recog 2.3.8 → 2.3.9

Sign up to get free protection for your applications and to get access to all the features.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -0
  3. data/CONTRIBUTING.md +136 -37
  4. data/README.md +18 -16
  5. data/bin/recog_cleanup +16 -0
  6. data/bin/recog_standardize +30 -6
  7. data/identifiers/README.md +9 -0
  8. data/identifiers/hw_device.txt +77 -0
  9. data/identifiers/hw_family.txt +96 -0
  10. data/identifiers/hw_product.txt +328 -0
  11. data/identifiers/os_architecture.txt +6 -6
  12. data/identifiers/os_device.txt +45 -3
  13. data/identifiers/os_family.txt +206 -41
  14. data/identifiers/os_product.txt +238 -17
  15. data/identifiers/service_family.txt +144 -57
  16. data/identifiers/service_product.txt +384 -83
  17. data/identifiers/vendor.txt +553 -68
  18. data/lib/recog/version.rb +1 -1
  19. data/requirements.txt +1 -1
  20. data/xml/apache_modules.xml +292 -5
  21. data/xml/apache_os.xml +41 -2
  22. data/xml/architecture.xml +11 -3
  23. data/xml/dns_versionbind.xml +76 -8
  24. data/xml/favicons.xml +1700 -0
  25. data/xml/ftp_banners.xml +178 -8
  26. data/xml/h323_callresp.xml +112 -12
  27. data/xml/hp_pjl_id.xml +47 -5
  28. data/xml/html_title.xml +1258 -25
  29. data/xml/http_cookies.xml +64 -9
  30. data/xml/http_servers.xml +667 -37
  31. data/xml/http_wwwauth.xml +141 -26
  32. data/xml/imap_banners.xml +19 -13
  33. data/xml/ldap_searchresult.xml +81 -9
  34. data/xml/mdns_device-info_txt.xml +175 -2
  35. data/xml/mdns_workstation_txt.xml +4 -2
  36. data/xml/mysql_banners.xml +134 -7
  37. data/xml/mysql_error.xml +113 -6
  38. data/xml/nntp_banners.xml +10 -2
  39. data/xml/ntp_banners.xml +80 -4
  40. data/xml/operating_system.xml +89 -3
  41. data/xml/pop_banners.xml +30 -31
  42. data/xml/rsh_resp.xml +11 -2
  43. data/xml/rtsp_servers.xml +22 -2
  44. data/xml/sip_banners.xml +35 -4
  45. data/xml/sip_user_agents.xml +29 -2
  46. data/xml/smb_native_lm.xml +10 -2
  47. data/xml/smb_native_os.xml +79 -2
  48. data/xml/smtp_banners.xml +146 -7
  49. data/xml/smtp_debug.xml +6 -4
  50. data/xml/smtp_ehlo.xml +7 -5
  51. data/xml/smtp_expn.xml +13 -4
  52. data/xml/smtp_help.xml +23 -4
  53. data/xml/smtp_mailfrom.xml +5 -2
  54. data/xml/smtp_noop.xml +6 -5
  55. data/xml/smtp_quit.xml +5 -4
  56. data/xml/smtp_rcptto.xml +5 -2
  57. data/xml/smtp_rset.xml +4 -4
  58. data/xml/smtp_turn.xml +4 -4
  59. data/xml/smtp_vrfy.xml +14 -4
  60. data/xml/snmp_sysdescr.xml +731 -24
  61. data/xml/snmp_sysobjid.xml +47 -2
  62. data/xml/ssh_banners.xml +175 -5
  63. data/xml/telnet_banners.xml +266 -15
  64. data/xml/x11_banners.xml +26 -3
  65. data/xml/x509_issuers.xml +30 -6
  66. data/xml/x509_subjects.xml +200 -31
  67. metadata +8 -2
@@ -1,15 +1,18 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="snmp.sys_object_id" protocol="snmp" database_type="service">
3
3
  <!--
4
4
  SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
5
5
  'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
6
6
  -->
7
+
7
8
  <!--======================================================================
8
9
  MICROSOFT
9
10
  =======================================================================-->
11
+
10
12
  <!--
11
13
  These are baseline patterns that map to sysObjectID with their associated sysDescr.
12
14
  -->
15
+
13
16
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
14
17
  <description>Windows NT 4 on x86</description>
15
18
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE - Software: Windows NT Version 4.0 (Build Number: 1381 Uniprocessor Free )</example>
@@ -21,6 +24,7 @@
21
24
  <param pos="0" name="os.arch" value="x86"/>
22
25
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
23
26
  </fingerprint>
27
+
24
28
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
25
29
  <description>Windows 2000 on x86</description>
26
30
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -30,6 +34,7 @@
30
34
  <param pos="0" name="os.arch" value="x86"/>
31
35
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
32
36
  </fingerprint>
37
+
33
38
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
34
39
  <description>Windows 2000 Datacenter on x86</description>
35
40
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -39,6 +44,7 @@
39
44
  <param pos="0" name="os.arch" value="x86"/>
40
45
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
41
46
  </fingerprint>
47
+
42
48
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
43
49
  <description>Windows Server 2003 on x86</description>
44
50
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -48,6 +54,7 @@
48
54
  <param pos="0" name="os.arch" value="x86"/>
49
55
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
56
  </fingerprint>
57
+
51
58
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
52
59
  <description>Windows Server 2003 Datacenter on x86</description>
53
60
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -57,6 +64,7 @@
57
64
  <param pos="0" name="os.arch" value="x86"/>
58
65
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
59
66
  </fingerprint>
67
+
60
68
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
61
69
  <description>Windows Server 2003 on x86_64</description>
62
70
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -67,6 +75,7 @@
67
75
  <param pos="0" name="os.arch" value="x86_64"/>
68
76
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
69
77
  </fingerprint>
78
+
70
79
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
71
80
  <description>Windows Server 2003 Datacenter on x86_64</description>
72
81
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -77,6 +86,7 @@
77
86
  <param pos="0" name="os.arch" value="x86_64"/>
78
87
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
79
88
  </fingerprint>
89
+
80
90
  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
81
91
  <description>Windows CE</description>
82
92
  <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
@@ -87,6 +97,7 @@
87
97
  <param pos="1" name="os.version"/>
88
98
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
89
99
  </fingerprint>
100
+
90
101
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
91
102
  <description>Windows Server 2008 on x86</description>
92
103
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -96,6 +107,7 @@
96
107
  <param pos="0" name="os.arch" value="x86"/>
97
108
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
98
109
  </fingerprint>
110
+
99
111
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
100
112
  <description>Windows Server 2008 Datacenter on x86</description>
101
113
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -105,6 +117,7 @@
105
117
  <param pos="0" name="os.arch" value="x86"/>
106
118
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
107
119
  </fingerprint>
120
+
108
121
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
109
122
  <description>Windows Server 2008 on x86_64</description>
110
123
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -115,6 +128,7 @@
115
128
  <param pos="0" name="os.arch" value="x86_64"/>
116
129
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
117
130
  </fingerprint>
131
+
118
132
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
119
133
  <description>Windows Server 2008 Datacenter on x86_64</description>
120
134
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -125,6 +139,7 @@
125
139
  <param pos="0" name="os.arch" value="x86_64"/>
126
140
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
127
141
  </fingerprint>
142
+
128
143
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
129
144
  <description>Windows Server 2008 SP2 on x86</description>
130
145
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -135,6 +150,7 @@
135
150
  <param pos="0" name="os.arch" value="x86"/>
136
151
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
137
152
  </fingerprint>
153
+
138
154
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
139
155
  <description>Windows Server 2008 Datacenter SP2 on x86</description>
140
156
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -145,6 +161,7 @@
145
161
  <param pos="0" name="os.arch" value="x86"/>
146
162
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
147
163
  </fingerprint>
164
+
148
165
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
149
166
  <description>Windows Server 2008 SP2 on x86_64</description>
150
167
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -156,6 +173,7 @@
156
173
  <param pos="0" name="os.arch" value="x86_64"/>
157
174
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
158
175
  </fingerprint>
176
+
159
177
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
160
178
  <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
161
179
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -167,6 +185,7 @@
167
185
  <param pos="0" name="os.arch" value="x86_64"/>
168
186
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
169
187
  </fingerprint>
188
+
170
189
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
171
190
  <description>Windows Server 2008 R2 on x86</description>
172
191
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -176,6 +195,7 @@
176
195
