recog 2.3.8 → 2.3.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -0
  3. data/CONTRIBUTING.md +136 -37
  4. data/README.md +18 -16
  5. data/bin/recog_cleanup +16 -0
  6. data/bin/recog_standardize +30 -6
  7. data/identifiers/README.md +9 -0
  8. data/identifiers/hw_device.txt +77 -0
  9. data/identifiers/hw_family.txt +96 -0
  10. data/identifiers/hw_product.txt +328 -0
  11. data/identifiers/os_architecture.txt +6 -6
  12. data/identifiers/os_device.txt +45 -3
  13. data/identifiers/os_family.txt +206 -41
  14. data/identifiers/os_product.txt +238 -17
  15. data/identifiers/service_family.txt +144 -57
  16. data/identifiers/service_product.txt +384 -83
  17. data/identifiers/vendor.txt +553 -68
  18. data/lib/recog/version.rb +1 -1
  19. data/requirements.txt +1 -1
  20. data/xml/apache_modules.xml +292 -5
  21. data/xml/apache_os.xml +41 -2
  22. data/xml/architecture.xml +11 -3
  23. data/xml/dns_versionbind.xml +76 -8
  24. data/xml/favicons.xml +1700 -0
  25. data/xml/ftp_banners.xml +178 -8
  26. data/xml/h323_callresp.xml +112 -12
  27. data/xml/hp_pjl_id.xml +47 -5
  28. data/xml/html_title.xml +1258 -25
  29. data/xml/http_cookies.xml +64 -9
  30. data/xml/http_servers.xml +667 -37
  31. data/xml/http_wwwauth.xml +141 -26
  32. data/xml/imap_banners.xml +19 -13
  33. data/xml/ldap_searchresult.xml +81 -9
  34. data/xml/mdns_device-info_txt.xml +175 -2
  35. data/xml/mdns_workstation_txt.xml +4 -2
  36. data/xml/mysql_banners.xml +134 -7
  37. data/xml/mysql_error.xml +113 -6
  38. data/xml/nntp_banners.xml +10 -2
  39. data/xml/ntp_banners.xml +80 -4
  40. data/xml/operating_system.xml +89 -3
  41. data/xml/pop_banners.xml +30 -31
  42. data/xml/rsh_resp.xml +11 -2
  43. data/xml/rtsp_servers.xml +22 -2
  44. data/xml/sip_banners.xml +35 -4
  45. data/xml/sip_user_agents.xml +29 -2
  46. data/xml/smb_native_lm.xml +10 -2
  47. data/xml/smb_native_os.xml +79 -2
  48. data/xml/smtp_banners.xml +146 -7
  49. data/xml/smtp_debug.xml +6 -4
  50. data/xml/smtp_ehlo.xml +7 -5
  51. data/xml/smtp_expn.xml +13 -4
  52. data/xml/smtp_help.xml +23 -4
  53. data/xml/smtp_mailfrom.xml +5 -2
  54. data/xml/smtp_noop.xml +6 -5
  55. data/xml/smtp_quit.xml +5 -4
  56. data/xml/smtp_rcptto.xml +5 -2
  57. data/xml/smtp_rset.xml +4 -4
  58. data/xml/smtp_turn.xml +4 -4
  59. data/xml/smtp_vrfy.xml +14 -4
  60. data/xml/snmp_sysdescr.xml +731 -24
  61. data/xml/snmp_sysobjid.xml +47 -2
  62. data/xml/ssh_banners.xml +175 -5
  63. data/xml/telnet_banners.xml +266 -15
  64. data/xml/x11_banners.xml +26 -3
  65. data/xml/x509_issuers.xml +30 -6
  66. data/xml/x509_subjects.xml +200 -31
  67. metadata +8 -2
data/xml/operating_system.xml CHANGED
@@ -1,9 +1,11 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="operating_system.name" database_type="util.os" preference="0.80">
3
3
  <!--
4
4
  Patterns for common names of various operating systems.
