recog 2.3.8 → 2.3.13

Sign up to get free protection for your applications and to get access to all the features.
Files changed (69) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -0
  3. data/CONTRIBUTING.md +136 -37
  4. data/README.md +18 -16
  5. data/bin/recog_cleanup +16 -0
  6. data/bin/recog_standardize +30 -6
  7. data/cpe-remap.yaml +18 -2
  8. data/identifiers/README.md +9 -0
  9. data/identifiers/hw_device.txt +77 -0
  10. data/identifiers/hw_family.txt +96 -0
  11. data/identifiers/hw_product.txt +328 -0
  12. data/identifiers/os_architecture.txt +6 -6
  13. data/identifiers/os_device.txt +45 -3
  14. data/identifiers/os_family.txt +206 -41
  15. data/identifiers/os_product.txt +238 -17
  16. data/identifiers/service_family.txt +144 -57
  17. data/identifiers/service_product.txt +385 -83
  18. data/identifiers/vendor.txt +554 -68
  19. data/lib/recog/version.rb +1 -1
  20. data/requirements.txt +1 -1
  21. data/update_cpes.py +3 -0
  22. data/xml/apache_modules.xml +292 -5
  23. data/xml/apache_os.xml +41 -2
  24. data/xml/architecture.xml +11 -3
  25. data/xml/dns_versionbind.xml +191 -15
  26. data/xml/favicons.xml +1701 -0
  27. data/xml/ftp_banners.xml +250 -18
  28. data/xml/h323_callresp.xml +112 -12
  29. data/xml/hp_pjl_id.xml +47 -5
  30. data/xml/html_title.xml +1278 -25
  31. data/xml/http_cookies.xml +64 -9
  32. data/xml/http_servers.xml +1013 -96
  33. data/xml/http_wwwauth.xml +141 -26
  34. data/xml/imap_banners.xml +62 -13
  35. data/xml/ldap_searchresult.xml +81 -9
  36. data/xml/mdns_device-info_txt.xml +175 -2
  37. data/xml/mdns_workstation_txt.xml +4 -2
  38. data/xml/mysql_banners.xml +134 -7
  39. data/xml/mysql_error.xml +113 -6
  40. data/xml/nntp_banners.xml +10 -2
  41. data/xml/ntp_banners.xml +80 -4
  42. data/xml/operating_system.xml +89 -3
  43. data/xml/pop_banners.xml +87 -33
  44. data/xml/rsh_resp.xml +11 -2
  45. data/xml/rtsp_servers.xml +22 -2
  46. data/xml/sip_banners.xml +35 -4
  47. data/xml/sip_user_agents.xml +29 -2
  48. data/xml/smb_native_lm.xml +10 -2
  49. data/xml/smb_native_os.xml +79 -2
  50. data/xml/smtp_banners.xml +230 -9
  51. data/xml/smtp_debug.xml +6 -4
  52. data/xml/smtp_ehlo.xml +7 -5
  53. data/xml/smtp_expn.xml +13 -4
  54. data/xml/smtp_help.xml +23 -4
  55. data/xml/smtp_mailfrom.xml +5 -2
  56. data/xml/smtp_noop.xml +6 -5
  57. data/xml/smtp_quit.xml +5 -4
  58. data/xml/smtp_rcptto.xml +5 -2
  59. data/xml/smtp_rset.xml +4 -4
  60. data/xml/smtp_turn.xml +4 -4
  61. data/xml/smtp_vrfy.xml +14 -4
  62. data/xml/snmp_sysdescr.xml +733 -25
  63. data/xml/snmp_sysobjid.xml +47 -2
  64. data/xml/ssh_banners.xml +182 -8
  65. data/xml/telnet_banners.xml +493 -22
  66. data/xml/x11_banners.xml +26 -3
  67. data/xml/x509_issuers.xml +30 -6
  68. data/xml/x509_subjects.xml +200 -31
  69. metadata +8 -2
@@ -1,9 +1,11 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
3
3
  <!--
4
4
  Patterns for common names of various operating systems.
