recog 3.0.1 → 3.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/recog/match_reporter.rb +37 -3
- data/lib/recog/matcher.rb +5 -10
- data/lib/recog/version.rb +1 -1
- data/recog/bin/recog_match +20 -6
- data/recog/xml/dhcp_vendor_class.xml +219 -2
- data/recog/xml/favicons.xml +152 -48
- data/recog/xml/ftp_banners.xml +11 -0
- data/recog/xml/html_title.xml +128 -19
- data/recog/xml/http_cookies.xml +25 -7
- data/recog/xml/http_servers.xml +79 -5
- data/recog/xml/http_wwwauth.xml +8 -0
- data/recog/xml/imap_banners.xml +28 -16
- data/recog/xml/pop_banners.xml +8 -8
- data/recog/xml/tls_jarm.xml +6 -6
- data/recog/xml/x509_issuers.xml +8 -0
- data/recog/xml/x509_subjects.xml +29 -0
- data/spec/lib/recog/match_reporter_spec.rb +22 -8
- data.tar.gz.sig +0 -0
- metadata +91 -6
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: f61ccb4f953facea4bbf95ccbd3deb144d8f0763d9be1355cba70a6eb4dc9c79
|
4
|
+
data.tar.gz: 8fa728463dfc0f3dd783fd3f535965b70e62f6e47eb8960e269076e6ddf3c43f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 1f2ed5453f4dc800bcf750592ca16ec25f89c2e93ec7528b2a2a71bada7399bd5d3ea149acb1888006826d8fea0b4a6186b3c7ea4a519febebe99e3be8c6efcf
|
7
|
+
data.tar.gz: c515c0183b55cf8a38dd03d2865d7ef208c75930854b00f69ade77494b0fe0f7162d244a5806d9451ec7442675c93c2070d2a59ef25d1355b241f4a0922c5d7a
|
checksums.yaml.gz.sig
ADDED
Binary file
|
data/lib/recog/match_reporter.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
require 'json'
|
2
|
+
|
1
3
|
module Recog
|
2
4
|
class MatchReporter
|
3
5
|
attr_reader :formatter
|
@@ -24,14 +26,46 @@ class MatchReporter
|
|
24
26
|
@line_count += 1
|
25
27
|
end
|
26
28
|
|
27
|
-
def match(
|
29
|
+
def match(match_data)
|
28
30
|
@match_count += 1
|
29
|
-
|
31
|
+
if @options.json_format
|
32
|
+
# remove data field from all matches and promote to a top-level field
|
33
|
+
data_field = match_data[0]["data"]
|
34
|
+
match_data.each { |h| h.delete("data") }
|
35
|
+
new_object = {
|
36
|
+
'data' => data_field,
|
37
|
+
}
|
38
|
+
|
39
|
+
if @options.multi_match
|
40
|
+
new_object['matches'] = match_data
|
41
|
+
else
|
42
|
+
new_object['match'] = match_data[0]
|
43
|
+
end
|
44
|
+
msg = new_object.to_json
|
45
|
+
else
|
46
|
+
match_prefix = match_data.size > 1 ? 'MATCHES' : 'MATCH'
|
47
|
+
msg = "#{match_prefix}: #{match_data.map(&:inspect).join(',')}"
|
48
|
+
end
|
49
|
+
formatter.success_message("#{msg}")
|
30
50
|
end
|
31
51
|
|
32
52
|
def failure(text)
|
33
53
|
@fail_count += 1
|
34
|
-
|
54
|
+
if @options.json_format
|
55
|
+
new_object = {
|
56
|
+
'data' => text,
|
57
|
+
'match_failure' => true
|
58
|
+
}
|
59
|
+
if @options.multi_match
|
60
|
+
new_object['matches'] = nil
|
61
|
+
else
|
62
|
+
new_object['match'] = nil
|
63
|
+
end
|
64
|
+
msg = new_object.to_json
|
65
|
+
else
|
66
|
+
msg = "FAIL: #{text}"
|
67
|
+
end
|
68
|
+
formatter.failure_message("#{msg}")
|
35
69
|
end
|
36
70
|
|
37
71
|
def print_summary
|
data/lib/recog/matcher.rb
CHANGED
@@ -29,26 +29,21 @@ class Matcher
|
|
29
29
|
line = line.to_s.unpack("C*").pack("C*").strip.gsub(/\\[rn]/, '')
|
30
30
|
found_extractions = false
|
31
31
|
|
32
|
-
|
32
|
+
extraction_data = []
|
33
33
|
fingerprints.each do |fp|
|
34
34
|
extractions = fp.match(line)
|
35
35
|
if extractions
|
36
36
|
found_extractions = true
|
37
37
|
extractions['data'] = line
|
38
|
-
|
39
|
-
|
40
|
-
else
|
41
|
-
reporter.match "MATCH: #{extractions.inspect}"
|
42
|
-
break
|
43
|
-
end
|
38
|
+
extraction_data << extractions
|
39
|
+
break unless multi_match
|
44
40
|
end
|
45
41
|
end
|
46
42
|
|
47
43
|
if found_extractions
|
48
|
-
|
49
|
-
reporter.match "#{match_prefix}: #{all_extractions.map(&:inspect).join(',')}" if multi_match
|
44
|
+
reporter.match extraction_data
|
50
45
|
else
|
51
|
-
reporter.failure
|
46
|
+
reporter.failure line
|
52
47
|
end
|
53
48
|
|
54
49
|
if reporter.stop?
