description>Scientific Linux</description>
|
271
307
|
<example os.version="5.11">Scientific Linux 5.11</example>
|
@@ -276,6 +312,7 @@
|
|
276
312
|
<param pos="0" name="os.product" value="Linux"/>
|
277
313
|
<param pos="1" name="os.version"/>
|
278
314
|
</fingerprint>
|
315
|
+
|
279
316
|
<fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
|
280
317
|
<description>Slackware Linux</description>
|
281
318
|
<example os.version="14.1">Slackware Linux 14.1</example>
|
@@ -284,6 +321,7 @@
|
|
284
321
|
<param pos="0" name="os.product" value="Linux"/>
|
285
322
|
<param pos="1" name="os.version"/>
|
286
323
|
</fingerprint>
|
324
|
+
|
287
325
|
<fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
288
326
|
<description>SUSE Linux Enterprise Desktop</description>
|
289
327
|
<example os.version="11">SUSE SLED 11</example>
|
@@ -294,6 +332,7 @@
|
|
294
332
|
<param pos="1" name="os.version"/>
|
295
333
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
|
296
334
|
</fingerprint>
|
335
|
+
|
297
336
|
<fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
298
337
|
<description>SUSE Linux Enterprise Server</description>
|
299
338
|
<example os.version="11">SUSE SLES 11</example>
|
@@ -304,6 +343,7 @@
|
|
304
343
|
<param pos="1" name="os.version"/>
|
305
344
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
306
345
|
</fingerprint>
|
346
|
+
|
307
347
|
<fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
|
308
348
|
<description>SLES Linux Enterprise Server</description>
|
309
349
|
<example os.version="11">SLES 11</example>
|
@@ -314,6 +354,7 @@
|
|
314
354
|
<param pos="1" name="os.version"/>
|
315
355
|
<param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
|
316
356
|
</fingerprint>
|
357
|
+
|
317
358
|
<fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
318
359
|
<description>Ubuntu Linux</description>
|
319
360
|
<example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
|
@@ -327,7 +368,9 @@
|
|
327
368
|
<param pos="2" name="os.edition"/>
|
328
369
|
<param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
|
329
370
|
</fingerprint>
|
371
|
+
|
330
372
|
<!-- Ubuntu derivative -->
|
373
|
+
|
331
374
|
<fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
|
332
375
|
<description>Xubuntu Linux</description>
|
333
376
|
<example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
|
@@ -339,17 +382,20 @@
|
|
339
382
|
<param pos="1" name="os.version"/>
|
340
383
|
<param pos="2" name="os.edition"/>
|
341
384
|
</fingerprint>
|
385
|
+
|
342
386
|
<fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
|
343
387
|
<description>Photon Linux</description>
|
344
388
|
<example>VMWare Photon Linux</example>
|
345
389
|
<example os.version="1.0">VMWare Photon 1.0</example>
|
346
|
-
<param pos="0" name="os.vendor" value="
|
390
|
+
<param pos="0" name="os.vendor" value="VMware"/>
|
347
391
|
<param pos="0" name="os.family" value="Linux"/>
|
348
392
|
<param pos="0" name="os.product" value="Photon Linux"/>
|
349
393
|
<param pos="1" name="os.version"/>
|
350
394
|
<param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
|
351
395
|
</fingerprint>
|
396
|
+
|
352
397
|
<!-- Vendor-based distribution catch-call -->
|
398
|
+
|
353
399
|
<fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
|
354
400
|
<description>Vendor-based Linux catch-all</description>
|
355
401
|
<example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
|
@@ -359,7 +405,9 @@
|
|
359
405
|
<param pos="1" name="os.vendor"/>
|
360
406
|
<param pos="2" name="os.version"/>
|
361
407
|
</fingerprint>
|
408
|
+
|
362
409
|
<!-- Linux catch-all goes at the bottom-->
|
410
|
+
|
363
411
|
<fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
|
364
412
|
<description>Linux catch-all</description>
|
365
413
|
<example os.version="2.42.6">Linux 2.42.6</example>
|
@@ -370,9 +418,13 @@
|
|
370
418
|
<param pos="1" name="os.version"/>
|
371
419
|
<param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
|
372
420
|
</fingerprint>
|
421
|
+
|
373
422
|
<!-- Linux end -->
|
423
|
+
|
374
424
|
<!-- Mac begin -->
|
425
|
+
|
375
426
|
<!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
|
427
|
+
|
376
428
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
|
377
429
|
<description>Mac OS 9</description>
|
378
430
|
<example os.version="9">Mac OS 9</example>
|
@@ -383,6 +435,7 @@
|
|
383
435
|
<param pos="1" name="os.version"/>
|
384
436
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
|
385
437
|
</fingerprint>
|
438
|
+
|
386
439
|
<fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
