recog 2.3.8 → 2.3.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (67) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +6 -0
  3. data/CONTRIBUTING.md +136 -37
  4. data/README.md +18 -16
  5. data/bin/recog_cleanup +16 -0
  6. data/bin/recog_standardize +30 -6
  7. data/identifiers/README.md +9 -0
  8. data/identifiers/hw_device.txt +77 -0
  9. data/identifiers/hw_family.txt +96 -0
  10. data/identifiers/hw_product.txt +328 -0
  11. data/identifiers/os_architecture.txt +6 -6
  12. data/identifiers/os_device.txt +45 -3
  13. data/identifiers/os_family.txt +206 -41
  14. data/identifiers/os_product.txt +238 -17
  15. data/identifiers/service_family.txt +144 -57
  16. data/identifiers/service_product.txt +384 -83
  17. data/identifiers/vendor.txt +553 -68
  18. data/lib/recog/version.rb +1 -1
  19. data/requirements.txt +1 -1
  20. data/xml/apache_modules.xml +292 -5
  21. data/xml/apache_os.xml +41 -2
  22. data/xml/architecture.xml +11 -3
  23. data/xml/dns_versionbind.xml +76 -8
  24. data/xml/favicons.xml +1700 -0
  25. data/xml/ftp_banners.xml +178 -8
  26. data/xml/h323_callresp.xml +112 -12
  27. data/xml/hp_pjl_id.xml +47 -5
  28. data/xml/html_title.xml +1258 -25
  29. data/xml/http_cookies.xml +64 -9
  30. data/xml/http_servers.xml +667 -37
  31. data/xml/http_wwwauth.xml +141 -26
  32. data/xml/imap_banners.xml +19 -13
  33. data/xml/ldap_searchresult.xml +81 -9
  34. data/xml/mdns_device-info_txt.xml +175 -2
  35. data/xml/mdns_workstation_txt.xml +4 -2
  36. data/xml/mysql_banners.xml +134 -7
  37. data/xml/mysql_error.xml +113 -6
  38. data/xml/nntp_banners.xml +10 -2
  39. data/xml/ntp_banners.xml +80 -4
  40. data/xml/operating_system.xml +89 -3
  41. data/xml/pop_banners.xml +30 -31
  42. data/xml/rsh_resp.xml +11 -2
  43. data/xml/rtsp_servers.xml +22 -2
  44. data/xml/sip_banners.xml +35 -4
  45. data/xml/sip_user_agents.xml +29 -2
  46. data/xml/smb_native_lm.xml +10 -2
  47. data/xml/smb_native_os.xml +79 -2
  48. data/xml/smtp_banners.xml +146 -7
  49. data/xml/smtp_debug.xml +6 -4
  50. data/xml/smtp_ehlo.xml +7 -5
  51. data/xml/smtp_expn.xml +13 -4
  52. data/xml/smtp_help.xml +23 -4
  53. data/xml/smtp_mailfrom.xml +5 -2
  54. data/xml/smtp_noop.xml +6 -5
  55. data/xml/smtp_quit.xml +5 -4
  56. data/xml/smtp_rcptto.xml +5 -2
  57. data/xml/smtp_rset.xml +4 -4
  58. data/xml/smtp_turn.xml +4 -4
  59. data/xml/smtp_vrfy.xml +14 -4
  60. data/xml/snmp_sysdescr.xml +731 -24
  61. data/xml/snmp_sysobjid.xml +47 -2
  62. data/xml/ssh_banners.xml +175 -5
  63. data/xml/telnet_banners.xml +266 -15
  64. data/xml/x11_banners.xml +26 -3
  65. data/xml/x509_issuers.xml +30 -6
  66. data/xml/x509_subjects.xml +200 -31
  67. metadata +8 -2
@@ -1,15 +1,18 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="snmp.sys_object_id" protocol="snmp" database_type="service">
3
3
  <!--
4
4
  SNMP fingerprint definitions for SysObjectIDs. These are matched against the value of the
5
5
  'sysObjectID' (OID 1.3.6.1.2.1.1.2) variable.
6
6
  -->
7
+
7
8
  <!--======================================================================
8
9
  MICROSOFT
9
10
  =======================================================================-->
11
+
10
12
  <!--
11
13
  These are baseline patterns that map to sysObjectID with their associated sysDescr.
12
14
  -->
15
+
13
16
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.[23] Hardware: x86.*Software: Windows NT Version 4\.0.*$">
14
17
  <description>Windows NT 4 on x86</description>
15
18
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 6 Model 8 Stepping 3 AT/AT COMPATIBLE - Software: Windows NT Version 4.0 (Build Number: 1381 Uniprocessor Free )</example>
@@ -21,6 +24,7 @@
21
24
  <param pos="0" name="os.arch" value="x86"/>
22
25
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_nt:4.0"/>
23
26
  </fingerprint>
27
+
24
28
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
25
29
  <description>Windows 2000 on x86</description>
26
30
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -30,6 +34,7 @@
30
34
  <param pos="0" name="os.arch" value="x86"/>
31
35
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
32
36
  </fingerprint>
37
+
33
38
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows 2000 Version 5\.0.*$">
34
39
  <description>Windows 2000 Datacenter on x86</description>
35
40
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 8 AT/AT COMPATIBLE - Software: Windows 2000 Version 5.0 (Build 2195 Uniprocessor Free)</example>
@@ -39,6 +44,7 @@
39
44
  <param pos="0" name="os.arch" value="x86"/>
40
45
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_2000:-"/>
41
46
  </fingerprint>
47
+
42
48
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 5\.2.*$">
43
49
  <description>Windows Server 2003 on x86</description>
44
50
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -48,6 +54,7 @@
48
54
  <param pos="0" name="os.arch" value="x86"/>
49
55
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
50
56
  </fingerprint>
57
+
51
58
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 5\.2.*$">
52
59
  <description>Windows Server 2003 Datacenter on x86</description>
53
60
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -57,6 +64,7 @@
57
64
  <param pos="0" name="os.arch" value="x86"/>
58
65
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
59
66
  </fingerprint>
67
+
60
68
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
61
69
  <description>Windows Server 2003 on x86_64</description>
62
70
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -67,6 +75,7 @@
67
75
  <param pos="0" name="os.arch" value="x86_64"/>
68
76
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
69
77
  </fingerprint>
78
+
70
79
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 5\.2.*$">
71
80
  <description>Windows Server 2003 Datacenter on x86_64</description>
72
81
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 15 Model 4 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 5.2 (Build 3790 Multiprocessor Free)</example>
@@ -77,6 +86,7 @@
77
86
  <param pos="0" name="os.arch" value="x86_64"/>
78
87
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
79
88
  </fingerprint>
89
+
80
90
  <fingerprint pattern="^Microsoft Windows CE Version ([\d.]+).*$">
81
91
  <description>Windows CE</description>
82
92
  <example>Microsoft Windows CE Version 4.20 (Build 0)</example>
@@ -87,6 +97,7 @@
87
97
  <param pos="1" name="os.version"/>
88
98
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_ce:{os.version}"/>
89
99
  </fingerprint>
100
+
90
101
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
91
102
  <description>Windows Server 2008 on x86</description>
92
103
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -96,6 +107,7 @@
96
107
  <param pos="0" name="os.arch" value="x86"/>
97
108
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
98
109
  </fingerprint>
110
+
99
111
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6001.*$">
100
112
  <description>Windows Server 2008 Datacenter on x86</description>
101
113
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -105,6 +117,7 @@
105
117
  <param pos="0" name="os.arch" value="x86"/>
106
118
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
107
119
  </fingerprint>
120
+
108
121
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
109
122
  <description>Windows Server 2008 on x86_64</description>
110
123
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -115,6 +128,7 @@
115
128
  <param pos="0" name="os.arch" value="x86_64"/>
116
129
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
117
130
  </fingerprint>
131
+
118
132
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6001.*$">
119
133
  <description>Windows Server 2008 Datacenter on x86_64</description>
120
134
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6001 Multiprocessor Free)</example>
@@ -125,6 +139,7 @@
125
139
  <param pos="0" name="os.arch" value="x86_64"/>
126
140
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
127
141
  </fingerprint>
142
+
128
143
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
129
144
  <description>Windows Server 2008 SP2 on x86</description>
130
145
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -135,6 +150,7 @@
135
150
  <param pos="0" name="os.arch" value="x86"/>
136
151
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
137
152
  </fingerprint>
153
+
138
154
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.0 \(Build 6002.*$">
139
155
  <description>Windows Server 2008 Datacenter SP2 on x86</description>
140
156
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -145,6 +161,7 @@
145
161
  <param pos="0" name="os.arch" value="x86"/>
146
162
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
147
163
  </fingerprint>
164
+
148
165
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
149
166
  <description>Windows Server 2008 SP2 on x86_64</description>
150
167
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -156,6 +173,7 @@
156
173
  <param pos="0" name="os.arch" value="x86_64"/>
157
174
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
158
175
  </fingerprint>
176
+
159
177
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.0 \(Build 6002.*$">
160
178
  <description>Windows Server 2008 Datacenter SP2 on x86_64</description>
161
179
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.0 (Build 6002 Multiprocessor Free)</example>
@@ -167,6 +185,7 @@
167
185
  <param pos="0" name="os.arch" value="x86_64"/>
168
186
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP2"/>
169
187
  </fingerprint>
188
+
170
189
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
171
190
  <description>Windows Server 2008 R2 on x86</description>
172
191
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -176,6 +195,7 @@
176
195
  <param pos="0" name="os.arch" value="x86"/>
177
196
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
178
197
  </fingerprint>
198
+
179
199
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7600.*$">
180
200
  <description>Windows Server 2008 Datacenter R2 on x86</description>
181
201
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -185,6 +205,7 @@
185
205
  <param pos="0" name="os.arch" value="x86"/>
186
206
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
187
207
  </fingerprint>
208
+
188
209
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
189
210
  <description>Windows Server 2008 R2 on x86_64</description>
190
211
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -195,6 +216,7 @@
195
216
  <param pos="0" name="os.arch" value="x86_64"/>
196