  <param pos="0" name="os.arch" value="x86"/>
177
196
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
178
197
  </fingerprint>
198
+
179
199
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
180
200
  <description>Windows Server 2008 Datacenter R2 on x86</description>
181
201
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -185,6 +205,7 @@
185
205
  <param pos="0" name="os.arch" value="x86"/>
186
206
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
187
207
  </fingerprint>
208
+
188
209
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
189
210
  <description>Windows Server 2008 R2 on x86_64</description>
190
211
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -195,6 +216,7 @@
195
216
  <param pos="0" name="os.arch" value="x86_64"/>
196
217
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
197
218
  </fingerprint>
219
+
198
220
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
199
221
  <description>Windows Server 2008 Datacenter R2 on x86_64</description>
200
222
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -205,6 +227,7 @@
205
227
  <param pos="0" name="os.arch" value="x86_64"/>
206
228
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
207
229
  </fingerprint>
230
+
208
231
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
209
232
  <description>Windows Server 2008 R2 SP1 on x86</description>
210
233
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -215,6 +238,7 @@
215
238
  <param pos="0" name="os.arch" value="x86"/>
216
239
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
217
240
  </fingerprint>
241
+
218
242
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
219
243
  <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
220
244
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -225,6 +249,7 @@
225
249
  <param pos="0" name="os.arch" value="x86"/>
226
250
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
227
251
  </fingerprint>
252
+
228
253
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
229
254
  <description>Windows Server 2008 R2 SP1 on x86_64</description>
230
255
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -236,6 +261,7 @@
236
261
  <param pos="0" name="os.arch" value="x86_64"/>
237
262
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
238
263
  </fingerprint>
264
+
239
265
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
240
266
  <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
241
267
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -247,6 +273,7 @@
247
273
  <param pos="0" name="os.arch" value="x86_64"/>
248
274
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
249
275
  </fingerprint>
276
+
250
277
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
251
278
  <description>Windows Server 2012 on x86_64</description>
252
279
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
@@ -256,7 +283,9 @@
256
283
  <param pos="0" name="os.arch" value="x86_64"/>
257
284
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
258
285
  </fingerprint>
286
+
259
287
  <!-- Various OIDs for Net-SNMP agents which are OS specific -->
288
+
260
289
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.1$">
261
290
  <description>Net-SNMP on hpux9</description>
262
291
  <example>1.3.6.1.4.1.8072.3.2.1</example>
@@ -269,6 +298,7 @@
269
298
  <param pos="0" name="service.product" value="SNMP Agent"/>
270
299
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
271
300
  </fingerprint>
301
+
272
302
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.2$">
273
303
  <description>Net-SNMP on sunos4</description>
274
304
  <example>1.3.6.1.4.1.8072.3.2.2</example>
@@ -280,6 +310,7 @@
280
310
  <param pos="0" name="service.product" value="SNMP Agent"/>
281
311
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
282
312
  </fingerprint>
313
+
283
314
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.3$">
284
315
  <description>Net-SNMP on solaris</description>
285
316
  <example>1.3.6.1.4.1.8072.3.2.3</example>
@@ -291,6 +322,7 @@
291
322
  <param pos="0" name="service.product" value="SNMP Agent"/>
292
323
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
293
324
  </fingerprint>
325
+
294
326
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.4$">
295
327
  <description>Net-SNMP on osf</description>
296
328
  <example>1.3.6.1.4.1.8072.3.2.4</example>
@@ -300,6 +332,7 @@
300
332
  <param pos="0" name="service.product" value="SNMP Agent"/>
301
333
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
302
334
  </fingerprint>
335
+
303
336
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.5$">
304
337
  <description>Net-SNMP on ultrix</description>
305
338
  <example>1.3.6.1.4.1.8072.3.2.5</example>
@@ -309,6 +342,7 @@
309
342
  <param pos="0" name="service.product" value="SNMP Agent"/>
310
343
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
311
344
  </fingerprint>
345
+
312
346
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.6$">
313
347
  <description>Net-SNMP on hpux10</description>
314
348
  <example>1.3.6.1.4.1.8072.3.2.6</example>
@@ -321,6 +355,7 @@
321
355
  <param pos="0" name="service.product" value="SNMP Agent"/>
322
356
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
323
357
  </fingerprint>
358
+
324
359
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.7$">
325
360
  <description>Net-SNMP on netbsd</description>
326
361
  <example>1.3.6.1.4.1.8072.3.2.7</example>
@@ -332,6 +367,7 @@
332
367
  <param pos="0" name="service.product" value="SNMP Agent"/>
333
368
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
334
369
  </fingerprint>
370
+
335
371
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.8$">
336
372
  <description>Net-SNMP on freebsd</description>
337
373
  <example>1.3.6.1.4.1.8072.3.2.8</example>
@@ -343,6 +379,7 @@
343
379
  <param pos="0" name="service.product" value="SNMP Agent"/>
344
380
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
345
381
  </fingerprint>
382
+
346
383
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.9$">
347
384
  <description>Net-SNMP on irix</description>
348
385
  <example>1.3.6.1.4.1.8072.3.2.9</example>
@@ -354,6 +391,7 @@
354
391
  <param pos="0" name="service.product" value="SNMP Agent"/>
355
392
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
356
393
  </fingerprint>
394
+
357
395
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.10$">
358
396
  <description>Net-SNMP on linux</description>
359
397
  <example>1.3.6.1.4.1.8072.3.2.10</example>
@@ -363,6 +401,7 @@
363
401
  <param pos="0" name="service.product" value="SNMP Agent"/>
364
402
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
365
403
  </fingerprint>
404
+
366
405
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.11$">
367
406
  <description>Net-SNMP on bsdi</description>
368
407
  <example>1.3.6.1.4.1.8072.3.2.11</example>
@@ -372,6 +411,7 @@
372
411
  <param pos="0" name="service.product" value="SNMP Agent"/>
373
412
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
374
413
  </fingerprint>
414
+
375
415
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.12$">
376
416
  <description>Net-SNMP on openbsd</description>
377
417
  <example>1.3.6.1.4.1.8072.3.2.12</example>
@@ -383,6 +423,7 @@
383
423
  <param pos="0" name="service.product" value="SNMP Agent"/>
384
424
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
385
425
  </fingerprint>
426
+
386
427
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.13$">
387
428
  <description>Net-SNMP on win32</description>
388
429
  <example>1.3.6.1.4.1.8072.3.2.13</example>
@@ -394,6 +435,7 @@
394
435
  <param pos="0" name="service.product" value="SNMP Agent"/>
395
436
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
396
437
  </fingerprint>
438
+
397
439
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.14$">
398
440
  <description>Net-SNMP on hpux11</description>
399
441
  <example>1.3.6.1.4.1.8072.3.2.14</example>
@@ -406,6 +448,7 @@
406
448
  <param pos="0" name="service.product" value="SNMP Agent"/>
407
449
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
408
450
  </fingerprint>
451
+
409
452
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.15$">
410
453
  <description>Net-SNMP on aix</description>
411
454
  <example>1.3.6.1.4.1.8072.3.2.15</example>
@@ -417,6 +460,7 @@
417
460
  <param pos="0" name="service.product" value="SNMP Agent"/>
418
461
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
419
462
  </fingerprint>
463
+
420
464
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.16$">
421
465
  <description>Net-SNMP on macosx</description>
422
466
  <example>1.3.6.1.4.1.8072.3.2.16</example>
@@ -427,4 +471,5 @@
427
471
  <param pos="0" name="service.product" value="SNMP Agent"/>
428
472
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
429
473
  </fingerprint>
430
- </fingerprints>
474
+
475
+ </fingerprints>
@@ -1,15 +1,17 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ssh.banner" protocol="ssh" database_type="service" preference="0.90">
3
3
  <!--
4
4
  SSH "software revision and comment" strings (official RFC nomenclature for the part of
5
5
  the identification string after "SSH-x.x-") are matched against these patterns to
6
6
  fingerprint SSH servers.