5
5
  -->
6
+
6
7
  <!-- Windows begin -->
8
+
7
9
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:[a-z]+\s[a-z]+\s|[a-z]+\s)?Server (?:\d{4} R2|\d{4}))(?:,\s|\s)?([a-z]+)?(?: Evaluation)?(?: Edition)?(?:\s|\swith(?:out)? Hyper-V\s)?(SP\d|SP \d|Service Pack \d)?)$">
8
10
  <description>Windows Server 2003 and later</description>
9
11
  <example os.product="Windows Compute Cluster Server 2003">Windows Compute Cluster Server 2003</example>
@@ -23,6 +25,7 @@
23
25
  <param pos="2" name="os.edition"/>
24
26
  <param pos="3" name="os.version"/>
25
27
  </fingerprint>
28
+
26
29
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 10 Mobile(?:\s([a-z]+))?(?: Edition)?)$">
27
30
  <description>Windows 10 Mobile</description>
28
31
  <example os.product="Windows 10 Mobile">Windows 10 Mobile Edition</example>
@@ -34,6 +37,7 @@
34
37
  <param pos="0" name="os.device" value="Mobile"/>
35
38
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_10_mobile:-"/>
36
39
  </fingerprint>
40
+
37
41
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows (?:XP|Vista|7|8|8.1|10))(?:\s)?((?:[a-z]+|[a-z]+, )?(?:[a-z]+|[a-z]+\s[a-z]+)?)?(?: Edition)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
38
42
  <description>Windows Desktop XP and later</description>
39
43
  <example os.product="Windows XP" os.edition="Professional">Windows XP Professional</example>
@@ -51,6 +55,7 @@
51
55
  <param pos="2" name="os.edition"/>
52
56
  <param pos="3" name="os.version"/>
53
57
  </fingerprint>
58
+
54
59
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows 2000(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?(?:\s)?(SP\d|SP \d|Service Pack \d)?)$">
55
60
  <description>Windows 2000</description>
56
61
  <example os.edition="Professional">Windows 2000 Professional</example>
@@ -62,6 +67,7 @@
62
67
  <param pos="2" name="os.version"/>
63
68
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:{os.version}"/>
64
69
  </fingerprint>
70
+
65
71
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows NT (\d.\d{1,2})?(?:\s)?([a-z]+|[a-z]+\s[a-z]+)?)$">
66
72
  <description>Windows NT</description>
67
73
  <example os.version="3.51" os.edition="Server">Windows NT 3.51 Server</example>
@@ -75,6 +81,7 @@
75
81
  <param pos="2" name="os.edition"/>
76
82
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:{os.version}"/>
77
83
  </fingerprint>
84
+
78
85
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows Phone (\d|\d\.\d)?)$">
79
86
  <description>Windows Phone 7 and later</description>
80
87
  <example os.version="7.5">Windows Phone 7.5</example>
@@ -85,6 +92,7 @@
85
92
  <param pos="1" name="os.version"/>
86
93
  <param pos="0" name="os.device" value="Mobile"/>
87
94
  </fingerprint>
95
+
88
96
  <fingerprint pattern="^(?i:(?:Microsoft )?(Windows\s?(?:95|98|98SE|98 SE|98 Second Edition|ME|Millenium Edition)))$">
89
97
  <description>Windows 9x</description>
90
98
  <example os.product="Windows 98 SE">Windows 98 SE</example>
@@ -92,6 +100,7 @@
92
100
  <param pos="0" name="os.family" value="Windows"/>
93
101
  <param pos="1" name="os.product"/>
94
102
  </fingerprint>
103
+
95
104
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.1)$">
96
105
  <description>Windows version 6.1 (Windows 7 or Windows Server 2008 R2)</description>
97
106
  <example>Windows 6.1</example>
@@ -99,6 +108,7 @@
99
108
  <param pos="0" name="os.family" value="Windows"/>
100
109
  <param pos="0" name="os.product" value="Windows 7 or Windows Server 2008 R2"/>
101
110
  </fingerprint>
111
+