217
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
197
218
  </fingerprint>
219
+
198
220
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7600.*$">
199
221
  <description>Windows Server 2008 Datacenter R2 on x86_64</description>
200
222
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7600 Multiprocessor Free)</example>
@@ -205,6 +227,7 @@
205
227
  <param pos="0" name="os.arch" value="x86_64"/>
206
228
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
207
229
  </fingerprint>
230
+
208
231
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
209
232
  <description>Windows Server 2008 R2 SP1 on x86</description>
210
233
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -215,6 +238,7 @@
215
238
  <param pos="0" name="os.arch" value="x86"/>
216
239
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
217
240
  </fingerprint>
241
+
218
242
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: x86.*Software: Windows Version 6\.1 \(Build 7601.*$">
219
243
  <description>Windows Server 2008 Datacenter R2 SP1 on x86</description>
220
244
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: x86 Family 15 Model 2 Stepping 5 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -225,6 +249,7 @@
225
249
  <param pos="0" name="os.arch" value="x86"/>
226
250
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
227
251
  </fingerprint>
252
+
228
253
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
229
254
  <description>Windows Server 2008 R2 SP1 on x86_64</description>
230
255
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -236,6 +261,7 @@
236
261
  <param pos="0" name="os.arch" value="x86_64"/>
237
262
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
238
263
  </fingerprint>
264
+
239
265
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.3 Hardware: \S+64.*Software: Windows Version 6\.1 \(Build 7601.*$">
240
266
  <description>Windows Server 2008 Datacenter R2 SP1 on x86_64</description>
241
267
  <example>1.3.6.1.4.1.311.1.1.3.1.3 Hardware: AMD64 Family 16 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.1 (Build 7601 Multiprocessor Free)</example>
@@ -247,6 +273,7 @@
247
273
  <param pos="0" name="os.arch" value="x86_64"/>
248
274
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:SP1"/>
249
275
  </fingerprint>
276
+
250
277
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.311\.1\.1\.3\.1\.2 Hardware: \S+64.*Software: Windows Version 6\.2 \(Build 9200.*$">
251
278
  <description>Windows Server 2012 on x86_64</description>
252
279
  <example>1.3.6.1.4.1.311.1.1.3.1.2 Hardware: Intel64 Family 6 Model 2 Stepping 3 AT/AT COMPATIBLE - Software: Windows Version 6.2 (Build 9200 Multiprocessor Free)</example>
@@ -256,7 +283,9 @@
256
283
  <param pos="0" name="os.arch" value="x86_64"/>
257
284
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
258
285
  </fingerprint>
286
+
259
287
  <!-- Various OIDs for Net-SNMP agents which are OS specific -->
288
+
260
289
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.1$">
261
290
  <description>Net-SNMP on hpux9</description>
262
291
  <example>1.3.6.1.4.1.8072.3.2.1</example>
@@ -269,6 +298,7 @@
269
298
  <param pos="0" name="service.product" value="SNMP Agent"/>
270
299
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
271
300
  </fingerprint>
301
+
272
302
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.2$">
273
303
  <description>Net-SNMP on sunos4</description>
274
304
  <example>1.3.6.1.4.1.8072.3.2.2</example>
@@ -280,6 +310,7 @@
280
310
  <param pos="0" name="service.product" value="SNMP Agent"/>
281
311
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
282
312
  </fingerprint>
313
+
283
314
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.3$">
284
315
  <description>Net-SNMP on solaris</description>
285
316
  <example>1.3.6.1.4.1.8072.3.2.3</example>
@@ -291,6 +322,7 @@
291
322
  <param pos="0" name="service.product" value="SNMP Agent"/>
292
323
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
293
324
  </fingerprint>
325
+
294
326
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.4$">
295
327
  <description>Net-SNMP on osf</description>
296
328
  <example>1.3.6.1.4.1.8072.3.2.4</example>
@@ -300,6 +332,7 @@
300
332
  <param pos="0" name="service.product" value="SNMP Agent"/>
301
333
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
302
334
  </fingerprint>
335
+
303
336
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.5$">
304
337
  <description>Net-SNMP on ultrix</description>
305
338
  <example>1.3.6.1.4.1.8072.3.2.5</example>
@@ -309,6 +342,7 @@
309
342
  <param pos="0" name="service.product" value="SNMP Agent"/>
310
343
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
311
344
  </fingerprint>
345
+
312
346
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.6$">
313
347
  <description>Net-SNMP on hpux10</description>
314
348
  <example>1.3.6.1.4.1.8072.3.2.6</example>
@@ -321,6 +355,7 @@
321
355
  <param pos="0" name="service.product" value="SNMP Agent"/>
322
356
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
323
357
  </fingerprint>
358
+
324
359
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.7$">
325
360
  <description>Net-SNMP on netbsd</description>
326
361
  <example>1.3.6.1.4.1.8072.3.2.7</example>
@@ -332,6 +367,7 @@
332
367
  <param pos="0" name="service.product" value="SNMP Agent"/>
333
368
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
334
369
  </fingerprint>
370
+
335
371
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.8$">
336
372
  <description>Net-SNMP on freebsd</description>
337
373
  <example>1.3.6.1.4.1.8072.3.2.8</example>
@@ -343,6 +379,7 @@
343
379
  <param pos="0" name="service.product" value="SNMP Agent"/>
344
380
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
345
381
  </fingerprint>
382
+
346
383
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.9$">
347
384
  <description>Net-SNMP on irix</description>
348
385
  <example>1.3.6.1.4.1.8072.3.2.9</example>
@@ -354,6 +391,7 @@
354
391
  <param pos="0" name="service.product" value="SNMP Agent"/>
355
392
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
356
393
  </fingerprint>
394
+
357
395
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.10$">
358
396
  <description>Net-SNMP on linux</description>
359
397
  <example>1.3.6.1.4.1.8072.3.2.10</example>
@@ -363,6 +401,7 @@
363
401
  <param pos="0" name="service.product" value="SNMP Agent"/>
364
402
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
365
403
  </fingerprint>
404
+
366
405
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.11$">
367
406
  <description>Net-SNMP on bsdi</description>
368
407
  <example>1.3.6.1.4.1.8072.3.2.11</example>
@@ -372,6 +411,7 @@
372
411
  <param pos="0" name="service.product" value="SNMP Agent"/>
373
412
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
374
413
  </fingerprint>
414
+
375
415
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.12$">
376
416
  <description>Net-SNMP on openbsd</description>
377
417
  <example>1.3.6.1.4.1.8072.3.2.12</example>
@@ -383,6 +423,7 @@
383
423
  <param pos="0" name="service.product" value="SNMP Agent"/>
384
424
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
385
425
  </fingerprint>
426
+
386
427
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.13$">
387
428
  <description>Net-SNMP on win32</description>
388
429
  <example>1.3.6.1.4.1.8072.3.2.13</example>
@@ -394,6 +435,7 @@
394
435
  <param pos="0" name="service.product" value="SNMP Agent"/>
395
436
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
396
437
  </fingerprint>
438
+
397
439
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.14$">
398
440
  <description>Net-SNMP on hpux11</description>
399
441
  <example>1.3.6.1.4.1.8072.3.2.14</example>
@@ -406,6 +448,7 @@
406
448
  <param pos="0" name="service.product" value="SNMP Agent"/>
407
449
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
408
450
  </fingerprint>
451
+
409
452
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.15$">
410
453
  <description>Net-SNMP on aix</description>
411
454
  <example>1.3.6.1.4.1.8072.3.2.15</example>
@@ -417,6 +460,7 @@
417
460
  <param pos="0" name="service.product" value="SNMP Agent"/>
418
461
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
419
462
  </fingerprint>
463
+
420
464
  <fingerprint pattern="^1\.3\.6\.1\.4\.1\.8072\.3\.2\.16$">
421
465
  <description>Net-SNMP on macosx</description>
422
466
  <example>1.3.6.1.4.1.8072.3.2.16</example>
@@ -427,4 +471,5 @@
427
471
  <param pos="0" name="service.product" value="SNMP Agent"/>
428
472
  <param pos="0" name="service.cpe23" value="cpe:/a:net-snmp:net-snmp:-"/>
429
473
  </fingerprint>
430
- </fingerprints>
474
+
475
+ </fingerprints>
@@ -1,15 +1,17 @@
1
- <?xml version="1.0" encoding="UTF-8"?>
1
+ <?xml version='1.0' encoding='UTF-8'?>
2
2
  <fingerprints matches="ssh.banner" protocol="ssh" database_type="service" preference="0.90">
3
3
  <!--
4
4
  SSH "software revision and comment" strings (official RFC nomenclature for the part of
5
5
  the identification string after "SSH-x.x-") are matched against these patterns to
6
6
  fingerprint SSH servers.
7
7
  -->
8
+
8
9
  <fingerprint pattern="^ArrayOS$">
9
10
  <description>Array Networks device</description>
10
11
  <example>ArrayOS</example>
11
12
  <param pos="0" name="service.vendor" value="Array Networks"/>
12
13
  </fingerprint>
14
+
13
15
  <fingerprint pattern="^RomSShell_([\d\.]+)$">
14
16
  <description>Allegro RomSShell SSH</description>
15
17
  <example service.version="4.62">RomSShell_4.62</example>
@@ -17,11 +19,13 @@
17
19
  <param pos="0" name="service.product" value="RomSShell"/>
18
20
  <param pos="1" name="service.version"/>
19
21
  </fingerprint>
22
+
20
23
  <fingerprint pattern="(?i)^DraySSH_\S+$">
21
24
  <description>DrayTek generic</description>
22
25
  <example>DraySSH_2.0</example>
23
26
  <param pos="0" name="hw.vendor" value="DrayTek"/>
24
27
  </fingerprint>
28
+
25
29
  <fingerprint pattern="^mpSSH_([\d\.]+)$">
26
30
  <description>HP Integrated Lights Out (iLO) usually bundled with HP servers</description>
27
31
  <example service.version="0.0.1">mpSSH_0.0.1</example>
@@ -36,6 +40,7 @@
36
40
  <param pos="0" name="os.family" value="iLO"/>
37
41
  <param pos="0" name="os.device" value="Lights Out Management"/>
38
42
  </fingerprint>
43
+
39
44
  <fingerprint pattern="^Serv-U_([\d\.]+)$">
40
45
  <description>Serv-U SSH</description>
41
46
  <example service.version="7.4.0.1">Serv-U_7.4.0.1</example>
@@ -43,6 +48,7 @@
43
48