7
7
  -->
8
+
8
9
  <fingerprint pattern="^ArrayOS$">
9
10
  <description>Array Networks device</description>
10
11
  <example>ArrayOS</example>
11
12
  <param pos="0" name="service.vendor" value="Array Networks"/>
12
13
  </fingerprint>
14
+
13
15
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
14
16
  <description>Allegro RomSShell SSH</description>
15
17
  <example service.version="4.62">RomSShell_4.62</example>
@@ -17,11 +19,13 @@
17
19
  <param pos="0" name="service.product" value="RomSShell"/>
18
20
  <param pos="1" name="service.version"/>
19
21
  </fingerprint>
22
+
20
23
  <fingerprint pattern="(?i)^DraySSH_\S+$">
21
24
  <description>DrayTek generic</description>
22
25
  <example>DraySSH_2.0</example>
23
26
  <param pos="0" name="hw.vendor" value="DrayTek"/>
24
27
  </fingerprint>
28
+
25
29
  <fingerprint pattern="^mpSSH_([\d\.]+)$">
26
30
  <description>HP Integrated Lights Out (iLO) usually bundled with HP servers</description>
27
31
  <example service.version="0.0.1">mpSSH_0.0.1</example>
@@ -36,6 +40,7 @@
36
40
  <param pos="0" name="os.family" value="iLO"/>
37
41
  <param pos="0" name="os.device" value="Lights Out Management"/>
38
42
  </fingerprint>
43
+
39
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
40
45
  <description>Serv-U SSH</description>
41
46
  <example service.version="7.4.0.1">Serv-U_7.4.0.1</example>
@@ -43,6 +48,7 @@
43
48
  <param pos="0" name="service.product" value="Serv-U"/>
44
49
  <param pos="1" name="service.version"/>
45
50
  </fingerprint>
51
+
46
52
  <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
47
53
  <description>WS_FTP Server with SSH</description>
48
54
  <example service.version="6.1.1">WS_FTP-SSH_6.1.1</example>
@@ -52,6 +58,7 @@
52
58
  <param pos="1" name="service.version"/>
53
59
  <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
54
60
  </fingerprint>
61
+
55
62
  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
56
63
  <description>VxWorks with version information</description>
57
64
  <example os.version="6.9.0">IPSSH-6.9.0</example>
@@ -60,7 +67,9 @@
60
67
  <param pos="1" name="os.version"/>
61
68
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
62
69
  </fingerprint>
70
+
63
71
  <!-- FreeBSD -->
72
+
64
73
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (green@FreeBSD.org 20010321)$">
65
74
  <description>OpenSSH running on FreeBSD 4.3</description>
66
75
  <example service.version="2.3.0" openssh.comment="green@FreeBSD.org 20010321">OpenSSH_2.3.0 green@FreeBSD.org 20010321</example>
@@ -76,6 +85,7 @@
76
85
  <param pos="0" name="os.version" value="4.3"/>
77
86
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.3"/>
78
87
  </fingerprint>
88
+
79
89
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (FreeBSD localisations 20010713)$">
80
90
  <description>OpenSSH running on FreeBSD 4.4</description>
81
91
  <example service.version="2.3.0" openssh.comment="FreeBSD localisations 20010713">OpenSSH_2.3.0 FreeBSD localisations 20010713</example>
@@ -91,6 +101,7 @@
91
101
  <param pos="0" name="os.version" value="4.4"/>
92
102
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.4"/>
93
103
  </fingerprint>
104
+
94
105
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20011202)$">
95
106
  <description>OpenSSH running on FreeBSD 4.5</description>
96
107
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20011202">OpenSSH_2.9 FreeBSD localisations 20011202</example>
@@ -106,6 +117,7 @@
106
117
  <param pos="0" name="os.version" value="4.5"/>
107
118
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.5"/>
108
119
  </fingerprint>
120
+
109
121
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD 20020702)$">
110
122
  <description>OpenSSH running on FreeBSD 4.6.2</description>
111
123
  <example service.version="3.4p1" openssh.comment="FreeBSD 20020702">OpenSSH_3.4p1 FreeBSD 20020702</example>
@@ -121,6 +133,7 @@
121
133
  <param pos="0" name="os.version" value="4.6.2"/>
122
134
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6.2"/>
123
135
  </fingerprint>
136
+
124
137
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20020307)$">
125
138
  <description>OpenSSH running on FreeBSD 4.6</description>
126
139
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20020307">OpenSSH_2.9 FreeBSD localisations 20020307</example>
@@ -136,6 +149,7 @@
136
149
  <param pos="0" name="os.version" value="4.6"/>
137
150
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6"/>
138
151
  </fingerprint>
152
+
139
153
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD-20020702)$">
140
154
  <description>OpenSSH running on FreeBSD 4.7</description>
141
155
  <example service.version="3.4p1" openssh.comment="FreeBSD-20020702">OpenSSH_3.4p1 FreeBSD-20020702</example>
@@ -151,6 +165,7 @@
151
165
  <param pos="0" name="os.version" value="4.7"/>
152
166
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.7"/>
153
167
  </fingerprint>
168
+
154
169
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030201)$">
155
170
  <description>OpenSSH running on FreeBSD 4.8</description>
156
171
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030201">OpenSSH_3.5p1 FreeBSD-20030201</example>
@@ -166,7 +181,9 @@
166
181
  <param pos="0" name="os.version" value="4.8"/>
167
182
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.8"/>
168
183
  </fingerprint>
184
+
169
185
  <!-- Multiple minor version match, assert the oldest version -->
186
+
170
187
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030924)$">
171
188
  <description>OpenSSH running on FreeBSD 4.9/4.10 (sometimes 4.11)</description>
172
189
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.5p1 FreeBSD-20030924</example>
@@ -182,6 +199,7 @@
182
199
  <param pos="0" name="os.version" value="4.9"/>
183
200
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.9"/>
184
201
  </fingerprint>
202
+
185
203
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20060930)$">
186
204
  <description>OpenSSH running on FreeBSD 4.11</description>
187
205
  <example service.version="3.5p1" openssh.comment="FreeBSD-20060930">OpenSSH_3.5p1 FreeBSD-20060930</example>
@@ -197,6 +215,7 @@
197
215
  <param pos="0" name="os.version" value="4.11"/>
198
216
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.11"/>
199
217
  </fingerprint>
218
+
200
219
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20021029)$">
201
220
  <description>OpenSSH running on FreeBSD 5.0</description>
202
221
  <example service.version="3.5p1" openssh.comment="FreeBSD-20021029">OpenSSH_3.5p1 FreeBSD-20021029</example>
@@ -212,6 +231,7 @@
212
231
  <param pos="0" name="os.version" value="5.0"/>
213
232
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.0"/>
214
233
  </fingerprint>
234
+
215
235
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030423)$">
216
236
  <description>OpenSSH running on FreeBSD 5.1</description>
217
237
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030423">OpenSSH_3.6.1p1 FreeBSD-20030423</example>
@@ -227,6 +247,7 @@
227
247
  <param pos="0" name="os.version" value="5.1"/>
228
248
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.1"/>
229
249
  </fingerprint>
250
+
230
251
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030924)$">
231
252
  <description>OpenSSH running on FreeBSD 5.2</description>
232
253
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.6.1p1 FreeBSD-20030924</example>
@@ -242,7 +263,9 @@
242
263
  <param pos="0" name="os.version" value="5.2"/>
243
264
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.2"/>
244
265
  </fingerprint>
266
+
245
267
  <!-- Multiple minor version match, assert the oldest version -->
268
+
246
269
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20040419)$">
247
270
  <description>OpenSSH running on FreeBSD 5.3/5.4</description>
248
271
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20040419">OpenSSH_3.8.1p1 FreeBSD-20040419</example>
@@ -258,6 +281,7 @@
258
281
  <param pos="0" name="os.version" value="5.3"/>
259
282
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.3"/>
260
283
  </fingerprint>
284
+
261
285
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20060123)$">
262
286
  <description>OpenSSH running on FreeBSD 5.5</description>
263
287
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20060123">OpenSSH_3.8.1p1 FreeBSD-20060123</example>
@@ -273,7 +297,9 @@
273
297
  <param pos="0" name="os.version" value="5.5"/>
274
298
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.5"/>
275
299
  </fingerprint>
300
+
276
301
  <!-- Multiple minor version match, assert the oldest version -->
302
+
277
303
  <fingerprint pattern="^OpenSSH_(4\.2p1) (FreeBSD-20050903)$">
278
304
  <description>OpenSSH running on FreeBSD 6.0/6.1</description>
279
305
  <example service.version="4.2p1" openssh.comment="FreeBSD-20050903">OpenSSH_4.2p1 FreeBSD-20050903</example>
@@ -289,7 +315,9 @@
289
315
  <param pos="0" name="os.version" value="6.0"/>
290
316
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:6.0"/>
291
317
  </fingerprint>
318
+
292
319
  <!-- Spans major versions, do not assert a version number -->
320
+
293
321
  <fingerprint pattern="^OpenSSH_(4\.5p1) (FreeBSD-20061110)$">
294
322
  <description>OpenSSH running on FreeBSD 6.2/6.3/6.4/7.0</description>
295
323
  <example service.version="4.5p1" openssh.comment="FreeBSD-20061110">OpenSSH_4.5p1 FreeBSD-20061110</example>
@@ -304,7 +332,9 @@
304
332
  <param pos="0" name="os.product" value="FreeBSD"/>
305
333
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
306
334
  </fingerprint>
335
+
307
336
  <!-- Multiple minor version match, assert the oldest version -->
337
+
308
338
  <fingerprint pattern="^OpenSSH_(5\.1p1) (FreeBSD-20080901)$">
309
339
  <description>OpenSSH running on FreeBSD 7.1/7.2/7.3/7.4</description>
310
340
  <example service.version="5.1p1" openssh.comment="FreeBSD-20080901">OpenSSH_5.1p1 FreeBSD-20080901</example>
@@ -320,6 +350,7 @@
320
350
  <param pos="0" name="os.version" value="7.1"/>
321
351
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:7.1"/>
322
352
  </fingerprint>
353
+
323
354