102
112
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.2)$">
103
113
  <description>Windows version 6.2 (Windows 8 or Windows Server 2012)</description>
104
114
  <example>Windows 6.2</example>
@@ -106,6 +116,7 @@
106
116
  <param pos="0" name="os.family" value="Windows"/>
107
117
  <param pos="0" name="os.product" value="Windows 8 or Windows Server 2012"/>
108
118
  </fingerprint>
119
+
109
120
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 6.3)$">
110
121
  <description>Windows version 6.3 (Windows 8.1 or Windows Server 2012 R2)</description>
111
122
  <example>Windows 6.3</example>
@@ -113,6 +124,7 @@
113
124
  <param pos="0" name="os.family" value="Windows"/>
114
125
  <param pos="0" name="os.product" value="Windows 8.1 or Windows Server 2012 R2"/>
115
126
  </fingerprint>
127
+
116
128
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows(?:\sNT)? 10.0)$">
117
129
  <description>Windows version 10.0 (Windows 10 or Windows Server 2016)</description>
118
130
  <example>Windows 10.0</example>
@@ -120,6 +132,7 @@
120
132
  <param pos="0" name="os.family" value="Windows"/>
121
133
  <param pos="0" name="os.product" value="Windows 10 or Windows Server 2016"/>
122
134
  </fingerprint>
135
+
123
136
  <fingerprint pattern="^(?i:(?:Microsoft )?Windows.*)$">
124
137
  <description>Windows catch-all</description>
125
138
  <example>Windows for Workgroups 3.11</example>
@@ -130,8 +143,11 @@
130
143
  <param pos="0" name="os.certainty" value="0.5"/>
131
144
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
132
145
  </fingerprint>
146
+
133
147
  <!-- Windows end -->
148
+
134
149
  <!-- Liunx begin -->
150
+
135
151
  <fingerprint pattern="^(?i:Alpine Linux\s?(?:v)?(\d+?(?:\.\d+?)*?(?:\src\d+?)?)?)$">
136
152
  <description>Alpine Linux</description>
137
153
  <example os.version="3.4.0">Alpine Linux v3.4.0</example>
@@ -141,7 +157,9 @@
141
157
  <param pos="0" name="os.product" value="Linux"/>
142
158
  <param pos="1" name="os.version"/>
143
159
  </fingerprint>
160
+
144
161
  <!-- Arch uses rolling releases where the version name just the date of an ISO release. -->
162
+
145
163
  <fingerprint pattern="^(?i:Arch Linux\s?(\d+?(?:\.\d+?)*?)?)$">
146
164
  <description>Arch Linux</description>
147
165
  <example os.version="2016.04.01">Arch Linux 2016.04.01</example>
@@ -150,7 +168,9 @@
150
168
  <param pos="0" name="os.product" value="Linux"/>
151
169
  <param pos="1" name="os.version"/>
152
170
  </fingerprint>
171
+
153
172
  <!-- Red Hat Enterprise Linux derivative -->
173
+
154
174
  <fingerprint pattern="^(?i:Amazon Linux(?: AMI)?\s?(\d+?(?:\.\d+?)*?)?)$">
155
175
  <description>Amazon Linux AMI</description>
156
176
  <example os.version="5.11">Amazon Linux AMI 5.11</example>
@@ -161,7 +181,9 @@
161
181
  <param pos="0" name="os.product" value="Linux AMI"/>
162
182
  <param pos="1" name="os.version"/>
163
183
  </fingerprint>
184
+
164
185
  <!-- Red Hat Enterprise Linux derivative -->
186
+
165
187
  <fingerprint pattern="^(?i:CentOS(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)(?:\s.*?)?$">
166
188
  <description>Centos Linux</description>
167
189
  <example os.version="5.11">Centos Linux 5.11</example>
@@ -174,6 +196,7 @@
174
196
  <param pos="1" name="os.version"/>
175
197
  <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:{os.version}"/>
176
198
  </fingerprint>
199
+
177
200
  <fingerprint pattern="^(?i:Debian(?: (?:GNU\/)?Linux)?\s?((?:\d+?(?:\.\d+?)*?)|(?:\w+?\/sid\s?))?(?:\s[a-z\(\)]+)?)$">
178
201