5
5
  -->
6
+
6
7
  <!-- Windows begin -->
8
+
7
9
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
8
10
  <description>Windows Server 2003 and later</description>
9
11
  <example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
@@ -23,6 +25,7 @@
23
25
  <param pos="2" name="os.edition"/>
24
26
  <param pos="3" name="os.version"/>
25
27
  </fingerprint>
28
+
26
29
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
27
30
  <description>Windows 10 Mobile</description>
28
31
  <example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
@@ -34,6 +37,7 @@
34
37
  <param pos="0" name="os.device" value="Mobile"/>
35
38
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
36
39
  </fingerprint>
40
+
37
41
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
38
42
  <description>Windows Desktop XP and later</description>
39
43
  <example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
@@ -51,6 +55,7 @@
51
55
  <param pos="2" name="os.edition"/>
52
56
  <param pos="3" name="os.version"/>
53
57
  </fingerprint>
58
+
54
59
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
55
60
  <description>Windows 2000</description>
56
61
  <example os.edition="Professional">Windows 2000 Professional</example>
@@ -62,6 +67,7 @@
62
67
  <param pos="2" name="os.version"/>
63
68
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
64
69
  </fingerprint>
70
+
65
71
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
66
72
  <description>Windows NT</description>
67
73
  <example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
@@ -75,6 +81,7 @@
75
81
  <param pos="2" name="os.edition"/>
76
82
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
77
83
  </fingerprint>
84
+
78
85
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
79
86
  <description>Windows Phone 7 and later</description>
80
87
  <example os.version="7.5">Windows Phone 7.5</example>
@@ -85,6 +92,7 @@
85
92
  <param pos="1" name="os.version"/>
86
93
  <param pos="0" name="os.device" value="Mobile"/>
87
94
  </fingerprint>
95
+
88
96
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
89
97
  <description>Windows 9x</description>
90
98
  <example os.product="Windows 98 SE">Windows 98 SE</example>
@@ -92,6 +100,7 @@
92
100
  <param pos="0" name="os.family" value="Windows"/>
93
101
  <param pos="1" name="os.product"/>
94
102
  </fingerprint>
103
+
95
104
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
96
105
  <description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
97
106
  <example>Windows 6.1</example>
@@ -99,6 +108,7 @@
99
108
  <param pos="0" name="os.family" value="Windows"/>
100
109
  <param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
101
110
  </fingerprint>
111
+
102
112
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
103
113
  <description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
104
114
  <example>Windows 6.2</example>
@@ -106,6 +116,7 @@
106
116
  <param pos="0" name="os.family" value="Windows"/>
107
117
  <param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
108
118
  </fingerprint>
119
+
109
120
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
110
121
  <description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
111
122
  <example>Windows 6.3</example>
@@ -113,6 +124,7 @@
113
124
  <param pos="0" name="os.family" value="Windows"/>
114
125
  <param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
115
126
  </fingerprint>
127
+
116
128
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
117
129
  <description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
118
130
  <example>Windows 10.0</example>
@@ -120,6 +132,7 @@
120
132
  <param pos="0" name="os.family" value="Windows"/>
121
133
  <param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
122
134
  </fingerprint>
135
+
123
136
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
124
137
  <description>Windows catch-all</description>
125
138
  <example>Windows for Workgroups 3.11</example>
@@ -130,8 +143,11 @@
130
143
  <param pos="0" name="os.certainty" value="0.5"/>
131
144
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
132
145
  </fingerprint>
146
+
133
147
  <!-- Windows end -->
148
+
134
149
  <!-- Liunx begin -->
150
+
135
151
  <fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
136
152
  <description>Alpine Linux</description>
137
153