  <fingerprint pattern="^OpenSSH_(5\.2p1) (FreeBSD-20090522)$">
324
355
  <description>OpenSSH running on FreeBSD 8.0</description>
325
356
  <example service.version="5.2p1" openssh.comment="FreeBSD-20090522">OpenSSH_5.2p1 FreeBSD-20090522</example>
@@ -335,7 +366,9 @@
335
366
  <param pos="0" name="os.version" value="8.0"/>
336
367
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.0"/>
337
368
  </fingerprint>
369
+
338
370
  <!-- Multiple minor version match, assert the oldest version -->
371
+
339
372
  <fingerprint pattern="^OpenSSH_(5\.4p1) (FreeBSD-20100308)$">
340
373
  <description>OpenSSH running on FreeBSD 8.1/8.2</description>
341
374
  <example service.version="5.4p1" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1 FreeBSD-20100308</example>
@@ -351,6 +384,7 @@
351
384
  <param pos="0" name="os.version" value="8.1"/>
352
385
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.1"/>
353
386
  </fingerprint>
387
+
354
388
  <fingerprint pattern="^OpenSSH_(5\.4p1_hpn13v11) (FreeBSD-20100308)$">
355
389
  <description>OpenSSH running on FreeBSD 8.3</description>
356
390
  <example service.version="5.4p1_hpn13v11" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1_hpn13v11 FreeBSD-20100308</example>
@@ -366,6 +400,7 @@
366
400
  <param pos="0" name="os.version" value="8.3"/>
367
401
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.3"/>
368
402
  </fingerprint>
403
+
369
404
  <fingerprint pattern="^OpenSSH_(6\.1_hpn13v11) (FreeBSD-20120901)$">
370
405
  <description>OpenSSH running on FreeBSD 8.4</description>
371
406
  <example service.version="6.1_hpn13v11" openssh.comment="FreeBSD-20120901">OpenSSH_6.1_hpn13v11 FreeBSD-20120901</example>
@@ -381,7 +416,9 @@
381
416
  <param pos="0" name="os.version" value="8.4"/>
382
417
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.4"/>
383
418
  </fingerprint>
419
+
384
420
  <!-- Multiple minor version match, assert the oldest version -->
421
+
385
422
  <fingerprint pattern="^OpenSSH_(5\.8p2_hpn13v11) (FreeBSD-20110503)$">
386
423
  <description>OpenSSH running on FreeBSD 9.0/9.1</description>
387
424
  <example service.version="5.8p2_hpn13v11" openssh.comment="FreeBSD-20110503">OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503</example>
@@ -397,6 +434,7 @@
397
434
  <param pos="0" name="os.version" value="9.0"/>
398
435
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.0"/>
399
436
  </fingerprint>
437
+
400
438
  <fingerprint pattern="^OpenSSH_(6\.2_hpn13v11) (FreeBSD-20130515)$">
401
439
  <description>OpenSSH running on FreeBSD 9.2</description>
402
440
  <example service.version="6.2_hpn13v11" openssh.comment="FreeBSD-20130515">OpenSSH_6.2_hpn13v11 FreeBSD-20130515</example>
@@ -412,7 +450,9 @@
412
450
  <param pos="0" name="os.version" value="9.2"/>
413
451
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.2"/>
414
452
  </fingerprint>
453
+
415
454
  <!-- Spans major versions, do not assert a version number -->
455
+
416
456
  <fingerprint pattern="^OpenSSH_(6\.6\.1_hpn13v11) (FreeBSD-20140420)$">
417
457
  <description>OpenSSH running on FreeBSD 9.3/10.1/10.2</description>
418
458
  <example service.version="6.6.1_hpn13v11" openssh.comment="FreeBSD-20140420">OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420</example>
@@ -427,6 +467,7 @@
427
467
  <param pos="0" name="os.product" value="FreeBSD"/>
428
468
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
429
469
  </fingerprint>
470
+
430
471
  <fingerprint pattern="^OpenSSH_(6\.4_hpn13v11) (FreeBSD-20131111)$">
431
472
  <description>OpenSSH running on FreeBSD 10.0</description>
432
473
  <example service.version="6.4_hpn13v11" openssh.comment="FreeBSD-20131111">OpenSSH_6.4_hpn13v11 FreeBSD-20131111</example>
@@ -442,7 +483,9 @@
442
483
  <param pos="0" name="os.version" value="10.0"/>
443
484
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.0"/>
444
485
  </fingerprint>
486
+
445
487
  <!-- Spans major versions, do not assert a version number -->
488
+
446
489
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20160310)$">
447
490
  <description>OpenSSH running on FreeBSD 10.3/11.0</description>
448
491
  <example service.version="7.2" openssh.comment="FreeBSD-20160310">OpenSSH_7.2 FreeBSD-20160310</example>
@@ -457,6 +500,7 @@
457
500
  <param pos="0" name="os.product" value="FreeBSD"/>
458
501
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
459
502
  </fingerprint>
503
+
460
504
  <fingerprint pattern="^OpenSSH_(7\.3) (FreeBSD-20170902)$">
461
505
  <description>OpenSSH running on FreeBSD 10.4</description>
462
506
  <example service.version="7.3" openssh.comment="FreeBSD-20170902">OpenSSH_7.3 FreeBSD-20170902</example>
@@ -472,6 +516,7 @@
472
516
  <param pos="0" name="os.version" value="10.4"/>
473
517
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.4"/>
474
518
  </fingerprint>
519
+
475
520
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20161230)$">
476
521
  <description>OpenSSH running on FreeBSD 11.1</description>
477
522
  <example service.version="7.2" openssh.comment="FreeBSD-20161230">OpenSSH_7.2 FreeBSD-20161230</example>
@@ -487,7 +532,9 @@
487
532
  <param pos="0" name="os.version" value="11.1"/>
488
533
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.1"/>
489
534
  </fingerprint>
535
+
490
536
  <!-- Multiple minor version match, assert the oldest version -->
537
+
491
538
  <fingerprint pattern="^OpenSSH_(7\.5) (FreeBSD-20170903)$">
492
539
  <description>OpenSSH running on FreeBSD 11.2/11.3</description>
493
540
  <example service.version="7.5" openssh.comment="FreeBSD-20170903">OpenSSH_7.5 FreeBSD-20170903</example>
@@ -503,6 +550,7 @@
503
550
  <param pos="0" name="os.version" value="11.2"/>
504
551
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.2"/>
505
552
  </fingerprint>
553
+
506
554
  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
507
555
  <description>OpenSSH running on FreeBSD 12.0</description>
508
556
  <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
@@ -518,6 +566,7 @@
518
566
  <param pos="0" name="os.version" value="12.0"/>
519
567
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:12.0"/>
520
568
  </fingerprint>
569
+
521
570
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
522
571
  <description>OpenSSH running on FreeBSD</description>
523
572
  <example service.version="7.2" openssh.comment="FreeBSD-20160311">OpenSSH_7.2 FreeBSD-20160311</example>
@@ -532,7 +581,9 @@
532
581
  <param pos="0" name="os.product" value="FreeBSD"/>
533
582
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
534
583
  </fingerprint>
584
+
535
585
  <!-- NetBSD -->
586
+
536
587
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD(?:_Secure_Shell)?[ -].*)$">
537
588
  <description>OpenSSH running on NetBSD</description>
538
589
  <example service.version="7.2" openssh.comment="NetBSD-20100308">OpenSSH_7.2 NetBSD-20100308</example>
@@ -548,7 +599,9 @@
548
599
  <param pos="0" name="os.product" value="NetBSD"/>
549
600
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
550
601
  </fingerprint>
602
+
551
603
  <!-- Ubuntu -->
604
+
552
605
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (Debian-11ubuntu\d+(?:\.\d+)?)$">
553
606
  <description>OpenSSH running on Ubuntu 4.10</description>
554
607
  <example service.version="3.8.1p1" openssh.comment="Debian-11ubuntu3">OpenSSH_3.8.1p1 Debian-11ubuntu3</example>
@@ -564,6 +617,7 @@
564
617
  <param pos="0" name="os.version" value="4.10"/>
565
618
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:4.10"/>
566
619
  </fingerprint>
620
+
567
621
  <fingerprint pattern="^OpenSSH_(3\.9p1) (Debian-1ubuntu\d+(?:\.\d+)?)$">
568
622
  <description>OpenSSH running on Ubuntu 5.04</description>
569
623
  <example service.version="3.9p1" openssh.comment="Debian-1ubuntu2">OpenSSH_3.9p1 Debian-1ubuntu2</example>
@@ -579,6 +633,7 @@
579
633
  <param pos="0" name="os.version" value="5.04"/>
580
634
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.04"/>
581
635
  </fingerprint>
636
+
582
637
  <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
583
638
  <description>OpenSSH running on Ubuntu 5.10</description>
584
639
  <example service.version="4.1p1" openssh.comment="Debian-7ubuntu4">OpenSSH_4.1p1 Debian-7ubuntu4</example>
@@ -594,6 +649,7 @@
594
649
  <param pos="0" name="os.version" value="5.10"/>
595
650
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
596
651
  </fingerprint>
652
+
597
653
  <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
598
654
  <description>OpenSSH running on Ubuntu 6.04</description>
599
655
  <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
@@ -610,6 +666,7 @@
610
666
  <param pos="0" name="os.version" value="6.04"/>
611
667
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
612
668
  </fingerprint>
669
+
613
670
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
614
671
  <description>OpenSSH running on Ubuntu 7.04</description>
615
672
  <example service.version="4.3p2" openssh.comment="Debian-8ubuntu1.4">OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
@@ -625,6 +682,7 @@
625
682
  <param pos="0" name="os.version" value="7.04"/>
626
683
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
627
684
  </fingerprint>
685
+
628
686
  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
629
687
  <description>OpenSSH running on Ubuntu 7.10</description>
630
688
  <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
@@ -643,6 +701,7 @@
643
701
  <param pos="0" name="os.version" value="7.10"/>
644
702
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
645
703
  </fingerprint>
704
+
646
705
  <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
647
706
  <description>OpenSSH running on Ubuntu 8.04</description>
648
707
  <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
@@ -659,6 +718,7 @@
659
718
  <param pos="0" name="os.version" value="8.04"/>
660
719
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
661
720
  </fingerprint>
721
+
662
722
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
663
723
  <description>OpenSSH running on Ubuntu 8.10</description>
664
724