  <description>Debian Linux</description>
179
202
  <example os.version="6.0">Debian 6.0</example>
@@ -186,6 +209,7 @@
186
209
  <param pos="1" name="os.version"/>
187
210
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:{os.version}"/>
188
211
  </fingerprint>
212
+
189
213
  <fingerprint pattern="^(?i:Fedora(?: Core)?(?: Linux)?(?: release)?\s?(\d+?)?(?:\s.*)?)$">
190
214
  <description>Fedora Linux</description>
191
215
  <example os.version="6">Fedora Core 6</example>
@@ -197,7 +221,9 @@
197
221
  <param pos="1" name="os.version"/>
198
222
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
199
223
  </fingerprint>
224
+
200
225
  <!-- Gentoo currently uses rolling releases with no version, but older versions were typically based on the year of release. -->
226
+
201
227
  <fingerprint pattern="^(?i:Gentoo(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
202
228
  <description>Gentoo Linux</description>
203
229
  <example>Gentoo Linux</example>
@@ -207,7 +233,9 @@
207
233
  <param pos="1" name="os.version"/>
208
234
  <param pos="0" name="os.cpe23" value="cpe:/o:gentoo:linux:{os.version}"/>
209
235
  </fingerprint>
236
+
210
237
  <!-- Kali switched to rolling release in January 2016. -->
238
+
211
239
  <fingerprint pattern="^(?i:Kali(?: Linux)?\s?(\d+?(?:\.\d+?)+?(?:[a-z])?|\d+?)?)$">
212
240
  <description>Kali Linux</description>
213
241
  <example os.version="1.0.0">Kali Linux 1.0.0</example>
@@ -219,7 +247,9 @@
219
247
  <param pos="0" name="os.product" value="Linux"/>
220
248
  <param pos="1" name="os.version"/>
221
249
  </fingerprint>
250
+
222
251
  <!-- Ubuntu derivative -->
252
+
223
253
  <fingerprint pattern="^(?i:Kubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
224
254
  <description>Kubuntu Linux</description>
225
255
  <example os.version="12.04.4">Kubuntu 12.04.4 LTS</example>
@@ -231,7 +261,9 @@
231
261
  <param pos="1" name="os.version"/>
232
262
  <param pos="2" name="os.edition"/>
233
263
  </fingerprint>
264
+
234
265
  <!-- Red Hat Enterprise Linux derivative -->
266
+
235
267
  <fingerprint pattern="^(?i:Oracle(?: Enterprise)? Linux\s?(?:Server\s?)?(\d+?(?:\.\d+?)*?)?)$">
236
268
  <description>Oracle Enterprise Linux</description>
237
269
  <example os.version="5.11">Oracle Enterprise Linux 5.11</example>
@@ -242,6 +274,7 @@
242
274
  <param pos="1" name="os.version"/>
243
275
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:linux:{os.version}"/>
244
276
  </fingerprint>
277
+
245
278
  <fingerprint pattern="^(?i:OpenSUSE(?: Linux)?(?: [a-z]+?)??\s?(\d+?(?:\.\d+?)*?)?(?:\s\(.*)?)$">
246
279
  <description>OpenSUSE Linux</description>
247
280
  <example os.version="10.1">OpenSUSE Linux 10.1</example>
@@ -252,6 +285,7 @@
252
285
  <param pos="0" name="os.product" value="Linux"/>
253
286
  <param pos="1" name="os.version"/>
254
287
  </fingerprint>
288
+
255
289
  <fingerprint pattern="^(?i:(?:Red Hat|RedHat|Red-Hat|RHEL)(?: Enterprise)?(?: Linux)?(?: [a-z]+)?\s?(\d+?(?:\.\d+?)*?)?)$">
256
290
  <description>Red Hat Enterprise Linux</description>
257
291
  <example>Red Hat Enterprise Linux AS</example>
@@ -265,7 +299,9 @@
265
299
  <param pos="1" name="os.version"/>
266
300
  <param pos="0" name="os.cpe23" value="cpe:/o:redhat:enterprise_linux:{os.version}"/>
267
301
  </fingerprint>
302
+
268
303
  <!-- Red Hat Enterprise Linux derivative -->
304
+
269
305
  <fingerprint pattern="^(?i:Scientific(?: Linux)?\s?(\d+?(?:\.\d+?)*?)?)$">
270
306
  <description>Scientific Linux</description>
271
307