387
440
|
<description>Mac OS X with version number</description>
|
388
441
|
<example os.version="10.10.5">Mac OS X 10.10.5</example>
|
@@ -394,6 +447,7 @@
|
|
394
447
|
<param pos="1" name="os.version"/>
|
395
448
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
|
396
449
|
</fingerprint>
|
450
|
+
|
397
451
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
|
398
452
|
<description>Mac OS X Cheetah</description>
|
399
453
|
<example os.version="10.0">Mac OS X Cheetah</example>
|
@@ -403,6 +457,7 @@
|
|
403
457
|
<param pos="0" name="os.version" value="10.0"/>
|
404
458
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
|
405
459
|
</fingerprint>
|
460
|
+
|
406
461
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
|
407
462
|
<description>Mac OS X Puma</description>
|
408
463
|
<example os.version="10.1">Mac OS X Puma</example>
|
@@ -412,6 +467,7 @@
|
|
412
467
|
<param pos="0" name="os.version" value="10.1"/>
|
413
468
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
|
414
469
|
</fingerprint>
|
470
|
+
|
415
471
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
|
416
472
|
<description>Mac OS X Jaguar</description>
|
417
473
|
<example os.version="10.2">Mac OS X Jaguar</example>
|
@@ -421,6 +477,7 @@
|
|
421
477
|
<param pos="0" name="os.version" value="10.2"/>
|
422
478
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
|
423
479
|
</fingerprint>
|
480
|
+
|
424
481
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
|
425
482
|
<description>Mac OS X Panther</description>
|
426
483
|
<example os.version="10.3">Mac OS X Panther</example>
|
@@ -430,6 +487,7 @@
|
|
430
487
|
<param pos="0" name="os.version" value="10.3"/>
|
431
488
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
|
432
489
|
</fingerprint>
|
490
|
+
|
433
491
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
|
434
492
|
<description>Mac OS X Tiger</description>
|
435
493
|
<example os.version="10.4">Mac OS X Tiger</example>
|
@@ -439,6 +497,7 @@
|
|
439
497
|
<param pos="0" name="os.version" value="10.4"/>
|
440
498
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
|
441
499
|
</fingerprint>
|
500
|
+
|
442
501
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
|
443
502
|
<description>Mac OS X Leopard</description>
|
444
503
|
<example os.version="10.5">Mac OS X Leopard</example>
|
@@ -448,6 +507,7 @@
|
|
448
507
|
<param pos="0" name="os.version" value="10.5"/>
|
449
508
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
|
450
509
|
</fingerprint>
|
510
|
+
|
451
511
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
|
452
512
|
<description>Mac OS X Snow Leopard</description>
|
453
513
|
<example os.version="10.6">Mac OS X Snow Leopard</example>
|
@@ -457,6 +517,7 @@
|
|
457
517
|
<param pos="0" name="os.version" value="10.6"/>
|
458
518
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
|
459
519
|
</fingerprint>
|
520
|
+
|
460
521
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
|
461
522
|
<description>Mac OS X Lion</description>
|
462
523
|
<example os.version="10.7">Mac OS X Lion</example>
|
@@ -466,6 +527,7 @@
|
|
466
527
|
<param pos="0" name="os.version" value="10.7"/>
|
467
528
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
|
468
529
|
</fingerprint>
|
530
|
+
|
469
531
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
|
470
532
|
<description>Mac OS X Mountain Lion</description>
|
471
533
|
<example os.version="10.8">Mac OS X Mountain Lion</example>
|
@@ -475,6 +537,7 @@
|
|
475
537
|
<param pos="0" name="os.version" value="10.8"/>
|
476
538
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
|
477
539
|
</fingerprint>
|
540
|
+
|
478
541
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
|
479
542
|
<description>Mac OS X Mavericks</description>
|
480
543
|
<example os.version="10.9">Mac OS X Mavericks</example>
|
@@ -484,6 +547,7 @@
|
|
484
547
|
<param pos="0" name="os.version" value="10.9"/>
|
485
548
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
|
486
549
|
</fingerprint>
|
550
|
+
|
487
551
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
|
488
552
|
<description>Mac OS X Yosemite</description>
|
489
553
|
<example os.version="10.10">Mac OS X Yosemite</example>
|
@@ -493,6 +557,7 @@
|
|
493
557
|
<param pos="0" name="os.version" value="10.10"/>
|
494
558
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
|
495
559
|
</fingerprint>
|
560
|
+
|
496
561
|
<fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
|
497
562
|
<description>Mac OS X El Capitan</description>
|
498
563
|