  <example service.version="5.1p1" openssh.comment="Debian-3ubuntu1">OpenSSH_5.1p1 Debian-3ubuntu1</example>
@@ -674,6 +734,7 @@
674
734
  <param pos="0" name="os.version" value="8.10"/>
675
735
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
676
736
  </fingerprint>
737
+
677
738
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
678
739
  <description>OpenSSH running on Ubuntu 9.04</description>
679
740
  <example service.version="5.1p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.1p1 Debian-5ubuntu1</example>
@@ -689,6 +750,7 @@
689
750
  <param pos="0" name="os.version" value="9.04"/>
690
751
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
691
752
  </fingerprint>
753
+
692
754
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
693
755
  <description>OpenSSH running on Ubuntu 9.10</description>
694
756
  <example service.version="5.1p1" openssh.comment="Debian-6ubuntu2">OpenSSH_5.1p1 Debian-6ubuntu2</example>
@@ -704,6 +766,7 @@
704
766
  <param pos="0" name="os.version" value="9.10"/>
705
767
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
706
768
  </fingerprint>
769
+
707
770
  <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
708
771
  <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
709
772
  <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
@@ -724,6 +787,7 @@
724
787
  <param pos="0" name="os.version" value="10.04"/>
725
788
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
726
789
  </fingerprint>
790
+
727
791
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
728
792
  <description>OpenSSH running on Ubuntu 10.10</description>
729
793
  <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
@@ -741,6 +805,7 @@
741
805
  <param pos="0" name="os.version" value="10.10"/>
742
806
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
743
807
  </fingerprint>
808
+
744
809
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
745
810
  <description>OpenSSH running on Ubuntu 11.04</description>
746
811
  <example service.version="5.8p1" openssh.comment="Debian-1ubuntu3">OpenSSH_5.8p1 Debian-1ubuntu3</example>
@@ -756,6 +821,7 @@
756
821
  <param pos="0" name="os.version" value="11.04"/>
757
822
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
758
823
  </fingerprint>
824
+
759
825
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
760
826
  <description>OpenSSH running on Ubuntu 11.10</description>
761
827
  <example service.version="5.8p1" openssh.comment="Debian-7ubuntu1">OpenSSH_5.8p1 Debian-7ubuntu1</example>
@@ -771,6 +837,7 @@
771
837
  <param pos="0" name="os.version" value="11.10"/>
772
838
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
773
839
  </fingerprint>
840
+
774
841
  <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
775
842
  <description>OpenSSH running on Ubuntu 12.04</description>
776
843
  <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
@@ -787,6 +854,7 @@
787
854
  <param pos="0" name="os.version" value="12.04"/>
788
855
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
789
856
  </fingerprint>
857
+
790
858
  <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
791
859
  <description>OpenSSH running on Ubuntu 12.10</description>
792
860
  <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
@@ -803,6 +871,7 @@
803
871
  <param pos="0" name="os.version" value="12.10"/>
804
872
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
805
873
  </fingerprint>
874
+
806
875
  <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
807
876
  <description>OpenSSH running on Ubuntu 13.04</description>
808
877
  <example service.version="6.1p1" openssh.comment="Debian-4">OpenSSH_6.1p1 Debian-4</example>
@@ -818,6 +887,7 @@
818
887
  <param pos="0" name="os.version" value="13.04"/>
819
888
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
820
889
  </fingerprint>
890
+
821
891
  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
822
892
  <description>OpenSSH running on Ubuntu 13.10</description>
823
893
  <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
@@ -833,6 +903,7 @@
833
903
  <param pos="0" name="os.version" value="13.10"/>
834
904
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.10"/>
835
905
  </fingerprint>
906
+
836
907
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
837
908
  <description>OpenSSH with HPN patches</description>
838
909
  <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
@@ -845,6 +916,7 @@
845
916
  <param pos="0" name="service.product" value="OpenSSH"/>
846
917
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
847
918
  </fingerprint>
919
+
848
920
  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
849
921
  <description>OpenSSH running on Ubuntu 14.04</description>
850
922
  <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
@@ -861,6 +933,7 @@
861
933
  <param pos="0" name="os.version" value="14.04"/>
862
934
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
863
935
  </fingerprint>
936
+
864
937
  <fingerprint pattern="^OpenSSH_(6\.6\.1p1) (Ubuntu-8)$">
865
938
  <description>OpenSSH running on Ubuntu 14.10</description>
866
939
  <example service.version="6.6.1p1" openssh.comment="Ubuntu-8">OpenSSH_6.6.1p1 Ubuntu-8</example>
@@ -876,6 +949,7 @@
876
949
  <param pos="0" name="os.version" value="14.10"/>
877
950
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
878
951
  </fingerprint>
952
+
879
953
  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
880
954
  <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
881
955
  <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
@@ -891,6 +965,7 @@
891
965
  <param pos="0" name="os.version" value="15.04"/>
892
966
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
893
967
  </fingerprint>
968
+
894
969
  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
895
970
  <description>OpenSSH running on Ubuntu 15.10</description>
896
971
  <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
@@ -906,6 +981,7 @@
906
981
  <param pos="0" name="os.version" value="15.10"/>
907
982
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
908
983
  </fingerprint>
984
+
909
985
  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
910
986
  <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
911
987
  <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
@@ -921,6 +997,7 @@
921
997
  <param pos="0" name="os.version" value="16.04"/>
922
998
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.04"/>
923
999
  </fingerprint>
1000
+
924
1001
  <fingerprint pattern="^OpenSSH_(7\.3p1) (Ubuntu-1)$">
925
1002
  <description>OpenSSH running on Ubuntu 16.10</description>
926
1003
  <example service.version="7.3p1" openssh.comment="Ubuntu-1">OpenSSH_7.3p1 Ubuntu-1</example>
@@ -936,6 +1013,7 @@
936
1013
  <param pos="0" name="os.version" value="16.10"/>
937
1014
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.10"/>
938
1015
  </fingerprint>
1016
+
939
1017
  <fingerprint pattern="^OpenSSH_(7\.4p1) (Ubuntu-10)$">
940
1018
  <description>OpenSSH running on Ubuntu 17.04</description>
941
1019
  <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
@@ -951,6 +1029,7 @@
951
1029
  <param pos="0" name="os.version" value="17.04"/>
952
1030
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
953
1031
  </fingerprint>
1032
+
954
1033
  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
955
1034
  <description>OpenSSH running on Ubuntu 17.10</description>
956
1035
  <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
@@ -966,6 +1045,7 @@
966
1045
  <param pos="0" name="os.version" value="17.10"/>
967
1046
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
968
1047
  </fingerprint>
1048
+
969
1049
  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
970
1050
  <description>OpenSSH running on Ubuntu 18.04</description>
971
1051
  <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
@@ -981,6 +1061,7 @@
981
1061
  <param pos="0" name="os.version" value="18.04"/>
982
1062
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
983
1063
  </fingerprint>
1064
+
984
1065
  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
985
1066
  <description>OpenSSH running on Ubuntu 18.10</description>
986
1067
  <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
@@ -996,6 +1077,7 @@
996
1077
  <param pos="0" name="os.version" value="18.10"/>
997
1078
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.10"/>
998
1079
  </fingerprint>
1080
+
999
1081
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Ubuntu-10)$">
1000
1082
  <description>OpenSSH running on Ubuntu 19.04</description>
1001
1083
  <example service.version="7.9p1" openssh.comment="Ubuntu-10">OpenSSH_7.9p1 Ubuntu-10</example>
@@ -1011,6 +1093,7 @@
1011
1093
  <param pos="0" name="os.version" value="19.04"/>
1012
1094
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.04"/>
1013
1095
  </fingerprint>
1096
+
1014
1097
  <fingerprint pattern="^OpenSSH_(8\.0p1) (Ubuntu-6build1)$">
1015
1098
  <description>OpenSSH running on Ubuntu 19.10</description>
1016
1099
  <example service.version="8.0p1" openssh.comment="Ubuntu-6build1">OpenSSH_8.0p1 Ubuntu-6build1</example>
@@ -1026,6 +1109,7 @@
1026
1109
  <param pos="0" name="os.version" value="19.10"/>
1027
1110
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
1028
1111
  </fingerprint>
1112
+
1029
1113
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1030
1114
  <description>OpenSSH running on Ubuntu (unknown release)</description>
1031
1115
  <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1040,6 +1124,7 @@
1040
1124
  <param pos="0" name="os.product" value="Linux"/>
1041
1125
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1042
1126
  </fingerprint>
1127
+
1043
1128
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
1044
1129
  <description>OpenSSH running on Ubuntu</description>
1045
1130
  <example service.version="7.2p3" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p3 Ubuntu-4ubuntu2.2</example>
@@ -1055,7 +1140,9 @@
1055
1140
  <param pos="0" name="os.certainty" value="0.75"/>
1056
1141
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1057
1142
  </fingerprint>
1143
+
1058