  <example os.version="5.11">Scientific Linux 5.11</example>
@@ -276,6 +312,7 @@
276
312
  <param pos="0" name="os.product" value="Linux"/>
277
313
  <param pos="1" name="os.version"/>
278
314
  </fingerprint>
315
+
279
316
  <fingerprint pattern="^(?i:Slackware(?: Linux)\s?(\d+?(?:\.\d+?)*?)?)$">
280
317
  <description>Slackware Linux</description>
281
318
  <example os.version="14.1">Slackware Linux 14.1</example>
@@ -284,6 +321,7 @@
284
321
  <param pos="0" name="os.product" value="Linux"/>
285
322
  <param pos="1" name="os.version"/>
286
323
  </fingerprint>
324
+
287
325
  <fingerprint pattern="^(?i:SUSE(?: SLED)?(?: Linux Enterprise Desktop)?\s?(\d+?(?:\.\d+?)*?)?)$">
288
326
  <description>SUSE Linux Enterprise Desktop</description>
289
327
  <example os.version="11">SUSE SLED 11</example>
@@ -294,6 +332,7 @@
294
332
  <param pos="1" name="os.version"/>
295
333
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_desktop:{os.version}"/>
296
334
  </fingerprint>
335
+
297
336
  <fingerprint pattern="^(?i:SUSE(?: SLES)?(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
298
337
  <description>SUSE Linux Enterprise Server</description>
299
338
  <example os.version="11">SUSE SLES 11</example>
@@ -304,6 +343,7 @@
304
343
  <param pos="1" name="os.version"/>
305
344
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
306
345
  </fingerprint>
346
+
307
347
  <fingerprint pattern="^(?i:SLES(?: Linux Enterprise Server)?\s?(\d+?(?:\.\d+?)*?)?)$">
308
348
  <description>SLES Linux Enterprise Server</description>
309
349
  <example os.version="11">SLES 11</example>
@@ -314,6 +354,7 @@
314
354
  <param pos="1" name="os.version"/>
315
355
  <param pos="0" name="os.cpe23" value="cpe:/o:suse:linux_enterprise_server:{os.version}"/>
316
356
  </fingerprint>
357
+
317
358
  <fingerprint pattern="^(?i:Ubuntu(?: Linux)?(?:\s|-)(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
318
359
  <description>Ubuntu Linux</description>
319
360
  <example os.version="12.04.4">Ubuntu 12.04.4 LTS</example>
@@ -327,7 +368,9 @@
327
368
  <param pos="2" name="os.edition"/>
328
369
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:{os.version}"/>
329
370
  </fingerprint>
371
+
330
372
  <!-- Ubuntu derivative -->
373
+
331
374
  <fingerprint pattern="^(?i:Xubuntu(?: Linux)?\s(\d+?(?:\.\d+?)*?)?\s?(LTS)?)$">
332
375
  <description>Xubuntu Linux</description>
333
376
  <example os.version="12.04.4">Xubuntu 12.04.4 LTS</example>
@@ -339,17 +382,20 @@
339
382
  <param pos="1" name="os.version"/>
340
383
  <param pos="2" name="os.edition"/>
341
384
  </fingerprint>
385
+
342
386
  <fingerprint pattern="^(?i:VMWare Photon(?:\/)?(?:\s?Linux)?\s?(?:v)?(\d+?(?:\.\d+?)*?)?)$">
343
387
  <description>Photon Linux</description>
344
388
  <example>VMWare Photon Linux</example>
345
389
  <example os.version="1.0">VMWare Photon 1.0</example>
346
- <param pos="0" name="os.vendor" value="VMWare"/>
390
+ <param pos="0" name="os.vendor" value="VMware"/>
347
391
  <param pos="0" name="os.family" value="Linux"/>
348
392
  <param pos="0" name="os.product" value="Photon Linux"/>
349
393
  <param pos="1" name="os.version"/>
350
394
  <param pos="0" name="os.cpe23" value="cpe:/o:vmware:photon_os:{os.version}"/>
351
395
  </fingerprint>
396
+
352
397
  <!-- Vendor-based distribution catch-call -->
398
+
353
399
  <fingerprint pattern="^(?i:(.*)\sLinux?\s(.*))$">
354
400
  <description>Vendor-based Linux catch-all</description>
355
401
  <example os.vendor="Aurox" os.version="10.2">Aurox Linux 10.2</example>