  <param pos="0" name="service.product" value="Serv-U"/>
44
49
  <param pos="1" name="service.version"/>
45
50
  </fingerprint>
51
+
46
52
  <fingerprint pattern="WS_FTP-SSH_([\d\.]+)$">
47
53
  <description>WS_FTP Server with SSH</description>
48
54
  <example service.version="6.1.1">WS_FTP-SSH_6.1.1</example>
@@ -52,6 +58,7 @@
52
58
  <param pos="1" name="service.version"/>
53
59
  <param pos="0" name="service.cpe23" value="cpe:/a:ipswitch:ws_ftp:{service.version}"/>
54
60
  </fingerprint>
61
+
55
62
  <fingerprint pattern="IPSSH[-_]([\d\.p]+).*$">
56
63
  <description>VxWorks with version information</description>
57
64
  <example os.version="6.9.0">IPSSH-6.9.0</example>
@@ -60,7 +67,9 @@
60
67
  <param pos="1" name="os.version"/>
61
68
  <param pos="0" name="os.cpe23" value="cpe:/o:windriver:vxworks:{os.version}"/>
62
69
  </fingerprint>
70
+
63
71
  <!-- FreeBSD -->
72
+
64
73
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (green@FreeBSD.org 20010321)$">
65
74
  <description>OpenSSH running on FreeBSD 4.3</description>
66
75
  <example service.version="2.3.0" openssh.comment="green@FreeBSD.org 20010321">OpenSSH_2.3.0 green@FreeBSD.org 20010321</example>
@@ -76,6 +85,7 @@
76
85
  <param pos="0" name="os.version" value="4.3"/>
77
86
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.3"/>
78
87
  </fingerprint>
88
+
79
89
  <fingerprint pattern="^OpenSSH_(2\.3\.0) (FreeBSD localisations 20010713)$">
80
90
  <description>OpenSSH running on FreeBSD 4.4</description>
81
91
  <example service.version="2.3.0" openssh.comment="FreeBSD localisations 20010713">OpenSSH_2.3.0 FreeBSD localisations 20010713</example>
@@ -91,6 +101,7 @@
91
101
  <param pos="0" name="os.version" value="4.4"/>
92
102
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.4"/>
93
103
  </fingerprint>
104
+
94
105
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20011202)$">
95
106
  <description>OpenSSH running on FreeBSD 4.5</description>
96
107
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20011202">OpenSSH_2.9 FreeBSD localisations 20011202</example>
@@ -106,6 +117,7 @@
106
117
  <param pos="0" name="os.version" value="4.5"/>
107
118
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.5"/>
108
119
  </fingerprint>
120
+
109
121
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD 20020702)$">
110
122
  <description>OpenSSH running on FreeBSD 4.6.2</description>
111
123
  <example service.version="3.4p1" openssh.comment="FreeBSD 20020702">OpenSSH_3.4p1 FreeBSD 20020702</example>
@@ -121,6 +133,7 @@
121
133
  <param pos="0" name="os.version" value="4.6.2"/>
122
134
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6.2"/>
123
135
  </fingerprint>
136
+
124
137
  <fingerprint pattern="^OpenSSH_(2\.9) (FreeBSD localisations 20020307)$">
125
138
  <description>OpenSSH running on FreeBSD 4.6</description>
126
139
  <example service.version="2.9" openssh.comment="FreeBSD localisations 20020307">OpenSSH_2.9 FreeBSD localisations 20020307</example>
@@ -136,6 +149,7 @@
136
149
  <param pos="0" name="os.version" value="4.6"/>
137
150
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.6"/>
138
151
  </fingerprint>
152
+
139
153
  <fingerprint pattern="^OpenSSH_(3\.4p1) (FreeBSD-20020702)$">
140
154
  <description>OpenSSH running on FreeBSD 4.7</description>
141
155
  <example service.version="3.4p1" openssh.comment="FreeBSD-20020702">OpenSSH_3.4p1 FreeBSD-20020702</example>
@@ -151,6 +165,7 @@
151
165
  <param pos="0" name="os.version" value="4.7"/>
152
166
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.7"/>
153
167
  </fingerprint>
168
+
154
169
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030201)$">
155
170
  <description>OpenSSH running on FreeBSD 4.8</description>
156
171
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030201">OpenSSH_3.5p1 FreeBSD-20030201</example>
@@ -166,7 +181,9 @@
166
181
  <param pos="0" name="os.version" value="4.8"/>
167
182
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.8"/>
168
183
  </fingerprint>
184
+
169
185
  <!-- Multiple minor version match, assert the oldest version -->
186
+
170
187
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20030924)$">
171
188
  <description>OpenSSH running on FreeBSD 4.9/4.10 (sometimes 4.11)</description>
172
189
  <example service.version="3.5p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.5p1 FreeBSD-20030924</example>
@@ -182,6 +199,7 @@
182
199
  <param pos="0" name="os.version" value="4.9"/>
183
200
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.9"/>
184
201
  </fingerprint>
202
+
185
203
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20060930)$">
186
204
  <description>OpenSSH running on FreeBSD 4.11</description>
187
205
  <example service.version="3.5p1" openssh.comment="FreeBSD-20060930">OpenSSH_3.5p1 FreeBSD-20060930</example>
@@ -197,6 +215,7 @@
197
215
  <param pos="0" name="os.version" value="4.11"/>
198
216
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:4.11"/>
199
217
  </fingerprint>
218
+
200
219
  <fingerprint pattern="^OpenSSH_(3\.5p1) (FreeBSD-20021029)$">
201
220
  <description>OpenSSH running on FreeBSD 5.0</description>
202
221
  <example service.version="3.5p1" openssh.comment="FreeBSD-20021029">OpenSSH_3.5p1 FreeBSD-20021029</example>
@@ -212,6 +231,7 @@
212
231
  <param pos="0" name="os.version" value="5.0"/>
213
232
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.0"/>
214
233
  </fingerprint>
234
+
215
235
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030423)$">
216
236
  <description>OpenSSH running on FreeBSD 5.1</description>
217
237
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030423">OpenSSH_3.6.1p1 FreeBSD-20030423</example>
@@ -227,6 +247,7 @@
227
247
  <param pos="0" name="os.version" value="5.1"/>
228
248
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.1"/>
229
249
  </fingerprint>
250
+
230
251
  <fingerprint pattern="^OpenSSH_(3\.6\.1p1) (FreeBSD-20030924)$">
231
252
  <description>OpenSSH running on FreeBSD 5.2</description>
232
253
  <example service.version="3.6.1p1" openssh.comment="FreeBSD-20030924">OpenSSH_3.6.1p1 FreeBSD-20030924</example>
@@ -242,7 +263,9 @@
242
263
  <param pos="0" name="os.version" value="5.2"/>
243
264
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.2"/>
244
265
  </fingerprint>
266
+
245
267
  <!-- Multiple minor version match, assert the oldest version -->
268
+
246
269
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20040419)$">
247
270
  <description>OpenSSH running on FreeBSD 5.3/5.4</description>
248
271
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20040419">OpenSSH_3.8.1p1 FreeBSD-20040419</example>
@@ -258,6 +281,7 @@
258
281
  <param pos="0" name="os.version" value="5.3"/>
259
282
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.3"/>
260
283
  </fingerprint>
284
+
261
285
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (FreeBSD-20060123)$">
262
286
  <description>OpenSSH running on FreeBSD 5.5</description>
263
287
  <example service.version="3.8.1p1" openssh.comment="FreeBSD-20060123">OpenSSH_3.8.1p1 FreeBSD-20060123</example>
@@ -273,7 +297,9 @@
273
297
  <param pos="0" name="os.version" value="5.5"/>
274
298
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:5.5"/>
275
299
  </fingerprint>
300
+
276
301
  <!-- Multiple minor version match, assert the oldest version -->
302
+
277
303
  <fingerprint pattern="^OpenSSH_(4\.2p1) (FreeBSD-20050903)$">
278
304
  <description>OpenSSH running on FreeBSD 6.0/6.1</description>
279
305
  <example service.version="4.2p1" openssh.comment="FreeBSD-20050903">OpenSSH_4.2p1 FreeBSD-20050903</example>
@@ -289,7 +315,9 @@
289
315
  <param pos="0" name="os.version" value="6.0"/>
290
316
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:6.0"/>
291
317
  </fingerprint>
318
+
292
319
  <!-- Spans major versions, do not assert a version number -->
320
+
293
321
  <fingerprint pattern="^OpenSSH_(4\.5p1) (FreeBSD-20061110)$">
294
322
  <description>OpenSSH running on FreeBSD 6.2/6.3/6.4/7.0</description>
295
323
  <example service.version="4.5p1" openssh.comment="FreeBSD-20061110">OpenSSH_4.5p1 FreeBSD-20061110</example>
@@ -304,7 +332,9 @@
304
332
  <param pos="0" name="os.product" value="FreeBSD"/>
305
333
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
306
334
  </fingerprint>
335
+
307
336
  <!-- Multiple minor version match, assert the oldest version -->
337
+
308
338
  <fingerprint pattern="^OpenSSH_(5\.1p1) (FreeBSD-20080901)$">
309
339
  <description>OpenSSH running on FreeBSD 7.1/7.2/7.3/7.4</description>
310
340
  <example service.version="5.1p1" openssh.comment="FreeBSD-20080901">OpenSSH_5.1p1 FreeBSD-20080901</example>
@@ -320,6 +350,7 @@
320
350
  <param pos="0" name="os.version" value="7.1"/>
321
351
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:7.1"/>
322
352
  </fingerprint>
353
+
323
354
  <fingerprint pattern="^OpenSSH_(5\.2p1) (FreeBSD-20090522)$">
324
355
  <description>OpenSSH running on FreeBSD 8.0</description>
325
356
  <example service.version="5.2p1" openssh.comment="FreeBSD-20090522">OpenSSH_5.2p1 FreeBSD-20090522</example>
@@ -335,7 +366,9 @@
335
366
  <param pos="0" name="os.version" value="8.0"/>
336
367
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.0"/>
337
368
  </fingerprint>
369
+
338
370
  <!-- Multiple minor version match, assert the oldest version -->
371
+
339
372
  <fingerprint pattern="^OpenSSH_(5\.4p1) (FreeBSD-20100308)$">
340
373
  <description>OpenSSH running on FreeBSD 8.1/8.2</description>
341
374
  <example service.version="5.4p1" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1 FreeBSD-20100308</example>
@@ -351,6 +384,7 @@
351
384
  <param pos="0" name="os.version" value="8.1"/>
352
385
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.1"/>
353
386
  </fingerprint>
387
+
354
388
  <fingerprint pattern="^OpenSSH_(5\.4p1_hpn13v11) (FreeBSD-20100308)$">
355
389
  <description>OpenSSH running on FreeBSD 8.3</description>
356
390
  <example service.version="5.4p1_hpn13v11" openssh.comment="FreeBSD-20100308">OpenSSH_5.4p1_hpn13v11 FreeBSD-20100308</example>
@@ -366,6 +400,7 @@
366
400
  <param pos="0" name="os.version" value="8.3"/>
367
401
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.3"/>
368
402
  </fingerprint>
403
+
369
404
  <fingerprint pattern="^OpenSSH_(6\.1_hpn13v11) (FreeBSD-20120901)$">
370
405
  <description>OpenSSH running on FreeBSD 8.4</description>
371
406
  <example service.version="6.1_hpn13v11" openssh.comment="FreeBSD-20120901">OpenSSH_6.1_hpn13v11 FreeBSD-20120901</example>
@@ -381,7 +416,9 @@
381
416