  <example os.version="3.4.0">Alpine Linux v3.4.0</example>
@@ -141,7 +157,9 @@
141
157
  <param pos="0" name="os.product" value="Linux"/>
142
158
  <param pos="1" name="os.version"/>
143
159
  </fingerprint>
160
+
144
161
  <!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
162
+
145
163
  <fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
146
164
  <description>Arch Linux</description>
147
165
  <example os.version="2016.04.01">Arch Linux 2016.04.01</example>
@@ -150,7 +168,9 @@
150
168
  <param pos="0" name="os.product" value="Linux"/>
151
169
  <param pos="1" name="os.version"/>
152
170
  </fingerprint>
171
+
153
172
  <!-- Red Hat Enterprise Linux derivative -->
173
+
154
174
  <fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
155
175
  <description>Amazon Linux AMI</description>
156
176
  <example os.version="5.11">Amazon Linux AMI 5.11</example>
@@ -161,7 +181,9 @@
161
181
  <param pos="0" name="os.product" value="Linux AMI"/>
162
182
  <param pos="1" name="os.version"/>
163
183
  </fingerprint>
184
+
164
185
  <!-- Red Hat Enterprise Linux derivative -->
186
+
165
187
  <fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
166
188
  <description>Centos Linux</description>
167
189
  <example os.version="5.11">Centos Linux 5.11</example>
@@ -174,6 +196,7 @@
174
196
  <param pos="1" name="os.version"/>
175
197
  <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
176
198
  </fingerprint>
199
+
177
200
  <fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
178
201
  <description>Debian Linux</description>
179
202
  <example os.version="6.0">Debian 6.0</example>
@@ -186,6 +209,7 @@
186
209
  <param pos="1" name="os.version"/>
187
210
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
188
211
  </fingerprint>
212
+
189
213
  <fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
190
214
  <description>Fedora Linux</description>
191
215
  <example os.version="6">Fedora Core 6</example>
@@ -197,7 +221,9 @@
197
221
  <param pos="1" name="os.version"/>
198
222
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
199
223
  </fingerprint>
224
+
200
225
  <!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
226
+
201
227
  <fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
202
228
  <description>Gentoo Linux</description>
203
229
  <example>Gentoo Linux</example>
@@ -207,7 +233,9 @@
207
233
  <param pos="1" name="os.version"/>
208
234
  <param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
209
235
  </fingerprint>
236
+
210
237
  <!-- Kali switched to rolling release in January 2016. -->
238
+
211
239
  <fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
212
240
  <description>Kali Linux</description>
213
241
  <example os.version="1.0.0">Kali Linux 1.0.0</example>
@@ -219,7 +247,9 @@
219
247
  <param pos="0" name="os.product" value="Linux"/>
220
248
  <param pos="1" name="os.version"/>
221
249
  </fingerprint>
250
+
222
251
  <!-- Ubuntu derivative -->
252
+
223
253
  <fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
224
254
  <description>Kubuntu Linux</description>
225
255
  <example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
@@ -231,7 +261,9 @@
231
261
  <param pos="1" name="os.version"/>
232
262
  <param pos="2" name="os.edition"/>
233
263
  </fingerprint>
264
+
234
265
  <!-- Red Hat Enterprise Linux derivative -->
266
+
235
267
  <fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
236
268
  <description>Oracle Enterprise Linux</description>
237
269
  <example os.version="5.11">Oracle Enterprise Linux 5.11</example>
@@ -242,6 +274,7 @@
242
274
  <param pos="1" name="os.version"/>
243
275
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
244
276
  </fingerprint>
277
+
245
278
  <fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
246
279
  <description>OpenSUSE Linux</description>
247
280
  <example os.version="10.1">OpenSUSE Linux 10.1</example>
@@ -252,6 +285,7 @@
252
285
  <param pos="0" name="os.product" value="Linux"/>
253
286
  <param pos="1" name="os.version"/>
254
287
  </fingerprint>
288
+
255
289
  <fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
256
290
  <description>Red Hat Enterprise Linux</description>
257
291
  <example>Red Hat Enterprise Linux AS</example>
@@ -265,7 +299,9 @@
265
299
  <param pos="1" name="os.version"/>
266
300
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
267