1144
  <!-- Debian -->
1145
+
1059
1146
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
1060
1147
  <description>OpenSSH running on Debian 3.0 (woody)</description>
1061
1148
  <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
@@ -1071,6 +1158,7 @@
1071
1158
  <param pos="0" name="os.version" value="3.0"/>
1072
1159
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
1073
1160
  </fingerprint>
1161
+
1074
1162
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
1075
1163
  <description>OpenSSH running on Debian 3.1 (sarge)</description>
1076
1164
  <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
@@ -1086,6 +1174,7 @@
1086
1174
  <param pos="0" name="os.version" value="3.1"/>
1087
1175
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
1088
1176
  </fingerprint>
1177
+
1089
1178
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-9.*)$">
1090
1179
  <description>OpenSSH running on Debian 4.0 (etch)</description>
1091
1180
  <example service.version="4.3p2" openssh.comment="Debian-9">OpenSSH_4.3p2 Debian-9</example>
@@ -1102,6 +1191,7 @@
1102
1191
  <param pos="0" name="os.version" value="4.0"/>
1103
1192
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
1104
1193
  </fingerprint>
1194
+
1105
1195
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5)$">
1106
1196
  <description>OpenSSH running on Debian 5.0 (also 5.10)</description>
1107
1197
  <example service.version="5.1p1" openssh.comment="Debian-5">OpenSSH_5.1p1 Debian-5</example>
@@ -1117,6 +1207,7 @@
1117
1207
  <param pos="0" name="os.version" value="5.0"/>
1118
1208
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
1119
1209
  </fingerprint>
1210
+
1120
1211
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
1121
1212
  <description>OpenSSH running on Debian 6.0 (squeeze)</description>
1122
1213
  <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
@@ -1134,6 +1225,7 @@
1134
1225
  <param pos="0" name="os.version" value="6.0"/>
1135
1226
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1136
1227
  </fingerprint>
1228
+
1137
1229
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-6)$">
1138
1230
  <description>OpenSSH running on Debian 6.0 (w/o squeeze in banner)</description>
1139
1231
  <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
@@ -1149,7 +1241,9 @@
1149
1241
  <param pos="0" name="os.version" value="6.0"/>
1150
1242
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1151
1243
  </fingerprint>
1244
+
1152
1245
  <!-- More specific than and should preceed the 7.0 match -->
1246
+
1153
1247
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4\+deb7u2)$">
1154
1248
  <description>OpenSSH running on Debian 7.8 (wheezy)</description>
1155
1249
  <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
@@ -1165,6 +1259,7 @@
1165
1259
  <param pos="0" name="os.version" value="7.8"/>
1166
1260
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.8"/>
1167
1261
  </fingerprint>
1262
+
1168
1263
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4(?:\+deb7u\d+)?)$">
1169
1264
  <description>OpenSSH running on Debian 7.x (wheezy)</description>
1170
1265
  <example service.version="6.0p1" openssh.comment="Debian-4">OpenSSH_6.0p1 Debian-4</example>
@@ -1181,6 +1276,7 @@
1181
1276
  <param pos="0" name="os.version" value="7.0"/>
1182
1277
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1183
1278
  </fingerprint>
1279
+
1184
1280
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d~bpo7\d?\+\d+)$">
1185
1281
  <description>OpenSSH backport running on Debian 7.x (wheezy)</description>
1186
1282
  <example service.version="6.6.1p1" openssh.comment="Debian-4~bpo70+1">OpenSSH_6.6.1p1 Debian-4~bpo70+1</example>
@@ -1197,6 +1293,7 @@
1197
1293
  <param pos="0" name="os.version" value="7.0"/>
1198
1294
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1199
1295
  </fingerprint>
1296
+
1200
1297
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-5\+deb8u\d+.*)$">
1201
1298
  <description>OpenSSH running on Debian 8.x (jessie)</description>
1202
1299
  <example service.version="6.7p1" openssh.comment="Debian-5+deb8u2">OpenSSH_6.7p1 Debian-5+deb8u2</example>
@@ -1214,6 +1311,7 @@
1214
1311
  <param pos="0" name="os.version" value="8.0"/>
1215
1312
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
1216
1313
  </fingerprint>
1314
+
1217
1315
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d\d?\+deb9u\d+)$">
1218
1316
  <description>OpenSSH running on Debian 9.x (stretch)</description>
1219
1317
  <example service.version="7.4p1" openssh.comment="Debian-10+deb9u1">OpenSSH_7.4p1 Debian-10+deb9u1</example>
@@ -1230,6 +1328,7 @@
1230
1328
  <param pos="0" name="os.version" value="9.0"/>
1231
1329
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
1232
1330
  </fingerprint>
1331
+
1233
1332
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1234
1333
  <description>OpenSSH running on Debian 10.x (buster)</description>
1235
1334
  <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
@@ -1246,6 +1345,7 @@
1246
1345
  <param pos="0" name="os.version" value="10.0"/>
1247
1346
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
1248
1347
  </fingerprint>
1348
+
1249
1349
  <fingerprint pattern="^OpenSSH_(8\.1p1) (Debian-1|Debian-\d\d?\+deb11u\d+)$">
1250
1350
  <description>OpenSSH running on Debian 11.x (bullseye)</description>
1251
1351
  <example service.version="8.1p1" openssh.comment="Debian-1">OpenSSH_8.1p1 Debian-1</example>
@@ -1262,6 +1362,7 @@
1262
1362
  <param pos="0" name="os.version" value="11.0"/>
1263
1363
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:11.0"/>
1264
1364
  </fingerprint>
1365
+
1265
1366
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
1266
1367
  <description>OpenSSH running on Debian (unknown release)</description>
1267
1368
  <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
@@ -1278,7 +1379,9 @@
1278
1379
  <param pos="0" name="os.product" value="Linux"/>
1279
1380
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
1280
1381
  </fingerprint>
1382
+
1281
1383
  <!-- Raspbian -->
1384
+
1282
1385
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
1283
1386
  <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
1284
1387
  <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
@@ -1295,6 +1398,7 @@
1295
1398
  <param pos="0" name="os.version" value="8.0"/>
1296
1399
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1297
1400
  </fingerprint>
1401
+
1298
1402
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
1299
1403
  <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
1300
1404
  <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
@@ -1311,6 +1415,7 @@
1311
1415
  <param pos="0" name="os.version" value="9.0"/>
1312
1416
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1313
1417
  </fingerprint>
1418
+
1314
1419
  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
1315
1420
  <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
1316
1421
  <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
@@ -1327,6 +1432,7 @@
1327
1432
  <param pos="0" name="os.version" value="10.0"/>
1328
1433
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1329
1434
  </fingerprint>
1435
+
1330
1436
  <fingerprint pattern="^OpenSSH_(8\.1p1)\s+(Raspbian-(?:1|\d\d?\+deb11u\d+))$">
1331
1437
  <description>OpenSSH running on Raspbian (Debian 11 "Bullseye" based)</description>
1332
1438
  <example service.version="8.1p1" openssh.comment="Raspbian-1">OpenSSH_8.1p1 Raspbian-1</example>
@@ -1343,6 +1449,7 @@
1343
1449
  <param pos="0" name="os.version" value="11.0"/>
1344
1450
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1345
1451
  </fingerprint>
1452
+
1346
1453
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?)$">
1347
1454
  <description>OpenSSH running on Raspbian (Debian, unknown release)</description>
1348
1455
  <example service.version="7.5p1" openssh.comment="Raspbian-10">OpenSSH_7.5p1 Raspbian-10</example>
@@ -1358,7 +1465,9 @@
1358
1465
  <param pos="0" name="os.product" value="Linux"/>
1359
1466
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1360
1467
  </fingerprint>
1468
+
1361
1469
  <!-- Miscellaneous -->
1470
+
1362
1471
  <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
1363
1472
  <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
1364
1473
  <example service.version="3.4p1" openssh.cvepatch="CAN-2004-0175">OpenSSH_3.4p1+CAN-2004-0175</example>
@@ -1373,6 +1482,7 @@
1373
1482
  <param pos="0" name="os.product" value="Mac OS X"/>
1374
1483
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:-"/>
1375
1484
  </fingerprint>
1485
+
1376
1486
  <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
1377
1487
  <description>OpenSSH on MikroTik</description>
1378
1488
  <example service.version="2.3.0" os.version="2.9">OpenSSH_2.3.0_Mikrotik_v2.9</example>
@@ -1388,6 +1498,7 @@
1388
1498
  <param pos="0" name="os.product" value="RouterOS"/>
1389
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
1390
1500
  </fingerprint>
1501
+
1391
1502
  <fingerprint pattern="^OpenSSH_(.*)-HipServ$">
1392
1503
  <description>OpenSSH on HipServ</description>
1393
1504
  <example service.version="4.3">OpenSSH_4.3-HipServ</example>
@@ -1401,6 +1512,7 @@
1401
1512
  <param pos="0" name="os.family" value="Linux"/>
1402
1513
  <param pos="0" name="os.product" value="HipServ"/>
1403
1514
  </fingerprint>
1515
+
1404
1516
  <fingerprint pattern="^OpenSSH_for_Windows_([\d.]+)$">
1405
1517
  <description>OpenSSH running on Windows</description>
1406
1518
  <example service.version="7.7">OpenSSH_for_Windows_7.7</example>
@@ -1414,6 +1526,7 @@
1414
1526
  <param pos="0" name="os.product" value="Windows"/>
1415
1527
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1416
1528
  </fingerprint>
1529
+
1417
1530
  <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (?:.*)$">
1418
1531
  <description>DesktopAuthority SSH</description>
1419
1532
  <example service.version="3.8">OpenSSH_3.8 in DesktopAuthority 7.1.091</example>
@@ -1427,6 +1540,7 @@
1427
1540
  <param pos="0" name="os.product" value="Windows"/>
1428
1541