|
data/lib/recog/version.rb
CHANGED
data/recog/bin/recog_match
CHANGED
@@ -5,7 +5,7 @@ require 'ostruct'
|
|
5
5
|
require 'recog'
|
6
6
|
require 'recog/matcher_factory'
|
7
7
|
|
8
|
-
options = OpenStruct.new(color: false, detail: false, fail_fast: false, multi_match: false)
|
8
|
+
options = OpenStruct.new(color: false, detail: false, json_format: false, fail_fast: false, multi_match: false)
|
9
9
|
|
10
10
|
option_parser = OptionParser.new do |opts|
|
11
11
|
opts.banner = "Usage: #{$0} [options] XML_FINGERPRINT_FILE [BANNERS_FILE]"
|
@@ -13,12 +13,18 @@ option_parser = OptionParser.new do |opts|
|
|
13
13
|
opts.separator ""
|
14
14
|
opts.separator "Options"
|
15
15
|
|
16
|
-
opts.on("-f", "--format FORMATTER",
|
16
|
+
opts.on("-f", "--format FORMATTER", [:summary, :detail, :json],
|
17
17
|
"Choose a formatter.",
|
18
18
|
" [s]ummary (default - failure/match msgs)",
|
19
|
-
" [d]etail (msgs with total counts)"
|
20
|
-
|
19
|
+
" [d]etail (msgs with total counts)",
|
20
|
+
" [j]son (JSON failure/match msgs)") do |format|
|
21
|
+
if format == :summary
|
22
|
+
options.detail = false
|
23
|
+
options.json_format = false
|
24
|
+
elsif format == :detail
|
21
25
|
options.detail = true
|
26
|
+
elsif format == :json
|
27
|
+
options.json_format = true
|
22
28
|
end
|
23
29
|
end
|
24
30
|
|
@@ -41,9 +47,17 @@ option_parser = OptionParser.new do |opts|
|
|
41
47
|
exit
|
42
48
|
end
|
43
49
|
end
|
44
|
-
option_parser.parse!(ARGV)
|
45
50
|
|
46
|
-
|
51
|
+
|
52
|
+
begin
|
53
|
+
option_parser.parse!(ARGV)
|
54
|
+
rescue OptionParser::ParseError => e
|
55
|
+
puts e.message
|
56
|
+
puts option_parser
|
57
|
+
exit(1)
|
58
|
+
end
|
59
|
+
|
60
|
+
if ARGV.count < 1 || ARGV.count > 2
|
47
61
|
puts option_parser
|
48
62
|
exit(1)
|
49
63
|
end
|
@@ -8,13 +8,17 @@
|
|
8
8
|
and inform (8) messages.