301
  </fingerprint>
302
+
268
303
  <!-- Red Hat Enterprise Linux derivative -->
304
+
269
305
  <fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
270
306
  <description>Scientific Linux</description>
271
307
  <example os.version="5.11">Scientific Linux 5.11</example>
@@ -276,6 +312,7 @@
276
312
  <param pos="0" name="os.product" value="Linux"/>
277
313
  <param pos="1" name="os.version"/>
278
314
  </fingerprint>
315
+
279
316
  <fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
280
317
  <description>Slackware Linux</description>
281
318
  <example os.version="14.1">Slackware Linux 14.1</example>
@@ -284,6 +321,7 @@
284
321
  <param pos="0" name="os.product" value="Linux"/>
285
322
  <param pos="1" name="os.version"/>
286
323
  </fingerprint>
324
+
287
325
  <fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
288
326
  <description>SUSE Linux Enterprise Desktop</description>
289
327
  <example os.version="11">SUSE SLED 11</example>
@@ -294,6 +332,7 @@
294
332
  <param pos="1" name="os.version"/>
295
333
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
296
334
  </fingerprint>
335
+
297
336
  <fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
298
337
  <description>SUSE Linux Enterprise Server</description>
299
338
  <example os.version="11">SUSE SLES 11</example>
@@ -304,6 +343,7 @@
304
343
  <param pos="1" name="os.version"/>
305
344
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
306
345
  </fingerprint>
346
+
307
347
  <fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
308
348
  <description>SLES Linux Enterprise Server</description>
309
349
  <example os.version="11">SLES 11</example>
@@ -314,6 +354,7 @@
314
354
  <param pos="1" name="os.version"/>
315
355
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
316
356
  </fingerprint>
357
+
317
358
  <fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
318
359
  <description>Ubuntu Linux</description>
319
360
  <example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
@@ -327,7 +368,9 @@
327
368
  <param pos="2" name="os.edition"/>
328
369
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
329
370
  </fingerprint>
371
+
330
372
  <!-- Ubuntu derivative -->
373
+
331
374
  <fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
332
375
  <description>Xubuntu Linux</description>
333
376
  <example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
@@ -339,17 +382,20 @@
339
382
  <param pos="1" name="os.version"/>
340
383
  <param pos="2" name="os.edition"/>
341
384
  </fingerprint>
385
+
342
386
  <fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
343
387
  <description>Photon Linux</description>
344
388
  <example>VMWare Photon Linux</example>
345
389
  <example os.version="1.0">VMWare Photon 1.0</example>
346
- <param pos="0" name="os.vendor" value="VMWare"/>
390
+ <param pos="0" name="os.vendor" value="VMware"/>
347
391
  <param pos="0" name="os.family" value="Linux"/>
348
392
  <param pos="0" name="os.product" value="Photon Linux"/>
349
393
  <param pos="1" name="os.version"/>
350
394
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
351
395
  </fingerprint>
396
+
352
397
  <!-- Vendor-based distribution catch-call -->
398
+
353
399
  <fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
354
400
  <description>Vendor-based Linux catch-all</description>
355
401
  <example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
@@ -359,7 +405,9 @@
359
405
  <param pos="1" name="os.vendor"/>
360
406
  <param pos="2" name="os.version"/>
361
407
  </fingerprint>
408
+
362
409
  <!-- Linux catch-all goes at the bottom-->
410
+
363
411
  <fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
364
412
  <description>Linux catch-all</description>
365
413
  <example os.version="2.42.6">Linux 2.42.6</example>
@@ -370,9 +418,13 @@
370
418
  <param pos="1" name="os.version"/>
371
419
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
372
420
  </fingerprint>
421
+
373
422
  <!-- Linux end -->
423
+
374
424
  <!-- Mac begin -->
425
+
375
426
  <!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
427
+
376
428
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
377
429
  <description>Mac OS 9</description>
378
430
  <example os.version="9">Mac OS 9</example>
@@ -383,6 +435,7 @@
383
435
  <param pos="1" name="os.version"/>
384
436
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