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1429
1542
  </fingerprint>
1543
+
1430
1544
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) ((?:PKIX\s+)?FIPS)$">
1431
1545
  <description>OpenSSH with a version and FIPS mode enabled</description>
1432
1546
  <example service.version="5.9" openssh.comment="FIPS">OpenSSH_5.9 FIPS</example>
@@ -1439,6 +1553,7 @@
1439
1553
  <param pos="0" name="service.product" value="OpenSSH"/>
1440
1554
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1441
1555
  </fingerprint>
1556
+
1442
1557
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) *$">
1443
1558
  <description>OpenSSH with just a version, no comment by vendor</description>
1444
1559
  <example service.version="5.9p1">OpenSSH_5.9p1</example>
@@ -1451,6 +1566,7 @@
1451
1566
  <param pos="0" name="service.product" value="OpenSSH"/>
1452
1567
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1453
1568
  </fingerprint>
1569
+
1454
1570
  <fingerprint pattern="^OpenSSH$">
1455
1571
  <description>OpenSSH w/o version or comment</description>
1456
1572
  <example>OpenSSH</example>
@@ -1459,7 +1575,9 @@
1459
1575
  <param pos="0" name="service.product" value="OpenSSH"/>
1460
1576
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:-"/>
1461
1577
  </fingerprint>
1578
+
1462
1579
  <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
1580
+
1463
1581
  <!--<fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
1464
1582
  <description>Catch all for OpenSSH based SSH servers
1465
1583
  ******************** NOTE ********************
@@ -1472,8 +1590,12 @@
1472
1590
  <param pos="0" name="service.vendor" value="OpenBSD"/>
1473
1591
  <param pos="0" name="service.family" value="OpenSSH"/>
1474
1592
  <param pos="0" name="service.product" value="OpenSSH"/>
1475
- </fingerprint>-->
1593
+ </fingerprint>
1594
+
1595
+ -->
1596
+
1476
1597
  <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
1598
+
1477
1599
  <fingerprint pattern="^Cisco-(.*)$">
1478
1600
  <description>Cisco SSH banner (could be IOS or PIX), The version always seems to be 1.25</description>
1479
1601
  <example service.version="1.25">Cisco-1.25</example>
@@ -1485,6 +1607,7 @@
1485
1607
  <param pos="0" name="os.certainty" value="0.8"/>
1486
1608
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
1487
1609
  </fingerprint>
1610
+
1488
1611
  <fingerprint pattern="^CISCO_WLC$">
1489
1612
  <description>SSH banner from a Cisco WLC (WLC)</description>
1490
1613
  <example>CISCO_WLC</example>
@@ -1494,6 +1617,7 @@
1494
1617
  <param pos="0" name="os.product" value="Wireless LAN Controller"/>
1495
1618
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
1496
1619
  </fingerprint>
1620
+
1497
1621
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
1498
1622
  <description>Cleo networks Harmony, VLProxy, VLTrader, others</description>
1499
1623
  <example service.product="Harmony" service.version="5.5.0.3">Cleo Harmony/5.5.0.3 SSH FTP server</example>
@@ -1502,6 +1626,7 @@
1502
1626
  <param pos="1" name="service.product"/>
1503
1627
  <param pos="2" name="service.version"/>
1504
1628
  </fingerprint>
1629
+
1505
1630
  <fingerprint pattern="^Sun_SSH_(.*)$">
1506
1631
  <description>Sun SSH banner</description>
1507
1632
  <example service.version="1.1">Sun_SSH_1.1</example>
@@ -1513,6 +1638,7 @@
1513
1638
  <param pos="0" name="os.product" value="Solaris"/>
1514
1639
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
1515
1640
  </fingerprint>
1641
+
1516
1642
  <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
1517
1643
  <description>Netscreen with version</description>
1518
1644
  <param pos="1" name="service.version"/>
@@ -1525,6 +1651,7 @@
1525
1651
  <param pos="0" name="os.product" value="ScreenOS"/>
1526
1652
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1527
1653
  </fingerprint>
1654
+
1528
1655
  <fingerprint pattern="^NetScreen$">
1529
1656
  <description>Netscreen generic</description>
1530
1657
  <example>NetScreen</example>
@@ -1537,11 +1664,13 @@
1537
1664
  <param pos="0" name="os.product" value="ScreenOS"/>
1538
1665
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1539
1666
  </fingerprint>
1667
+
1540
1668
  <fingerprint pattern="^HUAWEI-(?:[\d\.]+)$">
1541
1669
  <description>Huawei generic</description>
1542
1670
  <example>HUAWEI-1.5</example>
1543
1671
  <param pos="0" name="hw.vendor" value="Huawei"/>
1544
1672
  </fingerprint>
1673
+
1545
1674
  <fingerprint pattern="^HUAWEI-UMG(\d+)">
1546
1675
  <description>Huawei Universal Media Gateway</description>
1547
1676
  <example hw.model="8900">HUAWEI-UMG8900</example>
@@ -1550,6 +1679,7 @@
1550
1679
  <param pos="0" name="hw.device" value="Telecom"/>
1551
1680
  <param pos="1" name="hw.model"/>
1552
1681
  </fingerprint>
1682
+
1553
1683
  <fingerprint pattern="^HUAWEI.VRP.([\d\.]+)$">
1554
1684
  <description>Huawei Versatile Routing Platform (VRP)</description>
1555
1685
  <example os.version="3.10" service.version="3.10">HUAWEI-VRP-3.10</example>
@@ -1564,6 +1694,7 @@
1564
1694
  <param pos="0" name="os.product" value="VRP"/>
1565
1695
  <param pos="1" name="os.version"/>
1566
1696
  </fingerprint>
1697
+
1567
1698
  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
1568
1699
  <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
1569
1700
  <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
@@ -1581,6 +1712,7 @@
1581
1712
  <param pos="0" name="os.product" value="Windows"/>
1582
1713
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1583
1714
  </fingerprint>
1715
+
1584
1716
  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
1585
1717
  <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
1586
1718
  <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
@@ -1597,6 +1729,7 @@
1597
1729
  <param pos="0" name="os.product" value="Windows"/>
1598
1730
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1599
1731
  </fingerprint>
1732
+
1600
1733
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
1601
1734
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
1602
1735
  <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
@@ -1615,6 +1748,7 @@
1615
1748
  <param pos="0" name="os.product" value="Windows"/>
1616
1749
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1617
1750
  </fingerprint>
1751
+
1618
1752
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
1619
1753
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
1620
1754
  <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
@@ -1631,6 +1765,7 @@
1631
1765
  <param pos="0" name="os.product" value="Windows"/>
1632
1766
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1633
1767
  </fingerprint>
1768
+
1634
1769
  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
1635
1770
  <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
1636
1771
  <param pos="1" name="service.component.version"/>
@@ -1646,6 +1781,7 @@
1646
1781
  <param pos="0" name="os.product" value="Windows"/>
1647
1782
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1648
1783
  </fingerprint>
1784
+
1649
1785
  <fingerprint pattern="^paramiko_([\d\.]+).*$">
1650
1786
  <description>Paramiko</description>
1651
1787
  <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
@@ -1655,6 +1791,7 @@
1655
1791
  <param pos="1" name="service.version"/>
1656
1792
  <param pos="0" name="service.cpe23" value="cpe:/a:paramiko:paramiko:{service.version}"/>
1657
1793
  </fingerprint>
1794
+
1658
1795
  <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
1659
1796
  <description>Pragma SecureShell</description>
1660
1797
  <param pos="1" name="service.version"/>
@@ -1666,6 +1803,7 @@
1666
1803
  <param pos="0" name="os.product" value="Windows"/>
1667
1804
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1668
1805
  </fingerprint>
1806
+
1669
1807
  <fingerprint pattern="^Pragma FortressSSH\s+([\d.]+)(?:\s+\[([\d.:]+)\])?$">
1670
1808
  <description>Pragma FortressSSH</description>
1671
1809
  <example service.version="5.0.9.2031">Pragma FortressSSH 5.0.9.2031</example>
@@ -1680,6 +1818,7 @@
1680
1818
  <param pos="0" name="os.product" value="Windows"/>
1681
1819
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1682
1820
  </fingerprint>
1821
+
1683
1822
  <fingerprint pattern="^RebexSSH_([\d\.]+)$">
1684
1823
  <description>Rbex SSH</description>
1685
1824
  <example service.version="1.0.5.25508">RebexSSH_1.0.5.25508</example>
@@ -1687,12 +1826,14 @@
1687
1826
  <param pos="0" name="service.product" value="SSH"/>
1688
1827
  <param pos="1" name="service.version"/>
1689
1828
  </fingerprint>
1829
+
1690
1830
  <fingerprint pattern="^RGOS_\S+$">
1691
1831
  <description>Ruijie Networks SSH</description>
1692
1832
  <example>RGOS_SSH_1.0</example>
1693
1833
  <example>RGOS_PK3223</example>
1694
1834
  <param pos="0" name="hw.vendor" value="Ruijie"/>
1695
1835
  </fingerprint>
1836
+
1696
1837
  <fingerprint pattern="^VShell_(?:Special_Edition_)?(\d+)_(\d+)_(\d+)_(\d+) VShell$">
1697
1838
  <description>VanDyke VShell - detailed variant</description>
1698
1839
  <example service.version="3" service.version.version="6" service.version.version.version="2" service.version.version.version.version="446">VShell_3_6_2_446 VShell</example>
@@ -1706,6 +1847,7 @@
1706
1847
  <param pos="0" name="service.product" value="VShell"/>
1707
1848
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1708
1849
  </fingerprint>
1850
+
1709
1851
  <fingerprint pattern="^([\s]*)\s*VShell$">
1710
1852
  <description>VanDyke VShell</description>
1711
1853
  <param pos="1" name="service.version"/>
@@ -1714,6 +1856,7 @@
1714
1856
  <param pos="0" name="service.product" value="VShell"/>
1715
1857
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1716
1858
  </fingerprint>
1859
+
1717
1860
  <fingerprint pattern="^WRQReflection(?i:F)orSecureIT_(.*)$">
1718
1861
  <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)</description>
1719
1862
  <example service.version="6.1 Build 21">WRQReflectionForSecureIT_6.1 Build 21</example>
@@ -1723,6 +1866,7 @@
1723
1866
  <param pos="0" name="service.family" value="Reflection"/>
1724
1867