  <param pos="0" name="os.version" value="8.4"/>
382
417
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:8.4"/>
383
418
  </fingerprint>
419
+
384
420
  <!-- Multiple minor version match, assert the oldest version -->
421
+
385
422
  <fingerprint pattern="^OpenSSH_(5\.8p2_hpn13v11) (FreeBSD-20110503)$">
386
423
  <description>OpenSSH running on FreeBSD 9.0/9.1</description>
387
424
  <example service.version="5.8p2_hpn13v11" openssh.comment="FreeBSD-20110503">OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503</example>
@@ -397,6 +434,7 @@
397
434
  <param pos="0" name="os.version" value="9.0"/>
398
435
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.0"/>
399
436
  </fingerprint>
437
+
400
438
  <fingerprint pattern="^OpenSSH_(6\.2_hpn13v11) (FreeBSD-20130515)$">
401
439
  <description>OpenSSH running on FreeBSD 9.2</description>
402
440
  <example service.version="6.2_hpn13v11" openssh.comment="FreeBSD-20130515">OpenSSH_6.2_hpn13v11 FreeBSD-20130515</example>
@@ -412,7 +450,9 @@
412
450
  <param pos="0" name="os.version" value="9.2"/>
413
451
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:9.2"/>
414
452
  </fingerprint>
453
+
415
454
  <!-- Spans major versions, do not assert a version number -->
455
+
416
456
  <fingerprint pattern="^OpenSSH_(6\.6\.1_hpn13v11) (FreeBSD-20140420)$">
417
457
  <description>OpenSSH running on FreeBSD 9.3/10.1/10.2</description>
418
458
  <example service.version="6.6.1_hpn13v11" openssh.comment="FreeBSD-20140420">OpenSSH_6.6.1_hpn13v11 FreeBSD-20140420</example>
@@ -427,6 +467,7 @@
427
467
  <param pos="0" name="os.product" value="FreeBSD"/>
428
468
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
429
469
  </fingerprint>
470
+
430
471
  <fingerprint pattern="^OpenSSH_(6\.4_hpn13v11) (FreeBSD-20131111)$">
431
472
  <description>OpenSSH running on FreeBSD 10.0</description>
432
473
  <example service.version="6.4_hpn13v11" openssh.comment="FreeBSD-20131111">OpenSSH_6.4_hpn13v11 FreeBSD-20131111</example>
@@ -442,7 +483,9 @@
442
483
  <param pos="0" name="os.version" value="10.0"/>
443
484
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.0"/>
444
485
  </fingerprint>
486
+
445
487
  <!-- Spans major versions, do not assert a version number -->
488
+
446
489
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20160310)$">
447
490
  <description>OpenSSH running on FreeBSD 10.3/11.0</description>
448
491
  <example service.version="7.2" openssh.comment="FreeBSD-20160310">OpenSSH_7.2 FreeBSD-20160310</example>
@@ -457,6 +500,7 @@
457
500
  <param pos="0" name="os.product" value="FreeBSD"/>
458
501
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
459
502
  </fingerprint>
503
+
460
504
  <fingerprint pattern="^OpenSSH_(7\.3) (FreeBSD-20170902)$">
461
505
  <description>OpenSSH running on FreeBSD 10.4</description>
462
506
  <example service.version="7.3" openssh.comment="FreeBSD-20170902">OpenSSH_7.3 FreeBSD-20170902</example>
@@ -472,6 +516,7 @@
472
516
  <param pos="0" name="os.version" value="10.4"/>
473
517
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:10.4"/>
474
518
  </fingerprint>
519
+
475
520
  <fingerprint pattern="^OpenSSH_(7\.2) (FreeBSD-20161230)$">
476
521
  <description>OpenSSH running on FreeBSD 11.1</description>
477
522
  <example service.version="7.2" openssh.comment="FreeBSD-20161230">OpenSSH_7.2 FreeBSD-20161230</example>
@@ -487,7 +532,9 @@
487
532
  <param pos="0" name="os.version" value="11.1"/>
488
533
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.1"/>
489
534
  </fingerprint>
535
+
490
536
  <!-- Multiple minor version match, assert the oldest version -->
537
+
491
538
  <fingerprint pattern="^OpenSSH_(7\.5) (FreeBSD-20170903)$">
492
539
  <description>OpenSSH running on FreeBSD 11.2/11.3</description>
493
540
  <example service.version="7.5" openssh.comment="FreeBSD-20170903">OpenSSH_7.5 FreeBSD-20170903</example>
@@ -503,6 +550,7 @@
503
550
  <param pos="0" name="os.version" value="11.2"/>
504
551
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:11.2"/>
505
552
  </fingerprint>
553
+
506
554
  <fingerprint pattern="^OpenSSH_(7\.8) (FreeBSD-20180909)$">
507
555
  <description>OpenSSH running on FreeBSD 12.0</description>
508
556
  <example service.version="7.8" openssh.comment="FreeBSD-20180909">OpenSSH_7.8 FreeBSD-20180909</example>
@@ -518,6 +566,7 @@
518
566
  <param pos="0" name="os.version" value="12.0"/>
519
567
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:12.0"/>
520
568
  </fingerprint>
569
+
521
570
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(FreeBSD[ -].*)$">
522
571
  <description>OpenSSH running on FreeBSD</description>
523
572
  <example service.version="7.2" openssh.comment="FreeBSD-20160311">OpenSSH_7.2 FreeBSD-20160311</example>
@@ -532,7 +581,9 @@
532
581
  <param pos="0" name="os.product" value="FreeBSD"/>
533
582
  <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
534
583
  </fingerprint>
584
+
535
585
  <!-- NetBSD -->
586
+
536
587
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(NetBSD(?:_Secure_Shell)?[ -].*)$">
537
588
  <description>OpenSSH running on NetBSD</description>
538
589
  <example service.version="7.2" openssh.comment="NetBSD-20100308">OpenSSH_7.2 NetBSD-20100308</example>
@@ -548,7 +599,9 @@
548
599
  <param pos="0" name="os.product" value="NetBSD"/>
549
600
  <param pos="0" name="os.cpe23" value="cpe:/o:netbsd:netbsd:-"/>
550
601
  </fingerprint>
602
+
551
603
  <!-- Ubuntu -->
604
+
552
605
  <fingerprint pattern="^OpenSSH_(3\.8\.1p1) (Debian-11ubuntu\d+(?:\.\d+)?)$">
553
606
  <description>OpenSSH running on Ubuntu 4.10</description>
554
607
  <example service.version="3.8.1p1" openssh.comment="Debian-11ubuntu3">OpenSSH_3.8.1p1 Debian-11ubuntu3</example>
@@ -564,6 +617,7 @@
564
617
  <param pos="0" name="os.version" value="4.10"/>
565
618
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:4.10"/>
566
619
  </fingerprint>
620
+
567
621
  <fingerprint pattern="^OpenSSH_(3\.9p1) (Debian-1ubuntu\d+(?:\.\d+)?)$">
568
622
  <description>OpenSSH running on Ubuntu 5.04</description>
569
623
  <example service.version="3.9p1" openssh.comment="Debian-1ubuntu2">OpenSSH_3.9p1 Debian-1ubuntu2</example>
@@ -579,6 +633,7 @@
579
633
  <param pos="0" name="os.version" value="5.04"/>
580
634
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.04"/>
581
635
  </fingerprint>
636
+
582
637
  <fingerprint pattern="^OpenSSH_(4\.1p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
583
638
  <description>OpenSSH running on Ubuntu 5.10</description>
584
639
  <example service.version="4.1p1" openssh.comment="Debian-7ubuntu4">OpenSSH_4.1p1 Debian-7ubuntu4</example>
@@ -594,6 +649,7 @@
594
649
  <param pos="0" name="os.version" value="5.10"/>
595
650
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:5.10"/>
596
651
  </fingerprint>
652
+
597
653
  <fingerprint pattern="^OpenSSH_(4\.2p1) (Debian-7ubuntu\d+(?:\.\d+)?)$">
598
654
  <description>OpenSSH running on Ubuntu 6.04</description>
599
655
  <example service.version="4.2p1" openssh.comment="Debian-7ubuntu3.1">OpenSSH_4.2p1 Debian-7ubuntu3.1</example>
@@ -610,6 +666,7 @@
610
666
  <param pos="0" name="os.version" value="6.04"/>
611
667
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:6.04"/>
612
668
  </fingerprint>
669
+
613
670
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-8ubuntu\d+(?:\.\d+)?)$">
614
671
  <description>OpenSSH running on Ubuntu 7.04</description>
615
672
  <example service.version="4.3p2" openssh.comment="Debian-8ubuntu1.4">OpenSSH_4.3p2 Debian-8ubuntu1.4</example>
@@ -625,6 +682,7 @@
625
682
  <param pos="0" name="os.version" value="7.04"/>
626
683
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.04"/>
627
684
  </fingerprint>
685
+
628
686
  <fingerprint pattern="^OpenSSH_(4\.6p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
629
687
  <description>OpenSSH running on Ubuntu 7.10</description>
630
688
  <example service.version="4.6p1" openssh.comment="Debian-5ubuntu0.2">OpenSSH_4.6p1 Debian-5ubuntu0.2</example>
@@ -643,6 +701,7 @@
643
701
  <param pos="0" name="os.version" value="7.10"/>
644
702
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:7.10"/>
645
703
  </fingerprint>
704
+
646
705
  <fingerprint pattern="^OpenSSH_(4\.7p1) (Debian-8ubuntu\d+(?:\.\d+)?)$">
647
706
  <description>OpenSSH running on Ubuntu 8.04</description>
648
707
  <example service.version="4.7p1" openssh.comment="Debian-8ubuntu1.2">OpenSSH_4.7p1 Debian-8ubuntu1.2</example>
@@ -659,6 +718,7 @@
659
718
  <param pos="0" name="os.version" value="8.04"/>
660
719
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.04"/>
661
720
  </fingerprint>
721
+
662
722
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
663
723
  <description>OpenSSH running on Ubuntu 8.10</description>
664
724
  <example service.version="5.1p1" openssh.comment="Debian-3ubuntu1">OpenSSH_5.1p1 Debian-3ubuntu1</example>
@@ -674,6 +734,7 @@
674
734
  <param pos="0" name="os.version" value="8.10"/>
675
735
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:8.10"/>
676
736
  </fingerprint>
737
+
677
738
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5ubuntu\d+(?:\.\d+)?)$">
678
739
  <description>OpenSSH running on Ubuntu 9.04</description>
679
740
  <example service.version="5.1p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.1p1 Debian-5ubuntu1</example>
@@ -689,6 +750,7 @@
689
750
  <param pos="0" name="os.version" value="9.04"/>
690
751
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.04"/>
691
752
  </fingerprint>
753
+
692
754
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-6ubuntu\d+(?:\.\d+)?)$">
693
755
  <description>OpenSSH running on Ubuntu 9.10</description>
694
756
  <example service.version="5.1p1" openssh.comment="Debian-6ubuntu2">OpenSSH_5.1p1 Debian-6ubuntu2</example>
@@ -704,6 +766,7 @@
704
766
  <param pos="0" name="os.version" value="9.10"/>
705
767
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:9.10"/>
706
768
  </fingerprint>
769
+
707
770
  <fingerprint pattern="^OpenSSH_(5\.3p1) (Debian-3ubuntu\d+(?:\.\d+)?)$">
708
771
  <description>OpenSSH running on Ubuntu 10.04 (lucid)</description>
709
772
  <example service.version="5.3p1" openssh.comment="Debian-3ubuntu3">OpenSSH_5.3p1 Debian-3ubuntu3</example>
@@ -724,6 +787,7 @@
724
787
  <param pos="0" name="os.version" value="10.04"/>
725
788
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.04"/>
726
789
  </fingerprint>
790
+
727
791
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-4ubuntu\d+(?:\.\d+)?)$">
728
792
  <description>OpenSSH running on Ubuntu 10.10</description>