|
9
9
|
-->
|
10
10
|
|
11
|
-
<fingerprint pattern="^
|
11
|
+
<fingerprint pattern="^[Mm]fg=(?:Fuji)?(?i:Xerox);[Tt]yp=(?:MFP|AIO|[Pp]rinter);[Mm]od=(?:Xerox )?(\S+) ([a-zA-Z0-9]+).*;[Ss]er=([A-Z0-9]{9,10})(?:;[Ll]oc=.*)?$">
|
12
12
|
<description>Xerox Multifunction Printer</description>
|
13
13
|
<example hw.family="VersaLink" hw.model="C405" hw.serial_number="ABC123456">Mfg=Xerox;Typ=MFP;Mod=VersaLink C405;Ser=ABC123456;Loc=Print Room</example>
|
14
14
|
<example hw.family="AltaLink" hw.model="C8055" hw.serial_number="1AB234567">Mfg=Xerox;Typ=MFP;Mod=Xerox AltaLink C8055 Multifunction Printer;Ser=1AB234567;Loc=Print Room2</example>
|
15
15
|
<example hw.family="WorkCentre" hw.model="3345" hw.serial_number="1AB234567">Mfg=XEROX;Typ=MFP;Mod=WorkCentre 3345;Ser=1AB234567;Loc=</example>
|
16
16
|
<example hw.family="WorkCentre" hw.model="7845" hw.serial_number="AB1234567">Mfg=Xerox;Typ=MFP;Mod=Xerox WorkCentre 7845 v1 Multifunction System;Ser=AB1234567;Loc=</example>
|
17
17
|
<example hw.family="Phaser" hw.model="6500DN" hw.serial_number="ABC123456">Mfg=FujiXerox;Typ=printer;Mod=Phaser 6500DN;Ser=ABC123456</example>
|
18
|
+
<example hw.family="Phaser" hw.model="6600DN" hw.serial_number="ABC123456">Mfg=Xerox;Typ=Printer;Mod=Phaser 6600DN;Ser=ABC123456;Loc=</example>
|
19
|
+
<example hw.family="AltaLink" hw.model="B8045" hw.serial_number="A1B234567">mfg=Xerox;typ=MFP;mod=Xerox AltaLink B8045 MFP;ser=A1B234567;loc=Print Room 3</example>
|
20
|
+
<example hw.family="VersaLink" hw.model="B7035" hw.serial_number="1AB234567C">Mfg=Xerox;Typ=MFP;Mod=VersaLink B7035;Ser=1AB234567C</example>
|
21
|
+
<example hw.family="WorkCentre" hw.model="3615" hw.serial_number="A1B234567">Mfg=Xerox;Typ=AIO;Mod=WorkCentre 3615;Ser=A1B234567</example>
|
18
22
|
<param pos="0" name="hw.device" value="Printer"/>
|
19
23
|
<param pos="0" name="hw.vendor" value="Xerox"/>
|
20
24
|
<param pos="1" name="hw.family"/>
|
@@ -95,9 +99,44 @@
|
|
95
99
|
<param pos="0" name="os.device" value="Printer"/>
|
96
100
|
</fingerprint>
|
97
101
|
|
98
|
-
<fingerprint pattern="^
|
102
|
+
<fingerprint pattern="^Mfg=DELL;Typ=Printer;Mod=Dell ([A-Z]?\d{4}dn)(?:\sLaser Printer)?;Ser=([A-Z0-9]{7});$">
|
103
|
+
<description>Dell Laser Printer</description>
|
104
|
+
<example hw.model="B2360dn" hw.serial_number="ABCDEF1">Mfg=DELL;Typ=Printer;Mod=Dell B2360dn Laser Printer;Ser=ABCDEF1;</example>
|
105
|
+
<example hw.model="2330dn" hw.serial_number="123ABCD">Mfg=DELL;Typ=Printer;Mod=Dell 2330dn Laser Printer;Ser=123ABCD;</example>
|
106
|
+
<example hw.model="S2830dn" hw.serial_number="1A2BC34">Mfg=DELL;Typ=Printer;Mod=Dell S2830dn;Ser=1A2BC34;</example>
|
107
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
108
|
+
<param pos="0" name="hw.vendor" value="Dell"/>
|
109
|
+
<param pos="1" name="hw.model"/>
|
110
|
+
<param pos="2" name="hw.serial_number"/>
|
111
|
+
<param pos="0" name="os.vendor" value="Dell"/>
|
112
|
+
<param pos="0" name="os.device" value="Printer"/>
|
113
|
+
</fingerprint>
|
114
|
+
|
115
|
+
<fingerprint pattern="^Mfg=Dell;Typ=printer;Mod=Dell Color Printer (S\d{4}cdn);Ser=([0-9]{6})$">
|
116
|
+
<description>Dell Color Printer</description>
|
117
|
+
<example hw.model="S3840cdn" hw.serial_number="123456">Mfg=Dell;Typ=printer;Mod=Dell Color Printer S3840cdn;Ser=123456</example>
|
118
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
119
|
+
<param pos="0" name="hw.vendor" value="Dell"/>
|
120
|
+
<param pos="1" name="hw.model"/>
|
121
|
+
<param pos="2" name="hw.serial_number"/>
|
122
|
+
<param pos="0" name="os.vendor" value="Dell"/>
|
123
|
+
<param pos="0" name="os.device" value="Printer"/>