  <param pos="0" name="service.product" value="Reflection"/>
1725
1868
  </fingerprint>
1869
+
1726
1870
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
1727
1871
  <description>Attachmate Reflection (formerly F-Secure SSH)</description>
1728
1872
  <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
@@ -1731,6 +1875,7 @@
1731
1875
  <param pos="0" name="service.family" value="Reflection"/>
1732
1876
  <param pos="0" name="service.product" value="Reflection"/>
1733
1877
  </fingerprint>
1878
+
1734
1879
  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
1735
1880
  <description>SSH Communications Security Tectia Server - branded</description>
1736
1881
  <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
@@ -1739,6 +1884,7 @@
1739
1884
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1740
1885
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1741
1886
  </fingerprint>
1887
+
1742
1888
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
1743
1889
  <description>SSH Communications Security Tectia Server</description>
1744
1890
  <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
@@ -1749,6 +1895,7 @@
1749
1895
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1750
1896
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1751
1897
  </fingerprint>
1898
+
1752
1899
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
1753
1900
  <description>Unknown Windows SSH server</description>
1754
1901
  <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
@@ -1761,6 +1908,7 @@
1761
1908
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1762
1909
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1763
1910
  </fingerprint>
1911
+
1764
1912
  <fingerprint pattern="^ARRIS_(.*)$">
1765
1913
  <description>ARRIS device (though not clear which) - www.arrisi.com</description>
1766
1914
  <example service.version="0.50">ARRIS_0.50</example>
@@ -1769,6 +1917,7 @@
1769
1917
  <param pos="0" name="service.product" value="ARRIS"/>
1770
1918
  <param pos="0" name="os.vendor" value="ARRIS"/>
1771
1919
  </fingerprint>
1920
+
1772
1921
  <fingerprint pattern="^Mocana SSH\s?(?:([\d.]+))?$">
1773
1922
  <description>Mocana Embedded SSH</description>
1774
1923
  <example service.version="5.3.1">Mocana SSH 5.3.1</example>
@@ -1778,6 +1927,7 @@
1778
1927
  <param pos="0" name="service.family" value="Embedded SSH Server"/>
1779
1928
  <param pos="0" name="service.product" value="Embedded SSH Server"/>
1780
1929
  </fingerprint>
1930
+
1781
1931
  <fingerprint pattern="^FreSSH\.(.*)$">
1782
1932
  <description>FreSSH</description>
1783
1933
  <example service.version="0.8">FreSSH.0.8</example>
@@ -1785,6 +1935,7 @@
1785
1935
  <param pos="0" name="service.family" value="FreSSH"/>
1786
1936
  <param pos="0" name="service.product" value="FreSSH"/>
1787
1937
  </fingerprint>
1938
+
1788
1939
  <fingerprint pattern="^RomCliSecure_(.*)$">
1789
1940
  <description>RomCliSecure appears to be the Adtran NetVanta products</description>
1790
1941
  <example service.version="4.12">RomCliSecure_4.12</example>
@@ -1796,6 +1947,7 @@
1796
1947
  <param pos="0" name="os.family" value="NetVanta"/>
1797
1948
  <param pos="0" name="os.product" value="NetVanta"/>
1798
1949
  </fingerprint>
1950
+
1799
1951
  <fingerprint pattern="^.*MultiNet.*$">
1800
1952
  <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
1801
1953
  <param pos="0" name="service.vendor" value="Process Software"/>
@@ -1806,12 +1958,14 @@
1806
1958
  <param pos="0" name="os.product" value="OpenVMS"/>
1807
1959
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1808
1960
  </fingerprint>
1961
+
1809
1962
  <fingerprint pattern="^dropbear$">
1810
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1811
1964
  <example>dropbear</example>
1812
1965
  <param pos="0" name="service.family" value="Dropbear"/>
1813
1966
  <param pos="0" name="service.product" value="Dropbear"/>
1814
1967
  </fingerprint>
1968
+
1815
1969
  <fingerprint pattern="^dropbear_(.*)$">
1816
1970
  <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1817
1971
  <example service.version="2015.67">dropbear_2015.67</example>
@@ -1820,6 +1974,7 @@
1820
1974
  <param pos="0" name="service.family" value="Dropbear"/>
1821
1975
  <param pos="0" name="service.product" value="Dropbear"/>
1822
1976
  </fingerprint>
1977
+
1823
1978
  <fingerprint pattern="^lancom$">
1824
1979
  <description>LANCOM Systems - http://www.lancom-systems.de/</description>
1825
1980
  <example>lancom</example>
@@ -1828,6 +1983,7 @@
1828
1983
  <param pos="0" name="service.product" value="SSH"/>
1829
1984
  <param pos="0" name="os.vendor" value="LANCOM Systems"/>
1830
1985
  </fingerprint>
1986
+
1831
1987
  <fingerprint pattern="^0$">
1832
1988
  <description>MOVEit DMZ</description>
1833
1989
  <example>0</example>
@@ -1839,6 +1995,7 @@
1839
1995
  <param pos="0" name="os.product" value="Windows"/>
1840
1996
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1841
1997
  </fingerprint>
1998
+
1842
1999
  <fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
1843
2000
  <description>SSH on H3C Comware</description>
1844
2001
  <example os.version="5.20.105">Comware-5.20.105</example>
@@ -1851,6 +2008,7 @@
1851
2008
  <param pos="0" name="os.family" value="Comware"/>
1852
2009
  <param pos="1" name="os.version"/>
1853
2010
  </fingerprint>
2011
+
1854
2012
  <fingerprint pattern="^Data ONTAP SSH [\d\.]+$">
1855
2013
  <description>SSH NetApp appliances</description>
1856
2014
  <example>Data ONTAP SSH 1.0</example>
@@ -1859,12 +2017,13 @@
1859
2017
  <param pos="0" name="os.product" value="Data ONTAP"/>
1860
2018
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1861
2019
  </fingerprint>
2020
+
1862
2021
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
1863
2022
  <description>SSH for OpenVMS</description>
1864
2023
  <example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
1865
2024
  <example service.component.version="2.4.1">2.4.1 SSH Secure Shell OpenVMS V1.0</example>
1866
2025
  <param pos="1" name="service.component.version"/>
1867
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2026
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1868
2027
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1869
2028
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1870
2029
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1876,12 +2035,13 @@
1876
2035
  <param pos="0" name="os.certainty" value="0.75"/>
1877
2036
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1878
2037
  </fingerprint>
2038
+
1879
2039
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
1880
2040
  <description>SSH for OpenVMS sftp</description>
1881
2041
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
1882
2042
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
1883
2043
  <param pos="1" name="service.component.version"/>
1884
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2044
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1885
2045
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1886
2046
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1887
2047
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1892,6 +2052,7 @@
1892
2052
  <param pos="0" name="os.family" value="OpenVMS"/>
1893
2053
  <param pos="0" name="os.certainty" value="0.75"/>
1894
2054
  </fingerprint>
2055
+
1895
2056
  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
1896
2057
  <description>Digital/Compaq/HP Tru64 Unix</description>
1897
2058
  <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
@@ -1900,6 +2061,7 @@
1900
2061
  <param pos="0" name="os.product" value="Tru64 Unix"/>
1901
2062
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
1902
2063
  </fingerprint>
2064
+
1903
2065
  <fingerprint pattern="^ROSSSH$">
1904
2066
  <description>MikroTik RouterOS sshd</description>
1905
2067
  <example>ROSSSH</example>
@@ -1909,9 +2071,11 @@
1909
2071
  <param pos="0" name="os.product" value="RouterOS"/>
1910
2072
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
1911
2073
  </fingerprint>
2074
+
1912
2075
  <!-- xlightftpd is an ftp server that also supports SFTP. The SFTP
1913
2076
  server appears in ssh studies, thus this banner is here, and
1914
2077
  not in ftp_banners.xml-->
2078
+
1915
2079
  <fingerprint pattern="^xlightftpd_release_([\d.]+)$">
1916
2080
  <description>Xlight FTP Server</description>
1917
2081
  <example service.version="3.8.3.6.1">xlightftpd_release_3.8.3.6.1</example>
@@ -1924,6 +2088,7 @@
1924
2088
  <param pos="0" name="os.product" value="Windows"/>
1925
2089
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1926
2090
  </fingerprint>
2091
+
1927
2092
  <fingerprint pattern="^libssh[-_]([\d.]+)$">
1928
2093
  <description>SSH server utilising libssh</description>
1929
2094
  <example service.version="0.6.0">libssh-0.6.0</example>
@@ -1934,6 +2099,7 @@
1934
2099
  <param pos="0" name="service.vendor" value="libssh"/>
1935
2100
  <param pos="0" name="service.cpe23" value="cpe:/a:libssh:libssh:{service.version}"/>
1936
2101
  </fingerprint>
2102
+
1937
2103
  <fingerprint pattern="^WeOnlyDo ([\d.]+)$">
1938
2104
  <description>WeOnlyDo with version</description>
1939
2105
  <example service.version="1.2.7">WeOnlyDo 1.2.7</example>
@@ -1944,6 +2110,7 @@
1944
2110
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1945
2111
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1946
2112
  </fingerprint>
2113
+
1947
2114
  <fingerprint pattern="^WeOnlyDo ([\d.]+) \(FIPS\)$">
1948
2115
  <description>WeOnlyDo with version with FIPS mode enabled</description>
1949
2116
  <example service.version="2.2.9">WeOnlyDo 2.2.9 (FIPS)</example>
@@ -1953,6 +2120,7 @@
1953
2120
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1954
2121
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1955
2122
  </fingerprint>
2123
+
1956
2124
  <!--
1957
2125
  1.2.22j4rad
1958
2126
  2.40
@@ -1961,8 +2129,10 @@ Server-VII
1961
2129
  9.9.1
1962
2130
  IPSSH-1.10.0
1963
2131
  -->
2132
+
1964
2133
  <!--
1965
2134
  Possibly Nortel Passport
1966
2135
  SSH_2.1.1
1967
2136
  -->
1968
- </fingerprints>
2137
+
2138
+ </fingerprints>