729
793
  <example service.version="5.5p1" openssh.comment="Debian-4ubuntu4">OpenSSH_5.5p1 Debian-4ubuntu4</example>
@@ -741,6 +805,7 @@
741
805
  <param pos="0" name="os.version" value="10.10"/>
742
806
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:10.10"/>
743
807
  </fingerprint>
808
+
744
809
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-1ubuntu\d(?:\.\d)?)$">
745
810
  <description>OpenSSH running on Ubuntu 11.04</description>
746
811
  <example service.version="5.8p1" openssh.comment="Debian-1ubuntu3">OpenSSH_5.8p1 Debian-1ubuntu3</example>
@@ -756,6 +821,7 @@
756
821
  <param pos="0" name="os.version" value="11.04"/>
757
822
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.04"/>
758
823
  </fingerprint>
824
+
759
825
  <fingerprint pattern="^OpenSSH_(5\.8p1) (Debian-7ubuntu\d(?:\.\d)?)$">
760
826
  <description>OpenSSH running on Ubuntu 11.10</description>
761
827
  <example service.version="5.8p1" openssh.comment="Debian-7ubuntu1">OpenSSH_5.8p1 Debian-7ubuntu1</example>
@@ -771,6 +837,7 @@
771
837
  <param pos="0" name="os.version" value="11.10"/>
772
838
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:11.10"/>
773
839
  </fingerprint>
840
+
774
841
  <fingerprint pattern="^OpenSSH_(5\.9p1) (Debian-5ubuntu\d(?:\.\d)?)$">
775
842
  <description>OpenSSH running on Ubuntu 12.04</description>
776
843
  <example service.version="5.9p1" openssh.comment="Debian-5ubuntu1">OpenSSH_5.9p1 Debian-5ubuntu1</example>
@@ -787,6 +854,7 @@
787
854
  <param pos="0" name="os.version" value="12.04"/>
788
855
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.04"/>
789
856
  </fingerprint>
857
+
790
858
  <fingerprint pattern="^OpenSSH_(6\.0p1) (Debian-3ubuntu\d(?:\.\d)?)$">
791
859
  <description>OpenSSH running on Ubuntu 12.10</description>
792
860
  <example service.version="6.0p1" openssh.comment="Debian-3ubuntu1">OpenSSH_6.0p1 Debian-3ubuntu1</example>
@@ -803,6 +871,7 @@
803
871
  <param pos="0" name="os.version" value="12.10"/>
804
872
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:12.10"/>
805
873
  </fingerprint>
874
+
806
875
  <fingerprint pattern="^OpenSSH_(6\.1p1) (Debian-4)$">
807
876
  <description>OpenSSH running on Ubuntu 13.04</description>
808
877
  <example service.version="6.1p1" openssh.comment="Debian-4">OpenSSH_6.1p1 Debian-4</example>
@@ -818,6 +887,7 @@
818
887
  <param pos="0" name="os.version" value="13.04"/>
819
888
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.04"/>
820
889
  </fingerprint>
890
+
821
891
  <fingerprint pattern="^OpenSSH_(6\.2p2) (Ubuntu-6unbuntu\d(?:\.\d)?)$">
822
892
  <description>OpenSSH running on Ubuntu 13.10</description>
823
893
  <example service.version="6.2p2" openssh.comment="Ubuntu-6unbuntu0.4">OpenSSH_6.2p2 Ubuntu-6unbuntu0.4</example>
@@ -833,6 +903,7 @@
833
903
  <param pos="0" name="os.version" value="13.10"/>
834
904
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:13.10"/>
835
905
  </fingerprint>
906
+
836
907
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?)[_|-](hpn\d+v\d+)$">
837
908
  <description>OpenSSH with HPN patches</description>
838
909
  <example service.version="6.1" openssh.comment="hpn13v11">OpenSSH_6.1_hpn13v11</example>
@@ -845,6 +916,7 @@
845
916
  <param pos="0" name="service.product" value="OpenSSH"/>
846
917
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
847
918
  </fingerprint>
919
+
848
920
  <fingerprint pattern="^OpenSSH_(6\.6(?:\.\d)?p1) (Ubuntu-2ubuntu\d+(?:\.\d+)?)$">
849
921
  <description>OpenSSH running on Ubuntu 14.04</description>
850
922
  <example service.version="6.6p1" openssh.comment="Ubuntu-2ubuntu1">OpenSSH_6.6p1 Ubuntu-2ubuntu1</example>
@@ -861,6 +933,7 @@
861
933
  <param pos="0" name="os.version" value="14.04"/>
862
934
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.04"/>
863
935
  </fingerprint>
936
+
864
937
  <fingerprint pattern="^OpenSSH_(6\.6\.1p1) (Ubuntu-8)$">
865
938
  <description>OpenSSH running on Ubuntu 14.10</description>
866
939
  <example service.version="6.6.1p1" openssh.comment="Ubuntu-8">OpenSSH_6.6.1p1 Ubuntu-8</example>
@@ -876,6 +949,7 @@
876
949
  <param pos="0" name="os.version" value="14.10"/>
877
950
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:14.10"/>
878
951
  </fingerprint>
952
+
879
953
  <fingerprint pattern="^OpenSSH_(6\.7p1) (Ubuntu-5ubuntu\d(?:\.\d)?)$">
880
954
  <description>OpenSSH running on Ubuntu 15.04 (vivid)</description>
881
955
  <example service.version="6.7p1" openssh.comment="Ubuntu-5ubuntu1">OpenSSH_6.7p1 Ubuntu-5ubuntu1</example>
@@ -891,6 +965,7 @@
891
965
  <param pos="0" name="os.version" value="15.04"/>
892
966
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.04"/>
893
967
  </fingerprint>
968
+
894
969
  <fingerprint pattern="^OpenSSH_(6\.9p1) (Ubuntu-2)$">
895
970
  <description>OpenSSH running on Ubuntu 15.10</description>
896
971
  <example service.version="6.9p1" openssh.comment="Ubuntu-2">OpenSSH_6.9p1 Ubuntu-2</example>
@@ -906,6 +981,7 @@
906
981
  <param pos="0" name="os.version" value="15.10"/>
907
982
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:15.10"/>
908
983
  </fingerprint>
984
+
909
985
  <fingerprint pattern="^OpenSSH_(7\.2p2) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
910
986
  <description>OpenSSH running on Ubuntu 16.04 (vivid)</description>
911
987
  <example service.version="7.2p2" openssh.comment="Ubuntu-4ubuntu2.7">OpenSSH_7.2p2 Ubuntu-4ubuntu2.7</example>
@@ -921,6 +997,7 @@
921
997
  <param pos="0" name="os.version" value="16.04"/>
922
998
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.04"/>
923
999
  </fingerprint>
1000
+
924
1001
  <fingerprint pattern="^OpenSSH_(7\.3p1) (Ubuntu-1)$">
925
1002
  <description>OpenSSH running on Ubuntu 16.10</description>
926
1003
  <example service.version="7.3p1" openssh.comment="Ubuntu-1">OpenSSH_7.3p1 Ubuntu-1</example>
@@ -936,6 +1013,7 @@
936
1013
  <param pos="0" name="os.version" value="16.10"/>
937
1014
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:16.10"/>
938
1015
  </fingerprint>
1016
+
939
1017
  <fingerprint pattern="^OpenSSH_(7\.4p1) (Ubuntu-10)$">
940
1018
  <description>OpenSSH running on Ubuntu 17.04</description>
941
1019
  <example service.version="7.4p1" openssh.comment="Ubuntu-10">OpenSSH_7.4p1 Ubuntu-10</example>
@@ -951,6 +1029,7 @@
951
1029
  <param pos="0" name="os.version" value="17.04"/>
952
1030
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.04"/>
953
1031
  </fingerprint>
1032
+
954
1033
  <fingerprint pattern="^OpenSSH_(7\.5p1) (Ubuntu-10ubuntu\d(?:\.\d)?)$">
955
1034
  <description>OpenSSH running on Ubuntu 17.10</description>
956
1035
  <example service.version="7.5p1" openssh.comment="Ubuntu-10ubuntu0.1">OpenSSH_7.5p1 Ubuntu-10ubuntu0.1</example>
@@ -966,6 +1045,7 @@
966
1045
  <param pos="0" name="os.version" value="17.10"/>
967
1046
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:17.10"/>
968
1047
  </fingerprint>
1048
+
969
1049
  <fingerprint pattern="^OpenSSH_(7\.6p1) (Ubuntu-4ubuntu\d(?:\.\d)?)$">
970
1050
  <description>OpenSSH running on Ubuntu 18.04</description>
971
1051
  <example service.version="7.6p1" openssh.comment="Ubuntu-4ubuntu0.3">OpenSSH_7.6p1 Ubuntu-4ubuntu0.3</example>
@@ -981,6 +1061,7 @@
981
1061
  <param pos="0" name="os.version" value="18.04"/>
982
1062
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.04"/>
983
1063
  </fingerprint>
1064
+
984
1065
  <fingerprint pattern="^OpenSSH_(7\.7p1) (Ubuntu-4)$">
985
1066
  <description>OpenSSH running on Ubuntu 18.10</description>
986
1067
  <example service.version="7.7p1" openssh.comment="Ubuntu-4">OpenSSH_7.7p1 Ubuntu-4</example>
@@ -996,6 +1077,7 @@
996
1077
  <param pos="0" name="os.version" value="18.10"/>
997
1078
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:18.10"/>
998
1079
  </fingerprint>
1080
+
999
1081
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Ubuntu-10)$">
1000
1082
  <description>OpenSSH running on Ubuntu 19.04</description>
1001
1083
  <example service.version="7.9p1" openssh.comment="Ubuntu-10">OpenSSH_7.9p1 Ubuntu-10</example>
@@ -1011,6 +1093,7 @@
1011
1093
  <param pos="0" name="os.version" value="19.04"/>
1012
1094
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.04"/>
1013
1095
  </fingerprint>
1096
+
1014
1097
  <fingerprint pattern="^OpenSSH_(8\.0p1) (Ubuntu-6build1)$">
1015
1098
  <description>OpenSSH running on Ubuntu 19.10</description>
1016
1099
  <example service.version="8.0p1" openssh.comment="Ubuntu-6build1">OpenSSH_8.0p1 Ubuntu-6build1</example>
@@ -1026,6 +1109,7 @@
1026
1109
  <param pos="0" name="os.version" value="19.10"/>
1027
1110
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:19.10"/>
1028
1111
  </fingerprint>
1112
+
1029
1113
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Ubuntu-\d\d?)$">
1030
1114
  <description>OpenSSH running on Ubuntu (unknown release)</description>
1031
1115
  <example service.version="7.6p1" openssh.comment="Ubuntu-2">OpenSSH_7.6p1 Ubuntu-2</example>
@@ -1040,6 +1124,7 @@
1040
1124
  <param pos="0" name="os.product" value="Linux"/>
1041
1125
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1042
1126
  </fingerprint>
1127
+
1043
1128
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+((?:Debian|Ubuntu).+ubuntu.*)$">
1044
1129
  <description>OpenSSH running on Ubuntu</description>
1045
1130
  <example service.version="7.2p3" openssh.comment="Ubuntu-4ubuntu2.2">OpenSSH_7.2p3 Ubuntu-4ubuntu2.2</example>
@@ -1055,7 +1140,9 @@
1055
1140
  <param pos="0" name="os.certainty" value="0.75"/>
1056
1141
  <param pos="0" name="os.cpe23" value="cpe:/o:canonical:ubuntu_linux:-"/>
1057
1142
  </fingerprint>
1143
+
1058
1144
  <!-- Debian -->
1145
+
1059
1146
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+woody.*)$">
1060
1147
  <description>OpenSSH running on Debian 3.0 (woody)</description>
1061
1148
  <example service.version="3.4p1" openssh.comment="Debian 1:3.4p1-1.woody.3">OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3</example>
@@ -1071,6 +1158,7 @@
1071
1158
  <param pos="0" name="os.version" value="3.0"/>
1072
1159
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.0"/>
1073
1160
  </fingerprint>
1161
+
1074
1162
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian.+sarge.*)$">
1075
1163
  <description>OpenSSH running on Debian 3.1 (sarge)</description>
1076
1164
  <example service.version="3.8.1p1" openssh.comment="Debian-8.sarge.4">OpenSSH_3.8.1p1 Debian-8.sarge.4</example>
@@ -1086,6 +1174,7 @@
1086
1174
  <param pos="0" name="os.version" value="3.1"/>
1087
1175