@@ -359,7 +405,9 @@
359
405
  <param pos="1" name="os.vendor"/>
360
406
  <param pos="2" name="os.version"/>
361
407
  </fingerprint>
408
+
362
409
  <!-- Linux catch-all goes at the bottom-->
410
+
363
411
  <fingerprint pattern="^(?i:.*Linux?\s?(\d+?(?:\.\d+?)*?)?)$">
364
412
  <description>Linux catch-all</description>
365
413
  <example os.version="2.42.6">Linux 2.42.6</example>
@@ -370,9 +418,13 @@
370
418
  <param pos="1" name="os.version"/>
371
419
  <param pos="0" name="os.cpe23" value="cpe:/o:linux:linux_kernel:{os.version}"/>
372
420
  </fingerprint>
421
+
373
422
  <!-- Linux end -->
423
+
374
424
  <!-- Mac begin -->
425
+
375
426
  <!-- Match Mac OS Classic first due to weak matching on Mac OS X -->
427
+
376
428
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS ([7-9](?:\.\d+?)*?))$">
377
429
  <description>Mac OS 9</description>
378
430
  <example os.version="9">Mac OS 9</example>
@@ -383,6 +435,7 @@
383
435
  <param pos="1" name="os.version"/>
384
436
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os:{os.version}"/>
385
437
  </fingerprint>
438
+
386
439
  <fingerprint pattern="^(?i:(?:Apple OS X|Apple Mac OS X|Mac OS X|OS X|Mac OS)\s?(\d+?(?:\.\d+?)*?)?)$">
387
440
  <description>Mac OS X with version number</description>
388
441
  <example os.version="10.10.5">Mac OS X 10.10.5</example>
@@ -394,6 +447,7 @@
394
447
  <param pos="1" name="os.version"/>
395
448
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:{os.version}"/>
396
449
  </fingerprint>
450
+
397
451
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Cheetah)$">
398
452
  <description>Mac OS X Cheetah</description>
399
453
  <example os.version="10.0">Mac OS X Cheetah</example>
@@ -403,6 +457,7 @@
403
457
  <param pos="0" name="os.version" value="10.0"/>
404
458
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.0"/>
405
459
  </fingerprint>
460
+
406
461
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Puma)$">
407
462
  <description>Mac OS X Puma</description>
408
463
  <example os.version="10.1">Mac OS X Puma</example>
@@ -412,6 +467,7 @@
412
467
  <param pos="0" name="os.version" value="10.1"/>
413
468
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.1"/>
414
469
  </fingerprint>
470
+
415
471
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Jaguar)$">
416
472
  <description>Mac OS X Jaguar</description>
417
473
  <example os.version="10.2">Mac OS X Jaguar</example>
@@ -421,6 +477,7 @@
421
477
  <param pos="0" name="os.version" value="10.2"/>
422
478
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.2"/>
423
479
  </fingerprint>
480
+
424
481
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Panther)$">
425
482
  <description>Mac OS X Panther</description>
426
483
  <example os.version="10.3">Mac OS X Panther</example>
@@ -430,6 +487,7 @@
430
487
  <param pos="0" name="os.version" value="10.3"/>
431
488
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.3"/>
432
489
  </fingerprint>
490
+
433
491
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Tiger)$">
434
492
  <description>Mac OS X Tiger</description>
435
493
  <example os.version="10.4">Mac OS X Tiger</example>
@@ -439,6 +497,7 @@
439
497
  <param pos="0" name="os.version" value="10.4"/>
440
498
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.4"/>
441
499
  </fingerprint>
500
+
442
501
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Leopard)$">
443
502
  <description>Mac OS X Leopard</description>
444
503
  <example os.version="10.5">Mac OS X Leopard</example>