<example os.version="10.11">Mac OS X El Capitan</example>
|
@@ -502,7 +567,9 @@
|
|
502
567
|
<param pos="0" name="os.version" value="10.11"/>
|
503
568
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
|
504
569
|
</fingerprint>
|
570
|
+
|
505
571
|
<!-- This can also match Cisco IOS if the vendor name is not present. -->
|
572
|
+
|
506
573
|
<fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
|
507
574
|
<description>Apple iOS for iPhone and iPad</description>
|
508
575
|
<example os.version="7.1.2">iOS 7.1.2</example>
|
@@ -515,8 +582,11 @@
|
|
515
582
|
<param pos="0" name="os.device" value="Mobile"/>
|
516
583
|
<param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
|
517
584
|
</fingerprint>
|
585
|
+
|
518
586
|
<!-- Mac end -->
|
587
|
+
|
519
588
|
<!-- BSD begin -->
|
589
|
+
|
520
590
|
<fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
|
521
591
|
<description>Many BSD family OSes</description>
|
522
592
|
<example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
|
@@ -529,8 +599,11 @@
|
|
529
599
|
<param pos="1" name="os.product"/>
|
530
600
|
<param pos="2" name="os.version"/>
|
531
601
|
</fingerprint>
|
602
|
+
|
532
603
|
<!-- BSD end -->
|
604
|
+
|
533
605
|
<!-- Other Unix-likes begin -->
|
606
|
+
|
534
607
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
|
535
608
|
<description>OpenSolaris</description>
|
536
609
|
<example os.version="2009.06">OpenSolaris 2009.06</example>
|
@@ -540,6 +613,7 @@
|
|
540
613
|
<param pos="1" name="os.version"/>
|
541
614
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
542
615
|
</fingerprint>
|
616
|
+
|
543
617
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
|
544
618
|
<description>Solaris 11 and up</description>
|
545
619
|
<example os.version="11.3">Solaris 11.3</example>
|
@@ -550,6 +624,7 @@
|
|
550
624
|
<param pos="1" name="os.version"/>
|
551
625
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
552
626
|
</fingerprint>
|
627
|
+
|
553
628
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
|
554
629
|
<description>Solaris 7-10</description>
|
555
630
|
<example os.version="7">Solaris 7</example>
|
@@ -562,6 +637,7 @@
|
|
562
637
|
<param pos="1" name="os.version"/>
|
563
638
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
564
639
|
</fingerprint>
|
640
|
+
|
565
641
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
|
566
642
|
<description>SunOS/Solaris 5.7-5.10</description>
|
567
643
|
<example os.version="7">SunOS 5.7</example>
|
@@ -572,6 +648,7 @@
|
|
572
648
|
<param pos="1" name="os.version"/>
|
573
649
|
<param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
|
574
650
|
</fingerprint>
|
651
|
+
|
575
652
|
<fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
|
576
653
|
<description>Oracle/Solaris 5.11 and upwards</description>
|
577
654
|
<example os.version="11">SunOS 5.11</example>
|
@@ -581,6 +658,7 @@
|
|
581
658
|
<param pos="1" name="os.version"/>
|
582
659
|
<param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
|
583
660
|
</fingerprint>
|
661
|
+
|
584
662
|
<fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
585
663
|
<description>IBM OSes</description>
|
586
664
|
<example os.product="AIX">AIX</example>
|
@@ -596,6 +674,7 @@
|
|
596
674
|
<param pos="1" name="os.product"/>
|
597
675
|
<param pos="2" name="os.version"/>
|
598
676
|
</fingerprint>
|
677
|
+
|
599
678
|
<fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
|
600
679
|
<description>HP OSes</description>
|
601
680
|
<example os.product="HP-UX">HP-UX</example>
|
@@ -605,8 +684,11 @@
|
|
605
684
|
<param pos="1" name="os.product"/>
|
606
685
|
<param pos="2" name="os.version"/>
|
607
686
|
</fingerprint>
|
687
|
+
|
608
688
|
<!-- Other Unix-likes end -->
|
689
|
+
|
609
690
|
<!-- Network equipment begin -->
|
691
|
+
|
610
692
|
<fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
|
611
693
|
<description>Juniper</description>
|
612
694
|
<example>Junos</example>
|
@@ -616,7 +698,9 @@
|
|
616
698
|
<param pos="1" name="os.product"/>
|
617
699
|
<param pos="2" name="os.version"/>
|
618
700
|
</fingerprint>
|
701
|
+
|
619
702
|
<!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
|
703
|
+
|
620
704
|
<fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
|
621
705
|
<description>Cisco</description>
|
622
706
|
<example>Cisco ASA</example>
|
@@ -626,5 +710,7 @@
|
|
626
710
|
<param pos="1" name="os.product"/>
|
627
711
|
<param pos="2" name="os.version"/>
|
628
712
|
</fingerprint>
|
713
|
+
|
629
714
|
<!-- Network equipment end -->
|
630
|
-
|
715
|
+
|
716
|
+
</fingerprints>
|