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:3.1"/>
1088
1176
  </fingerprint>
1177
+
1089
1178
  <fingerprint pattern="^OpenSSH_(4\.3p2) (Debian-9.*)$">
1090
1179
  <description>OpenSSH running on Debian 4.0 (etch)</description>
1091
1180
  <example service.version="4.3p2" openssh.comment="Debian-9">OpenSSH_4.3p2 Debian-9</example>
@@ -1102,6 +1191,7 @@
1102
1191
  <param pos="0" name="os.version" value="4.0"/>
1103
1192
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:4.0"/>
1104
1193
  </fingerprint>
1194
+
1105
1195
  <fingerprint pattern="^OpenSSH_(5\.1p1) (Debian-5)$">
1106
1196
  <description>OpenSSH running on Debian 5.0 (also 5.10)</description>
1107
1197
  <example service.version="5.1p1" openssh.comment="Debian-5">OpenSSH_5.1p1 Debian-5</example>
@@ -1117,6 +1207,7 @@
1117
1207
  <param pos="0" name="os.version" value="5.0"/>
1118
1208
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:5.0"/>
1119
1209
  </fingerprint>
1210
+
1120
1211
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+[+~]squeeze.*)$">
1121
1212
  <description>OpenSSH running on Debian 6.0 (squeeze)</description>
1122
1213
  <example service.version="5.5p1" openssh.comment="Debian-6+squeeze4">OpenSSH_5.5p1 Debian-6+squeeze4</example>
@@ -1134,6 +1225,7 @@
1134
1225
  <param pos="0" name="os.version" value="6.0"/>
1135
1226
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1136
1227
  </fingerprint>
1228
+
1137
1229
  <fingerprint pattern="^OpenSSH_(5\.5p1) (Debian-6)$">
1138
1230
  <description>OpenSSH running on Debian 6.0 (w/o squeeze in banner)</description>
1139
1231
  <example service.version="5.5p1" openssh.comment="Debian-6">OpenSSH_5.5p1 Debian-6</example>
@@ -1149,7 +1241,9 @@
1149
1241
  <param pos="0" name="os.version" value="6.0"/>
1150
1242
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:6.0"/>
1151
1243
  </fingerprint>
1244
+
1152
1245
  <!-- More specific than and should preceed the 7.0 match -->
1246
+
1153
1247
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4\+deb7u2)$">
1154
1248
  <description>OpenSSH running on Debian 7.8 (wheezy)</description>
1155
1249
  <example service.version="6.0p1" openssh.comment="Debian-4+deb7u2">OpenSSH_6.0p1 Debian-4+deb7u2</example>
@@ -1165,6 +1259,7 @@
1165
1259
  <param pos="0" name="os.version" value="7.8"/>
1166
1260
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.8"/>
1167
1261
  </fingerprint>
1262
+
1168
1263
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-4(?:\+deb7u\d+)?)$">
1169
1264
  <description>OpenSSH running on Debian 7.x (wheezy)</description>
1170
1265
  <example service.version="6.0p1" openssh.comment="Debian-4">OpenSSH_6.0p1 Debian-4</example>
@@ -1181,6 +1276,7 @@
1181
1276
  <param pos="0" name="os.version" value="7.0"/>
1182
1277
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1183
1278
  </fingerprint>
1279
+
1184
1280
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d~bpo7\d?\+\d+)$">
1185
1281
  <description>OpenSSH backport running on Debian 7.x (wheezy)</description>
1186
1282
  <example service.version="6.6.1p1" openssh.comment="Debian-4~bpo70+1">OpenSSH_6.6.1p1 Debian-4~bpo70+1</example>
@@ -1197,6 +1293,7 @@
1197
1293
  <param pos="0" name="os.version" value="7.0"/>
1198
1294
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:7.0"/>
1199
1295
  </fingerprint>
1296
+
1200
1297
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-5\+deb8u\d+.*)$">
1201
1298
  <description>OpenSSH running on Debian 8.x (jessie)</description>
1202
1299
  <example service.version="6.7p1" openssh.comment="Debian-5+deb8u2">OpenSSH_6.7p1 Debian-5+deb8u2</example>
@@ -1214,6 +1311,7 @@
1214
1311
  <param pos="0" name="os.version" value="8.0"/>
1215
1312
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:8.0"/>
1216
1313
  </fingerprint>
1314
+
1217
1315
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d\d?\+deb9u\d+)$">
1218
1316
  <description>OpenSSH running on Debian 9.x (stretch)</description>
1219
1317
  <example service.version="7.4p1" openssh.comment="Debian-10+deb9u1">OpenSSH_7.4p1 Debian-10+deb9u1</example>
@@ -1230,6 +1328,7 @@
1230
1328
  <param pos="0" name="os.version" value="9.0"/>
1231
1329
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:9.0"/>
1232
1330
  </fingerprint>
1331
+
1233
1332
  <fingerprint pattern="^OpenSSH_(7\.9p1) (Debian-10|Debian-\d\d?\+deb10u\d+)$">
1234
1333
  <description>OpenSSH running on Debian 10.x (buster)</description>
1235
1334
  <example service.version="7.9p1" openssh.comment="Debian-10">OpenSSH_7.9p1 Debian-10</example>
@@ -1246,6 +1345,7 @@
1246
1345
  <param pos="0" name="os.version" value="10.0"/>
1247
1346
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:10.0"/>
1248
1347
  </fingerprint>
1348
+
1249
1349
  <fingerprint pattern="^OpenSSH_(8\.1p1) (Debian-1|Debian-\d\d?\+deb11u\d+)$">
1250
1350
  <description>OpenSSH running on Debian 11.x (bullseye)</description>
1251
1351
  <example service.version="8.1p1" openssh.comment="Debian-1">OpenSSH_8.1p1 Debian-1</example>
@@ -1262,6 +1362,7 @@
1262
1362
  <param pos="0" name="os.version" value="11.0"/>
1263
1363
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:11.0"/>
1264
1364
  </fingerprint>
1365
+
1265
1366
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Debian-\d+(?:[~]?bpo[.]?\d+)?)$">
1266
1367
  <description>OpenSSH running on Debian (unknown release)</description>
1267
1368
  <example service.version="4.3p2" openssh.comment="Debian-5~bpo.1">OpenSSH_4.3p2 Debian-5~bpo.1</example>
@@ -1278,7 +1379,9 @@
1278
1379
  <param pos="0" name="os.product" value="Linux"/>
1279
1380
  <param pos="0" name="os.cpe23" value="cpe:/o:debian:debian_linux:-"/>
1280
1381
  </fingerprint>
1382
+
1281
1383
  <!-- Raspbian -->
1384
+
1282
1385
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-5\+deb8u\d+)$">
1283
1386
  <description>OpenSSH running on Raspbian (Debian 8 "Jessie" based)</description>
1284
1387
  <example service.version="6.7p1" openssh.comment="Raspbian-5+deb8u1">OpenSSH_6.7p1 Raspbian-5+deb8u1</example>
@@ -1295,6 +1398,7 @@
1295
1398
  <param pos="0" name="os.version" value="8.0"/>
1296
1399
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1297
1400
  </fingerprint>
1401
+
1298
1402
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?\+deb9u\d+)$">
1299
1403
  <description>OpenSSH running on Raspbian (Debian 9 "Stretch" based)</description>
1300
1404
  <example service.version="7.4p1" openssh.comment="Raspbian-10+deb9u1">OpenSSH_7.4p1 Raspbian-10+deb9u1</example>
@@ -1311,6 +1415,7 @@
1311
1415
  <param pos="0" name="os.version" value="9.0"/>
1312
1416
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1313
1417
  </fingerprint>
1418
+
1314
1419
  <fingerprint pattern="^OpenSSH_(7\.9p1)\s+(Raspbian-(?:10|\d\d?\+deb10u\d+))$">
1315
1420
  <description>OpenSSH running on Raspbian (Debian 10 "Buster" based)</description>
1316
1421
  <example service.version="7.9p1" openssh.comment="Raspbian-10">OpenSSH_7.9p1 Raspbian-10</example>
@@ -1327,6 +1432,7 @@
1327
1432
  <param pos="0" name="os.version" value="10.0"/>
1328
1433
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1329
1434
  </fingerprint>
1435
+
1330
1436
  <fingerprint pattern="^OpenSSH_(8\.1p1)\s+(Raspbian-(?:1|\d\d?\+deb11u\d+))$">
1331
1437
  <description>OpenSSH running on Raspbian (Debian 11 "Bullseye" based)</description>
1332
1438
  <example service.version="8.1p1" openssh.comment="Raspbian-1">OpenSSH_8.1p1 Raspbian-1</example>
@@ -1343,6 +1449,7 @@
1343
1449
  <param pos="0" name="os.version" value="11.0"/>
1344
1450
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1345
1451
  </fingerprint>
1452
+
1346
1453
  <fingerprint pattern="^OpenSSH_([^\s]+)\s+(Raspbian-\d\d?)$">
1347
1454
  <description>OpenSSH running on Raspbian (Debian, unknown release)</description>
1348
1455
  <example service.version="7.5p1" openssh.comment="Raspbian-10">OpenSSH_7.5p1 Raspbian-10</example>
@@ -1358,7 +1465,9 @@
1358
1465
  <param pos="0" name="os.product" value="Linux"/>
1359
1466
  <param pos="0" name="hw.product" value="Raspberry Pi"/>
1360
1467
  </fingerprint>
1468
+
1361
1469
  <!-- Miscellaneous -->
1470
+
1362
1471
  <fingerprint pattern="^OpenSSH_(.*)\+(CAN-[0-9]{4}-[0-9]{4})$">
1363
1472
  <description>OpenSSH with CVE patch, as seen in Mac OS X</description>
1364
1473
  <example service.version="3.4p1" openssh.cvepatch="CAN-2004-0175">OpenSSH_3.4p1+CAN-2004-0175</example>
@@ -1373,6 +1482,7 @@
1373
1482
  <param pos="0" name="os.product" value="Mac OS X"/>
1374
1483
  <param pos="0" name="os.cpe23" value="cpe:/o:apple:mac_os_x:-"/>
1375
1484
  </fingerprint>
1485
+
1376
1486
  <fingerprint pattern="^OpenSSH_(.*)_Mikrotik_v(.*)$">
1377
1487
  <description>OpenSSH on MikroTik</description>
1378
1488
  <example service.version="2.3.0" os.version="2.9">OpenSSH_2.3.0_Mikrotik_v2.9</example>
@@ -1388,6 +1498,7 @@
1388
1498
  <param pos="0" name="os.product" value="RouterOS"/>
1389
1499
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:{os.version}"/>
1390
1500
  </fingerprint>
1501
+
1391
1502
  <fingerprint pattern="^OpenSSH_(.*)-HipServ$">
1392
1503
  <description>OpenSSH on HipServ</description>
1393
1504
  <example service.version="4.3">OpenSSH_4.3-HipServ</example>
@@ -1401,6 +1512,7 @@
1401
1512
  <param pos="0" name="os.family" value="Linux"/>
1402
1513
  <param pos="0" name="os.product" value="HipServ"/>
1403
1514
  </fingerprint>
1515
+
1404
1516
  <fingerprint pattern="^OpenSSH_for_Windows_([\d.]+)$">
1405
1517
  <description>OpenSSH running on Windows</description>
1406
1518
  <example service.version="7.7">OpenSSH_for_Windows_7.7</example>
@@ -1414,6 +1526,7 @@
1414
1526
  <param pos="0" name="os.product" value="Windows"/>
1415
1527
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1416
1528
  </fingerprint>
1529
+
1417
1530
  <fingerprint pattern="^OpenSSH_(.*) in DesktopAuthority (?:.*)$">
1418
1531
  <description>DesktopAuthority SSH</description>
1419
1532
  <example service.version="3.8">OpenSSH_3.8 in DesktopAuthority 7.1.091</example>
@@ -1427,6 +1540,7 @@
1427
1540
  <param pos="0" name="os.product" value="Windows"/>
1428
1541
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1429
1542
  </fingerprint>
1543
+
1430
1544
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) ((?:PKIX\s+)?FIPS)$">
1431
1545
  <description>OpenSSH with a version and FIPS mode enabled</description>
1432
1546
  <example service.version="5.9" openssh.comment="FIPS">OpenSSH_5.9 FIPS</example>
@@ -1439,6 +1553,7 @@
1439
1553
  <param pos="0" name="service.product" value="OpenSSH"/>
1440
1554