@@ -448,6 +507,7 @@
448
507
  <param pos="0" name="os.version" value="10.5"/>
449
508
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.5"/>
450
509
  </fingerprint>
510
+
451
511
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Snow Leopard)$">
452
512
  <description>Mac OS X Snow Leopard</description>
453
513
  <example os.version="10.6">Mac OS X Snow Leopard</example>
@@ -457,6 +517,7 @@
457
517
  <param pos="0" name="os.version" value="10.6"/>
458
518
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.6"/>
459
519
  </fingerprint>
520
+
460
521
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Lion)$">
461
522
  <description>Mac OS X Lion</description>
462
523
  <example os.version="10.7">Mac OS X Lion</example>
@@ -466,6 +527,7 @@
466
527
  <param pos="0" name="os.version" value="10.7"/>
467
528
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.7"/>
468
529
  </fingerprint>
530
+
469
531
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mountain Lion)$">
470
532
  <description>Mac OS X Mountain Lion</description>
471
533
  <example os.version="10.8">Mac OS X Mountain Lion</example>
@@ -475,6 +537,7 @@
475
537
  <param pos="0" name="os.version" value="10.8"/>
476
538
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.8"/>
477
539
  </fingerprint>
540
+
478
541
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Mavericks)$">
479
542
  <description>Mac OS X Mavericks</description>
480
543
  <example os.version="10.9">Mac OS X Mavericks</example>
@@ -484,6 +547,7 @@
484
547
  <param pos="0" name="os.version" value="10.9"/>
485
548
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.9"/>
486
549
  </fingerprint>
550
+
487
551
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X Yosemite)$">
488
552
  <description>Mac OS X Yosemite</description>
489
553
  <example os.version="10.10">Mac OS X Yosemite</example>
@@ -493,6 +557,7 @@
493
557
  <param pos="0" name="os.version" value="10.10"/>
494
558
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.10"/>
495
559
  </fingerprint>
560
+
496
561
  <fingerprint pattern="^(?i:(?:Apple )?Mac OS X El Capitan)$">
497
562
  <description>Mac OS X El Capitan</description>
498
563
  <example os.version="10.11">Mac OS X El Capitan</example>
@@ -502,7 +567,9 @@
502
567
  <param pos="0" name="os.version" value="10.11"/>
503
568
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:10.11"/>
504
569
  </fingerprint>
570
+
505
571
  <!-- This can also match Cisco IOS if the vendor name is not present. -->
572
+
506
573
  <fingerprint pattern="^(?i:(?:Apple )?iOS\s?(\d+?(?:\.\d+?)*?)?)$">
507
574
  <description>Apple iOS for iPhone and iPad</description>
508
575
  <example os.version="7.1.2">iOS 7.1.2</example>
@@ -515,8 +582,11 @@
515
582
  <param pos="0" name="os.device" value="Mobile"/>
516
583
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:iphone_os:{os.version}"/>
517
584
  </fingerprint>
585
+
518
586
  <!-- Mac end -->
587
+
519
588
  <!-- BSD begin -->
589
+
520
590
  <fingerprint pattern="^(?i:(.*?BSD)\s?(\d+?(?:\.\d+?)*?(?:[\-\/_ ]?\w+?)?(?:-[a-z]\d+?)?)?)$">
521
591
  <description>Many BSD family OSes</description>
522
592
  <example os.version="10.3-RELEASE" os.product="FreeBSD">FreeBSD 10.3-RELEASE</example>
@@ -529,8 +599,11 @@
529
599
  <param pos="1" name="os.product"/>
530
600
  <param pos="2" name="os.version"/>
531
601
  </fingerprint>
602
+
532
603
  <!-- BSD end -->
604
+
533
605
  <!-- Other Unix-likes begin -->
606
+
534
607
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?OpenSolaris\s?(\d+?(?:\.\d+?)*?)?)$">