385
437
  </fingerprint>
438
+
386
439
  <fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
387
440
  <description>Mac OS X with version number</description>
388
441
  <example os.version="10.10.5">Mac OS X 10.10.5</example>
@@ -394,6 +447,7 @@
394
447
  <param pos="1" name="os.version"/>
395
448
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
396
449
  </fingerprint>
450
+
397
451
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
398
452
  <description>Mac OS X Cheetah</description>
399
453
  <example os.version="10.0">Mac OS X Cheetah</example>
@@ -403,6 +457,7 @@
403
457
  <param pos="0" name="os.version" value="10.0"/>
404
458
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
405
459
  </fingerprint>
460
+
406
461
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
407
462
  <description>Mac OS X Puma</description>
408
463
  <example os.version="10.1">Mac OS X Puma</example>
@@ -412,6 +467,7 @@
412
467
  <param pos="0" name="os.version" value="10.1"/>
413
468
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
414
469
  </fingerprint>
470
+
415
471
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
416
472
  <description>Mac OS X Jaguar</description>
417
473
  <example os.version="10.2">Mac OS X Jaguar</example>
@@ -421,6 +477,7 @@
421
477
  <param pos="0" name="os.version" value="10.2"/>
422
478
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
423
479
  </fingerprint>
480
+
424
481
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
425
482
  <description>Mac OS X Panther</description>
426
483
  <example os.version="10.3">Mac OS X Panther</example>
@@ -430,6 +487,7 @@
430
487
  <param pos="0" name="os.version" value="10.3"/>
431
488
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
432
489
  </fingerprint>
490
+
433
491
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
434
492
  <description>Mac OS X Tiger</description>
435
493
  <example os.version="10.4">Mac OS X Tiger</example>
@@ -439,6 +497,7 @@
439
497
  <param pos="0" name="os.version" value="10.4"/>
440
498
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
441
499
  </fingerprint>
500
+
442
501
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
443
502
  <description>Mac OS X Leopard</description>
444
503
  <example os.version="10.5">Mac OS X Leopard</example>
@@ -448,6 +507,7 @@
448
507
  <param pos="0" name="os.version" value="10.5"/>
449
508
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
450
509
  </fingerprint>
510
+
451
511
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
452
512
  <description>Mac OS X Snow Leopard</description>
453
513
  <example os.version="10.6">Mac OS X Snow Leopard</example>
@@ -457,6 +517,7 @@
457
517
  <param pos="0" name="os.version" value="10.6"/>
458
518
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
459
519
  </fingerprint>
520
+
460
521
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
461
522
  <description>Mac OS X Lion</description>
462
523
  <example os.version="10.7">Mac OS X Lion</example>
@@ -466,6 +527,7 @@
466
527
  <param pos="0" name="os.version" value="10.7"/>
467
528
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
468
529
  </fingerprint>
530
+
469
531
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
470
532
  <description>Mac OS X Mountain Lion</description>
471
533
  <example os.version="10.8">Mac OS X Mountain Lion</example>
@@ -475,6 +537,7 @@
475
537
  <param pos="0" name="os.version" value="10.8"/>
476
538
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
477
539
  </fingerprint>
540
+
478
541
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
479
542
  <description>Mac OS X Mavericks</description>
480
543
  <example os.version="10.9">Mac OS X Mavericks</example>
@@ -484,6 +547,7 @@
484
547
  <param pos="0" name="os.version" value="10.9"/>
485
548
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
486
549
  </fingerprint>
550
+
487
551
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
488
552
  <description>Mac OS X Yosemite</description>
489
553
  <example os.version="10.10">Mac OS X Yosemite</example>
@@ -493,6 +557,7 @@
493
557
  <param pos="0" name="os.version" value="10.10"/>
494
558
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
495
559
  </fingerprint>
560
+
496
561
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
497
562