|
124
|
+
</fingerprint>
|
125
|
+
|
126
|
+
<fingerprint pattern="^Dell Color MFP (S\d{4}cdn)$$">
|
127
|
+
<description>Dell Color Multifunction Printer</description>
|
128
|
+
<example hw.model="S2825cdn">Dell Color MFP S2825cdn</example>
|
129
|
+
<param pos="0" name="hw.device" value="Printer"/>
|
130
|
+
<param pos="0" name="hw.vendor" value="Dell"/>
|
131
|
+
<param pos="1" name="hw.model"/>
|
132
|
+
<param pos="0" name="os.vendor" value="Dell"/>
|
133
|
+
<param pos="0" name="os.device" value="Printer"/>
|
134
|
+
</fingerprint>
|
135
|
+
|
136
|
+
<fingerprint pattern="^(?:Polycom|Poly)-(VVX(?:-[A-Z])?\d{3})$">
|
99
137
|
<description>Polycom IP Phone</description>
|
100
138
|
<example hw.product="VVX410" hw.model="VVX410">Polycom-VVX410</example>
|
139
|
+
<example hw.product="VVX-D230" hw.model="VVX-D230">Poly-VVX-D230</example>
|
101
140
|
<param pos="0" name="hw.device" value="VoIP"/>
|
102
141
|
<param pos="0" name="hw.vendor" value="Polycom"/>
|
103
142
|
<param pos="0" name="hw.family" value="VVX"/>
|
@@ -106,6 +145,37 @@
|
|
106
145
|
<param pos="0" name="os.vendor" value="Polycom"/>
|
107
146
|
</fingerprint>
|
108
147
|
|
148
|
+
<fingerprint pattern="^Polycom-SSIP([4-7]000)$">
|
149
|
+
<description>Polycom SoundStation IP Phone</description>
|
150
|
+
<example hw.product="SoundStation IP 6000" hw.model="6000">Polycom-SSIP6000</example>
|
151
|
+
<example hw.product="SoundStation IP 7000" hw.model="7000">Polycom-SSIP7000</example>
|
152
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
153
|
+
<param pos="0" name="hw.vendor" value="Polycom"/>
|
154
|
+
<param pos="0" name="hw.family" value="SoundStation IP"/>
|
155
|
+
<param pos="1" name="hw.model"/>
|
156
|
+
<param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
|
157
|
+
</fingerprint>
|
158
|
+
|
159
|
+
<fingerprint pattern="^digium_(D\d{2})_(\d_\d{1,2}_\d{1,2})$">
|
160
|
+
<description>Digium D Series IP Phone</description>
|
161
|
+
<example hw.model="D65" os.version="2_9_10">digium_D65_2_9_10</example>
|
162
|
+
<param pos="0" name="hw.vendor" value="Digium"/>
|
163
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
164
|
+
<param pos="1" name="hw.model"/>
|
165
|
+
<param pos="0" name="os.vendor" value="Digium"/>
|
166
|
+
<param pos="0" name="os.product" value="Digium Firmware"/>
|
167
|
+
<param pos="2" name="os.version"/>
|
168
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
169
|
+
</fingerprint>
|
170
|
+
|
171
|
+
<fingerprint pattern="^ipphone.mitel.com$">
|
172
|
+
<description>Mitel IP Phone</description>
|
173
|
+
<example>ipphone.mitel.com</example>
|
174
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
175
|
+
<param pos="0" name="hw.vendor" value="Mitel"/>
|
176
|
+
<param pos="0" name="os.device" value="VoIP"/>
|
177
|
+
</fingerprint>
|
178
|
+
|
109
179
|
<fingerprint pattern="^Aruba\s(JL\d+A)\s(\d+[A-Z]?)\S+\sSwitch(?:\sdslforum.org)?$">
|
110
180
|
<description>HP Aruba Network Switch</description>
|
111
181
|
<example hw.model="JL075A" hw.product="3810M">Aruba JL075A 3810M-16SFP+-2-slot Switch</example>
|
@@ -171,6 +241,16 @@
|
|
171
241
|
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:{os.version}"/>
|
172
242
|
</fingerprint>
|
173
243
|
|
244
|
+
<fingerprint pattern="^HUAWEI:android:" certainty="0.8">
|
245
|
+
<description>Huawei Android Device</description>
|
246
|
+
<example>HUAWEI:android:ABC</example>
|
247
|
+
<param pos="0" name="hw.vendor" value="Huawei"/>
|
248
|
+
<param pos="0" name="os.vendor" value="Google"/>
|
249
|
+
<param pos="0" name="os.family" value="Linux"/>
|
250
|
+