535
608
  <description>OpenSolaris</description>
536
609
  <example os.version="2009.06">OpenSolaris 2009.06</example>
@@ -540,6 +613,7 @@
540
613
  <param pos="1" name="os.version"/>
541
614
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
542
615
  </fingerprint>
616
+
543
617
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?(1[1-9]?(?:\.\d+?)*?)?)$">
544
618
  <description>Solaris 11 and up</description>
545
619
  <example os.version="11.3">Solaris 11.3</example>
@@ -550,6 +624,7 @@
550
624
  <param pos="1" name="os.version"/>
551
625
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
552
626
  </fingerprint>
627
+
553
628
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?Solaris\s?((?:[789]|10)+?(?:\.\d+?)*?)?)$">
554
629
  <description>Solaris 7-10</description>
555
630
  <example os.version="7">Solaris 7</example>
@@ -562,6 +637,7 @@
562
637
  <param pos="1" name="os.version"/>
563
638
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
564
639
  </fingerprint>
640
+
565
641
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.([789]|10)?)$">
566
642
  <description>SunOS/Solaris 5.7-5.10</description>
567
643
  <example os.version="7">SunOS 5.7</example>
@@ -572,6 +648,7 @@
572
648
  <param pos="1" name="os.version"/>
573
649
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:{os.version}"/>
574
650
  </fingerprint>
651
+
575
652
  <fingerprint pattern="^(?i:(?:Oracle|Sun)?\s?SunOS\s?5.(1[1-9])?)$">
576
653
  <description>Oracle/Solaris 5.11 and upwards</description>
577
654
  <example os.version="11">SunOS 5.11</example>
@@ -581,6 +658,7 @@
581
658
  <param pos="1" name="os.version"/>
582
659
  <param pos="0" name="os.cpe23" value="cpe:/o:oracle:solaris:{os.version}"/>
583
660
  </fingerprint>
661
+
584
662
  <fingerprint pattern="^(?i:(?:IBM\s?)?(AIX|MVS|OS/(?:\d{1,3})|VM/CMS|VM/ESA|z/OS)\s?(\d+?(?:\.\d+?)*?)?)$">
585
663
  <description>IBM OSes</description>
586
664
  <example os.product="AIX">AIX</example>
@@ -596,6 +674,7 @@
596
674
  <param pos="1" name="os.product"/>
597
675
  <param pos="2" name="os.version"/>
598
676
  </fingerprint>
677
+
599
678
  <fingerprint pattern="^(?i:(?:HP\s?)?(Digital UNIX|HP-UX|iLO|OpenVMS|ProLiant|Tru64 UNIX)\s?(\d+?(?:\.\d+?)*?)?)$">
600
679
  <description>HP OSes</description>
601
680
  <example os.product="HP-UX">HP-UX</example>
@@ -605,8 +684,11 @@
605
684
  <param pos="1" name="os.product"/>
606
685
  <param pos="2" name="os.version"/>
607
686
  </fingerprint>
687
+
608
688
  <!-- Other Unix-likes end -->
689
+
609
690
  <!-- Network equipment begin -->
691
+
610
692
  <fingerprint pattern="^(?i:(?:Juniper\s?)?(Junos|Junos OS|ScreenOS)\s?(\d+?(?:\.\d+?)*?)?)$">
611
693
  <description>Juniper</description>
612
694
  <example>Junos</example>
@@ -616,7 +698,9 @@
616
698
  <param pos="1" name="os.product"/>
617
699
  <param pos="2" name="os.version"/>
618
700
  </fingerprint>
701
+
619
702
  <!-- This needs to be improved if it's not how one would generally present a Cisco OS version. -->
703
+
620
704
  <fingerprint pattern="^(?i:(?:Cisco\s?)?(ASA|Adaptive Security Appliance|IOS|IOS-XE|IOS-XR|NX-OS|PIX-OS|SAN-OS)\s?(?:Version (\S+))?)$">
621
705
  <description>Cisco</description>
622
706
  <example>Cisco ASA</example>
@@ -626,5 +710,7 @@
626
710
  <param pos="1" name="os.product"/>
627
711
  <param pos="2" name="os.version"/>
628
712
  </fingerprint>
713
+
629
714
  <!-- Network equipment end -->
630
- </fingerprints>
715
+
716
+ </fingerprints>