  <description>Mac OS X El Capitan</description>
498
563
  <example os.version="10.11">Mac OS X El Capitan</example>
@@ -502,7 +567,9 @@
502
567
  <param pos="0" name="os.version" value="10.11"/>
503
568
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
504
569
  </fingerprint>
570
+
505
571
  <!-- This can also match Cisco IOS if the vendor name is not present. -->
572
+
506
573
  <fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
507
574
  <description>Apple iOS for iPhone and iPad</description>
508
575
  <example os.version="7.1.2">iOS 7.1.2</example>
@@ -515,8 +582,11 @@
515
582
  <param pos="0" name="os.device" value="Mobile"/>
516
583
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
517
584
  </fingerprint>
585
+
518
586
  <!-- Mac end -->
587
+
519
588
  <!-- BSD begin -->
589
+
520
590
  <fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
521
591
  <description>Many BSD family OSes</description>
522
592
  <example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
@@ -529,8 +599,11 @@
529
599
  <param pos="1" name="os.product"/>
530
600
  <param pos="2" name="os.version"/>
531
601
  </fingerprint>
602
+
532
603
  <!-- BSD end -->
604
+
533
605
  <!-- Other Unix-likes begin -->
606
+
534
607
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
535
608
  <description>OpenSolaris</description>
536
609
  <example os.version="2009.06">OpenSolaris 2009.06</example>
@@ -540,6 +613,7 @@
540
613
  <param pos="1" name="os.version"/>
541
614
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
542
615
  </fingerprint>
616
+
543
617
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
544
618
  <description>Solaris 11 and up</description>
545
619
  <example os.version="11.3">Solaris 11.3</example>
@@ -550,6 +624,7 @@
550
624
  <param pos="1" name="os.version"/>
551
625
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
552
626
  </fingerprint>
627
+
553
628
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
554
629
  <description>Solaris 7-10</description>
555
630
  <example os.version="7">Solaris 7</example>
@@ -562,6 +637,7 @@
562
637
  <param pos="1" name="os.version"/>
563
638
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
564
639
  </fingerprint>
640
+
565
641
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
566
642
  <description>SunOS/Solaris 5.7-5.10</description>
567
643
  <example os.version="7">SunOS 5.7</example>
@@ -572,6 +648,7 @@
572
648
  <param pos="1" name="os.version"/>
573
649
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
574
650
  </fingerprint>
651
+
575
652
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
576
653
  <description>Oracle/Solaris 5.11 and upwards</description>
577
654
  <example os.version="11">SunOS 5.11</example>
@@ -581,6 +658,7 @@
581
658
  <param pos="1" name="os.version"/>
582
659
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
583
660
  </fingerprint>
661
+
584
662
  <fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
585
663
  <description>IBM OSes</description>
586
664
  <example os.product="AIX">AIX</example>
@@ -596,6 +674,7 @@
596
674
  <param pos="1" name="os.product"/>
597
675
  <param pos="2" name="os.version"/>
598
676
  </fingerprint>
677
+
599
678
  <fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
600
679
  <description>HP OSes</description>
601
680
  <example os.product="HP-UX">HP-UX</example>
@@ -605,8 +684,11 @@
605
684
  <param pos="1" name="os.product"/>
606
685
  <param pos="2" name="os.version"/>
607
686
  </fingerprint>
687
+
608
688
  <!-- Other Unix-likes end -->
689
+
609
690
  <!-- Network equipment begin -->
691
+
610
692
  <fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
611
693
  <description>Juniper</description>
612
694
  <example>Junos</example>
@@ -616,7 +698,9 @@
616
698
  <param pos="1" name="os.product"/>
617
699
  <param pos="2" name="os.version"/>
618
700
  </fingerprint>
701
+
619
702
  <!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
703
+
620
704
  <fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
621
705
  <description>Cisco</description>
622
706
  <example>Cisco ASA</example>
@@ -626,5 +710,7 @@
626
710
  <param pos="1" name="os.product"/>
627
711
  <param pos="2" name="os.version"/>
628
712
  </fingerprint>
713
+
629
714
  <!-- Network equipment end -->
630
- </fingerprints>
715
+
716
+ </fingerprints>