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1441
1555
  </fingerprint>
1556
+
1442
1557
  <fingerprint pattern="^OpenSSH_(\d+\.\d+(?:\.\d+)?(?:p\d+)?) *$">
1443
1558
  <description>OpenSSH with just a version, no comment by vendor</description>
1444
1559
  <example service.version="5.9p1">OpenSSH_5.9p1</example>
@@ -1451,6 +1566,7 @@
1451
1566
  <param pos="0" name="service.product" value="OpenSSH"/>
1452
1567
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:{service.version}"/>
1453
1568
  </fingerprint>
1569
+
1454
1570
  <fingerprint pattern="^OpenSSH$">
1455
1571
  <description>OpenSSH w/o version or comment</description>
1456
1572
  <example>OpenSSH</example>
@@ -1459,7 +1575,9 @@
1459
1575
  <param pos="0" name="service.product" value="OpenSSH"/>
1460
1576
  <param pos="0" name="service.cpe23" value="cpe:/a:openbsd:openssh:-"/>
1461
1577
  </fingerprint>
1578
+
1462
1579
  <!-- SSH-1.99-OpenSSH_4.3p2-4.cern-hpn-CERN-4.3p2-4.cern -->
1580
+
1463
1581
  <!--<fingerprint pattern="^OpenSSH_?([^\s]*)\s*(.*)$">
1464
1582
  <description>Catch all for OpenSSH based SSH servers
1465
1583
  ******************** NOTE ********************
@@ -1472,8 +1590,12 @@
1472
1590
  <param pos="0" name="service.vendor" value="OpenBSD"/>
1473
1591
  <param pos="0" name="service.family" value="OpenSSH"/>
1474
1592
  <param pos="0" name="service.product" value="OpenSSH"/>
1475
- </fingerprint>-->
1593
+ </fingerprint>
1594
+
1595
+ -->
1596
+
1476
1597
  <!-- TODO: Handle "vpn3" banners for Cisco 3000 VPN Concentrators (need example banners first) -->
1598
+
1477
1599
  <fingerprint pattern="^Cisco-(.*)$">
1478
1600
  <description>Cisco SSH banner (could be IOS or PIX), The version always seems to be 1.25</description>
1479
1601
  <example service.version="1.25">Cisco-1.25</example>
@@ -1485,6 +1607,7 @@
1485
1607
  <param pos="0" name="os.certainty" value="0.8"/>
1486
1608
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:-"/>
1487
1609
  </fingerprint>
1610
+
1488
1611
  <fingerprint pattern="^CISCO_WLC$">
1489
1612
  <description>SSH banner from a Cisco WLC (WLC)</description>
1490
1613
  <example>CISCO_WLC</example>
@@ -1494,6 +1617,7 @@
1494
1617
  <param pos="0" name="os.product" value="Wireless LAN Controller"/>
1495
1618
  <param pos="0" name="os.cpe23" value="cpe:/o:cisco:wireless_lan_controller:-"/>
1496
1619
  </fingerprint>
1620
+
1497
1621
  <fingerprint pattern="(?i)^Cleo (\S+)/(\S+) SSH FTP server$">
1498
1622
  <description>Cleo networks Harmony, VLProxy, VLTrader, others</description>
1499
1623
  <example service.product="Harmony" service.version="5.5.0.3">Cleo Harmony/5.5.0.3 SSH FTP server</example>
@@ -1502,6 +1626,7 @@
1502
1626
  <param pos="1" name="service.product"/>
1503
1627
  <param pos="2" name="service.version"/>
1504
1628
  </fingerprint>
1629
+
1505
1630
  <fingerprint pattern="^Sun_SSH_(.*)$">
1506
1631
  <description>Sun SSH banner</description>
1507
1632
  <example service.version="1.1">Sun_SSH_1.1</example>
@@ -1513,6 +1638,7 @@
1513
1638
  <param pos="0" name="os.product" value="Solaris"/>
1514
1639
  <param pos="0" name="os.cpe23" value="cpe:/o:sun:solaris:-"/>
1515
1640
  </fingerprint>
1641
+
1516
1642
  <fingerprint pattern="^SSH Protocol Compatible Server SCS (.*)$">
1517
1643
  <description>Netscreen with version</description>
1518
1644
  <param pos="1" name="service.version"/>
@@ -1525,6 +1651,7 @@
1525
1651
  <param pos="0" name="os.product" value="ScreenOS"/>
1526
1652
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1527
1653
  </fingerprint>
1654
+
1528
1655
  <fingerprint pattern="^NetScreen$">
1529
1656
  <description>Netscreen generic</description>
1530
1657
  <example>NetScreen</example>
@@ -1537,11 +1664,13 @@
1537
1664
  <param pos="0" name="os.product" value="ScreenOS"/>
1538
1665
  <param pos="0" name="os.cpe23" value="cpe:/o:juniper:screenos:-"/>
1539
1666
  </fingerprint>
1667
+
1540
1668
  <fingerprint pattern="^HUAWEI-(?:[\d\.]+)$">
1541
1669
  <description>Huawei generic</description>
1542
1670
  <example>HUAWEI-1.5</example>
1543
1671
  <param pos="0" name="hw.vendor" value="Huawei"/>
1544
1672
  </fingerprint>
1673
+
1545
1674
  <fingerprint pattern="^HUAWEI-UMG(\d+)">
1546
1675
  <description>Huawei Universal Media Gateway</description>
1547
1676
  <example hw.model="8900">HUAWEI-UMG8900</example>
@@ -1550,6 +1679,7 @@
1550
1679
  <param pos="0" name="hw.device" value="Telecom"/>
1551
1680
  <param pos="1" name="hw.model"/>
1552
1681
  </fingerprint>
1682
+
1553
1683
  <fingerprint pattern="^HUAWEI.VRP.([\d\.]+)$">
1554
1684
  <description>Huawei Versatile Routing Platform (VRP)</description>
1555
1685
  <example os.version="3.10" service.version="3.10">HUAWEI-VRP-3.10</example>
@@ -1564,6 +1694,7 @@
1564
1694
  <param pos="0" name="os.product" value="VRP"/>
1565
1695
  <param pos="1" name="os.version"/>
1566
1696
  </fingerprint>
1697
+
1567
1698
  <fingerprint pattern="^([\d.]+)[ _]sshlib:? (?i:GlobalScape)$">
1568
1699
  <description>GlobalScape SSH (which uses Bitvise sshlib)</description>
1569
1700
  <example service.component.version="1.36">1.36_sshlib GlobalSCAPE</example>
@@ -1581,6 +1712,7 @@
1581
1712
  <param pos="0" name="os.product" value="Windows"/>
1582
1713
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1583
1714
  </fingerprint>
1715
+
1584
1716
  <fingerprint pattern="^([^\s]+) sshlib: WinSSHD (.*)$">
1585
1717
  <description>Bitvise WinSSHD (which uses Bitvise sshlib)</description>
1586
1718
  <example service.component.version="1.78" service.version="4.15a">1.78 sshlib: WinSSHD 4.15a</example>
@@ -1597,6 +1729,7 @@
1597
1729
  <param pos="0" name="os.product" value="Windows"/>
1598
1730
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1599
1731
  </fingerprint>
1732
+
1600
1733
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD) ([\d\.]+):?.*$">
1601
1734
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) with version</description>
1602
1735
  <example service.version="5.09" service.component.version="1.03">1.03 FlowSsh: WinSSHD 5.09</example>
@@ -1615,6 +1748,7 @@
1615
1748
  <param pos="0" name="os.product" value="Windows"/>
1616
1749
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1617
1750
  </fingerprint>
1751
+
1618
1752
  <fingerprint pattern="^([^\s]+) FlowSsh: (?:Bitvise SSH Server \(WinSSHD\)|WinSSHD)(?: :.*)?$">
1619
1753
  <description>Bitvise WinSSHD (which uses Bitvise flowssh) without version</description>
1620
1754
  <example service.component.version="9.99">9.99 FlowSsh: Bitvise SSH Server (WinSSHD)</example>
@@ -1631,6 +1765,7 @@
1631
1765
  <param pos="0" name="os.product" value="Windows"/>
1632
1766
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1633
1767
  </fingerprint>
1768
+
1634
1769
  <fingerprint pattern="^([^\s]+) sshlib: MOVEit DMZ SSH (.*)$">
1635
1770
  <description>MOVEit DMZ (which uses Bitvise sshlib)</description>
1636
1771
  <param pos="1" name="service.component.version"/>
@@ -1646,6 +1781,7 @@
1646
1781
  <param pos="0" name="os.product" value="Windows"/>
1647
1782
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1648
1783
  </fingerprint>
1784
+
1649
1785
  <fingerprint pattern="^paramiko_([\d\.]+).*$">
1650
1786
  <description>Paramiko</description>
1651
1787
  <example service.version="2.1.3">paramiko_2.1.3 501 command not implemented ERROR</example>
@@ -1655,6 +1791,7 @@
1655
1791
  <param pos="1" name="service.version"/>
1656
1792
  <param pos="0" name="service.cpe23" value="cpe:/a:paramiko:paramiko:{service.version}"/>
1657
1793
  </fingerprint>
1794
+
1658
1795
  <fingerprint pattern="^Pragma SecureShell\s*(.*)$">
1659
1796
  <description>Pragma SecureShell</description>
1660
1797
  <param pos="1" name="service.version"/>
@@ -1666,6 +1803,7 @@
1666
1803
  <param pos="0" name="os.product" value="Windows"/>
1667
1804
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1668
1805
  </fingerprint>
1806
+
1669
1807
  <fingerprint pattern="^Pragma FortressSSH\s+([\d.]+)(?:\s+\[([\d.:]+)\])?$">
1670
1808
  <description>Pragma FortressSSH</description>
1671
1809
  <example service.version="5.0.9.2031">Pragma FortressSSH 5.0.9.2031</example>
@@ -1680,6 +1818,7 @@
1680
1818
  <param pos="0" name="os.product" value="Windows"/>
1681
1819
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1682
1820
  </fingerprint>
1821
+
1683
1822
  <fingerprint pattern="^RebexSSH_([\d\.]+)$">
1684
1823
  <description>Rbex SSH</description>
1685
1824
  <example service.version="1.0.5.25508">RebexSSH_1.0.5.25508</example>
@@ -1687,12 +1826,14 @@
1687
1826
  <param pos="0" name="service.product" value="SSH"/>
1688
1827
  <param pos="1" name="service.version"/>
1689
1828
  </fingerprint>
1829
+
1690
1830
  <fingerprint pattern="^RGOS_\S+$">
1691
1831
  <description>Ruijie Networks SSH</description>
1692
1832
  <example>RGOS_SSH_1.0</example>
1693
1833
  <example>RGOS_PK3223</example>
1694
1834
  <param pos="0" name="hw.vendor" value="Ruijie"/>
1695
1835
  </fingerprint>
1836
+
1696
1837
  <fingerprint pattern="^VShell_(?:Special_Edition_)?(\d+)_(\d+)_(\d+)_(\d+) VShell$">
1697
1838
  <description>VanDyke VShell - detailed variant</description>
1698
1839
  <example service.version="3" service.version.version="6" service.version.version.version="2" service.version.version.version.version="446">VShell_3_6_2_446 VShell</example>
@@ -1706,6 +1847,7 @@
1706
1847
  <param pos="0" name="service.product" value="VShell"/>
1707
1848
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1708
1849
  </fingerprint>
1850
+
1709
1851
  <fingerprint pattern="^([\s]*)\s*VShell$">
1710
1852
  <description>VanDyke VShell</description>
1711
1853
  <param pos="1" name="service.version"/>
@@ -1714,6 +1856,7 @@
1714
1856
  <param pos="0" name="service.product" value="VShell"/>
1715
1857
  <param pos="0" name="service.cpe23" value="cpe:/a:vandyke:vshell:{service.version}"/>
1716
1858
  </fingerprint>
1859
+
1717
1860
  <fingerprint pattern="^WRQReflection(?i:F)orSecureIT_(.*)$">
1718
1861
  <description>Attachmate Reflection (formerly WRQ Reflection for Secure IT)</description>
1719
1862
  <example service.version="6.1 Build 21">WRQReflectionForSecureIT_6.1 Build 21</example>
@@ -1723,6 +1866,7 @@
1723
1866
  <param pos="0" name="service.family" value="Reflection"/>
1724
1867
  <param pos="0" name="service.product" value="Reflection"/>
1725
1868
  </fingerprint>
1869
+
1726
1870
  <fingerprint pattern="^([^\s]*)\s*F-Secure SSH\s*(?:.*)$">
1727
1871
  <description>Attachmate Reflection (formerly F-Secure SSH)</description>
1728
1872
  <example service.version="3.2.3">3.2.3 F-Secure SSH Windows NT Server</example>
@@ -1731,6 +1875,7 @@
1731
1875
  <param pos="0" name="service.family" value="Reflection"/>
1732
1876
  <param pos="0" name="service.product" value="Reflection"/>
1733
1877
  </fingerprint>
1878
+
1734
1879
  <fingerprint pattern="^([^\s]*)\s*SSH Tectia Server$">
1735
1880
  <description>SSH Communications Security Tectia Server - branded</description>
1736
1881
  <example service.version="6.4.12.353">6.4.12.353 SSH Tectia Server</example>
@@ -1739,6 +1884,7 @@
1739
1884
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1740
1885
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1741
1886
  </fingerprint>
1887
+
1742
1888
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell(?: \(non-commercial\))?$">
1743
1889
  <description>SSH Communications Security Tectia Server</description>
1744
1890
  <example service.version="3.2.9.1">3.2.9.1 SSH Secure Shell (non-commercial)</example>
@@ -1749,6 +1895,7 @@
1749
1895
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1750
1896
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1751
1897
  </fingerprint>
1898
+
1752
1899
  <fingerprint pattern="^([0-9\.]+) SSH Secure Shell Windows NT Server$">
1753
1900
  <description>Unknown Windows SSH server</description>
1754
1901
  <example service.version="4.0.3">4.0.3 SSH Secure Shell Windows NT Server</example>
@@ -1761,6 +1908,7 @@
1761
1908
  <param pos="0" name="service.family" value="SSH Tectia Server"/>
1762
1909
  <param pos="0" name="service.product" value="SSH Tectia Server"/>
1763
1910
  </fingerprint>
1911
+
1764
1912
  <fingerprint pattern="^ARRIS_(.*)$">
1765
1913
  <description>ARRIS device (though not clear which) - www.arrisi.com</description>
1766
1914
  <example service.version="0.50">ARRIS_0.50</example>
@@ -1769,6 +1917,7 @@
1769
1917
  <param pos="0" name="service.product" value="ARRIS"/>
1770
1918
  <param pos="0" name="os.vendor" value="ARRIS"/>
1771
1919
  </fingerprint>
1920
+
1772
1921
  <fingerprint pattern="^Mocana SSH\s?(?:([\d.]+))?$">
1773
1922
  <description>Mocana Embedded SSH</description>
1774
1923
  <example service.version="5.3.1">Mocana SSH 5.3.1</example>
@@ -1778,6 +1927,7 @@
1778
1927
  <param pos="0" name="service.family" value="Embedded SSH Server"/>
1779
1928
  <param pos="0" name="service.product" value="Embedded SSH Server"/>
1780
1929
  </fingerprint>
1930
+
1781
1931
  <fingerprint pattern="^FreSSH\.(.*)$">
1782
1932
  <description>FreSSH</description>
1783
1933
  <example service.version="0.8">FreSSH.0.8</example>
@@ -1785,6 +1935,7 @@
1785
1935
  <param pos="0" name="service.family" value="FreSSH"/>
1786
1936
  <param pos="0" name="service.product" value="FreSSH"/>
1787
1937
  </fingerprint>
1938
+
1788
1939
  <fingerprint pattern="^RomCliSecure_(.*)$">
1789
1940
  <description>RomCliSecure appears to be the Adtran NetVanta products</description>
1790
1941
  <example service.version="4.12">RomCliSecure_4.12</example>
@@ -1796,6 +1947,7 @@
1796
1947
  <param pos="0" name="os.family" value="NetVanta"/>
1797
1948
  <param pos="0" name="os.product" value="NetVanta"/>
1798
1949
  </fingerprint>
1950
+
1799
1951
  <fingerprint pattern="^.*MultiNet.*$">
1800
1952
  <description>Process Software MultiNet is a suite of network apps for OpenVMS</description>
1801
1953
  <param pos="0" name="service.vendor" value="Process Software"/>
@@ -1806,12 +1958,14 @@
1806
1958
  <param pos="0" name="os.product" value="OpenVMS"/>
1807
1959
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1808
1960
  </fingerprint>
1961
+
1809
1962
  <fingerprint pattern="^dropbear$">
1810
1963
  <description>Dropbear w/o version - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1811
1964
  <example>dropbear</example>
1812
1965
  <param pos="0" name="service.family" value="Dropbear"/>
1813
1966
  <param pos="0" name="service.product" value="Dropbear"/>
1814
1967
  </fingerprint>
1968
+
1815
1969
  <fingerprint pattern="^dropbear_(.*)$">
1816
1970
  <description>Dropbear - http://matt.ucc.asn.au/dropbear/dropbear.html</description>
1817
1971
  <example service.version="2015.67">dropbear_2015.67</example>
@@ -1820,6 +1974,7 @@
1820
1974
  <param pos="0" name="service.family" value="Dropbear"/>
1821
1975
  <param pos="0" name="service.product" value="Dropbear"/>
1822
1976
  </fingerprint>
1977
+
1823
1978
  <fingerprint pattern="^lancom$">
1824
1979
  <description>LANCOM Systems - http://www.lancom-systems.de/</description>
1825
1980
  <example>lancom</example>
@@ -1828,6 +1983,7 @@
1828
1983
  <param pos="0" name="service.product" value="SSH"/>
1829
1984
  <param pos="0" name="os.vendor" value="LANCOM Systems"/>
1830
1985
  </fingerprint>
1986
+
1831
1987
  <fingerprint pattern="^0$">
1832
1988
  <description>MOVEit DMZ</description>
1833
1989
  <example>0</example>
@@ -1839,6 +1995,7 @@
1839
1995
  <param pos="0" name="os.product" value="Windows"/>
1840
1996
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1841
1997
  </fingerprint>
1998
+
1842
1999
  <fingerprint pattern="^Comware-(\d+\.?\d*\.?\d*)$">
1843
2000
  <description>SSH on H3C Comware</description>
1844
2001
  <example os.version="5.20.105">Comware-5.20.105</example>
@@ -1851,6 +2008,7 @@
1851
2008
  <param pos="0" name="os.family" value="Comware"/>
1852
2009
  <param pos="1" name="os.version"/>
1853
2010
  </fingerprint>
2011
+
1854
2012
  <fingerprint pattern="^Data ONTAP SSH [\d\.]+$">
1855
2013
  <description>SSH NetApp appliances</description>
1856
2014
  <example>Data ONTAP SSH 1.0</example>
@@ -1859,12 +2017,13 @@
1859
2017
  <param pos="0" name="os.product" value="Data ONTAP"/>
1860
2018
  <param pos="0" name="os.cpe23" value="cpe:/o:netapp:data_ontap:-"/>
1861
2019
  </fingerprint>
2020
+
1862
2021
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH Secure Shell OpenVMS V\d+\.\d+$">
1863
2022
  <description>SSH for OpenVMS</description>
1864
2023
  <example service.component.version="3.2.0">3.2.0 SSH Secure Shell OpenVMS V5.5</example>
1865
2024
  <example service.component.version="2.4.1">2.4.1 SSH Secure Shell OpenVMS V1.0</example>
1866
2025
  <param pos="1" name="service.component.version"/>
1867
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2026
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1868
2027
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1869
2028
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1870
2029
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1876,12 +2035,13 @@
1876
2035
  <param pos="0" name="os.certainty" value="0.75"/>
1877
2036
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:openvms:-"/>
1878
2037
  </fingerprint>
2038
+
1879
2039
  <fingerprint pattern="^(\d\.\d+\.\d+) SSH (?:Secure Shell )?OpenVMS V\d\.\d VMS_sftp_version (\d)$">
1880
2040
  <description>SSH for OpenVMS sftp</description>
1881
2041
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH Secure Shell OpenVMS V5.5 VMS_sftp_version 3</example>
1882
2042
  <example service.component.version="3.2.0" service.version="3">3.2.0 SSH OpenVMS V5.5 VMS_sftp_version 3</example>
1883
2043
  <param pos="1" name="service.component.version"/>
1884
- <param pos="0" name="service.component.vendor" value="SSH Communication Security"/>
2044
+ <param pos="0" name="service.component.vendor" value="SSH Communications Security"/>
1885
2045
  <param pos="0" name="service.component.family" value="SSH Secure Shell"/>
1886
2046
  <param pos="0" name="service.component.product" value="SSH Secure Shell"/>
1887
2047
  <param pos="0" name="service.vendor" value="HP"/>
@@ -1892,6 +2052,7 @@
1892
2052
  <param pos="0" name="os.family" value="OpenVMS"/>
1893
2053
  <param pos="0" name="os.certainty" value="0.75"/>
1894
2054
  </fingerprint>
2055
+
1895
2056
  <fingerprint pattern="^\S+ SSH Secure Shell Tru64 UNIX$">
1896
2057
  <description>Digital/Compaq/HP Tru64 Unix</description>
1897
2058
  <example>3.2.0 SSH Secure Shell Tru64 UNIX</example>
@@ -1900,6 +2061,7 @@
1900
2061
  <param pos="0" name="os.product" value="Tru64 Unix"/>
1901
2062
  <param pos="0" name="os.cpe23" value="cpe:/o:hp:tru64:-"/>
1902
2063
  </fingerprint>
2064
+
1903
2065
  <fingerprint pattern="^ROSSSH$">
1904
2066
  <description>MikroTik RouterOS sshd</description>
1905
2067
  <example>ROSSSH</example>
@@ -1909,9 +2071,11 @@
1909
2071
  <param pos="0" name="os.product" value="RouterOS"/>
1910
2072
  <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
1911
2073
  </fingerprint>
2074
+
1912
2075
  <!-- xlightftpd is an ftp server that also supports SFTP. The SFTP
1913
2076
  server appears in ssh studies, thus this banner is here, and
1914
2077
  not in ftp_banners.xml-->
2078
+
1915
2079
  <fingerprint pattern="^xlightftpd_release_([\d.]+)$">
1916
2080
  <description>Xlight FTP Server</description>
1917
2081
  <example service.version="3.8.3.6.1">xlightftpd_release_3.8.3.6.1</example>
@@ -1924,6 +2088,7 @@
1924
2088
  <param pos="0" name="os.product" value="Windows"/>
1925
2089
  <param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
1926
2090
  </fingerprint>
2091
+
1927
2092
  <fingerprint pattern="^libssh[-_]([\d.]+)$">
1928
2093
  <description>SSH server utilising libssh</description>
1929
2094
  <example service.version="0.6.0">libssh-0.6.0</example>
@@ -1934,6 +2099,7 @@
1934
2099
  <param pos="0" name="service.vendor" value="libssh"/>
1935
2100
  <param pos="0" name="service.cpe23" value="cpe:/a:libssh:libssh:{service.version}"/>
1936
2101
  </fingerprint>
2102
+
1937
2103
  <fingerprint pattern="^WeOnlyDo ([\d.]+)$">
1938
2104
  <description>WeOnlyDo with version</description>
1939
2105
  <example service.version="1.2.7">WeOnlyDo 1.2.7</example>
@@ -1944,6 +2110,7 @@
1944
2110
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1945
2111
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1946
2112
  </fingerprint>
2113
+
1947
2114
  <fingerprint pattern="^WeOnlyDo ([\d.]+) \(FIPS\)$">
1948
2115
  <description>WeOnlyDo with version with FIPS mode enabled</description>
1949
2116
  <example service.version="2.2.9">WeOnlyDo 2.2.9 (FIPS)</example>
@@ -1953,6 +2120,7 @@
1953
2120
  <param pos="0" name="service.vendor" value="WeOnlyDo"/>
1954
2121
  <param pos="0" name="service.product" value="WeOnlyDo SSH Server"/>
1955
2122
  </fingerprint>
2123
+
1956
2124
  <!--
1957
2125
  1.2.22j4rad
1958
2126
  2.40
@@ -1961,8 +2129,10 @@ Server-VII
1961
2129
  9.9.1
1962
2130
  IPSSH-1.10.0
1963
2131
  -->
2132
+
1964
2133
  <!--
1965
2134
  Possibly Nortel Passport
1966
2135
  SSH_2.1.1
1967
2136
  -->
1968
- </fingerprints>
2137
+
2138
+ </fingerprints>