<param pos="0" name="os.product" value="Android"/>
|
251
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:android:-"/>
|
252
|
+
</fingerprint>
|
253
|
+
|
174
254
|
<fingerprint pattern="^dhcpcd-(?:[\d\.]+):Linux-([\d\.]+).*:(\S*):">
|
175
255
|
<description>Linux</description>
|
176
256
|
<example os.version="4.14.78" os.arch="armv7l">dhcpcd-6.11.5:Linux-4.14.78:armv7l:Freescale</example>
|
@@ -203,4 +283,141 @@
|
|
203
283
|
<param pos="0" name="os.family" value="Windows"/>
|
204
284
|
</fingerprint>
|
205
285
|
|
286
|
+
<fingerprint pattern="^(?i)Cisco Systems Inc\. Wireless Phone (\d{4}g?)$" certainty="0.8">
|
287
|
+
<description>Cisco Wireless Phone</description>
|
288
|
+
<example hw.model="7920">Cisco Systems Inc. Wireless Phone 7920</example>
|
289
|
+
<example hw.model="7925G">Cisco Systems Inc. Wireless Phone 7925G</example>
|
290
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
291
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
292
|
+
<param pos="1" name="hw.model"/>
|
293
|
+
<param pos="0" name="hw.product" value="Unified Wireless IP Phone {hw.model}"/>
|
294
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
295
|
+
<param pos="0" name="os.product" value="Unified Wireless IP Phone {hw.model} Firmware"/>
|
296
|
+
</fingerprint>
|
297
|
+
|
298
|
+
<fingerprint pattern="^Cisco systems, Inc\. IP Phone CP(39\d{2})$" certainty="0.8">
|
299
|
+
<description>Cisco SIP Phone</description>
|
300
|
+
<example hw.model="3911">Cisco systems, Inc. IP Phone CP3911</example>
|
301
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
302
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
303
|
+
<param pos="1" name="hw.model"/>
|
304
|
+
<param pos="0" name="hw.product" value="Unified SIP Phone {hw.model}"/>
|
305
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
306
|
+
<param pos="0" name="os.product" value="Unified SIP Phone {hw.model} Firmware"/>
|
307
|
+
</fingerprint>
|
308
|
+
|
309
|
+
<fingerprint pattern="^Cisco Systems, Inc\. IP Phone CP-(\d{4}(?:G|G-GE|NR)?)$" certainty="0.8">
|
310
|
+
<description>Cisco IP Phone</description>
|
311
|
+
<example hw.model="6921">Cisco Systems, Inc. IP Phone CP-6921</example>
|
312
|
+
<example hw.model="7911G">Cisco Systems, Inc. IP Phone CP-7911G</example>
|
313
|
+
<example hw.model="7941G-GE">Cisco Systems, Inc. IP Phone CP-7941G-GE</example>
|
314
|
+
<example hw.model="8865NR">Cisco Systems, Inc. IP Phone CP-8865NR</example>
|
315
|
+
<param pos="0" name="hw.device" value="VoIP"/>
|
316
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
317
|
+
<param pos="1" name="hw.model"/>
|
318
|
+
<param pos="0" name="hw.product" value="Unified IP Phone {hw.model}"/>
|
319
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
320
|
+
<param pos="0" name="os.product" value="Unified IP Phone {hw.model} Firmware"/>
|
321
|
+
</fingerprint>
|
322
|
+
|
323
|
+
<fingerprint pattern="^Cisco AP c(\d{3,4}[a-z]?)$" certainty="0.8">
|
324
|
+
<description>Cisco Aironet Wireless Access Point</description>
|
325
|
+
<example hw.model="701">Cisco AP c701</example>
|
326
|
+
<example hw.model="1830">Cisco AP c1830</example>
|
327
|
+
<example hw.model="1840i">Cisco AP c1840i</example>
|
328
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
329
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
330
|
+
<param pos="1" name="hw.model"/>
|
331
|
+
<param pos="0" name="hw.product" value="Aironet {hw.model}"/>
|
332
|
+
<param pos="0" name="os.product" value="Aironet {hw.model} Firmware"/>
|
333
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
334
|
+
<param pos="0" name="os.device" value="WAP"/>
|
335
|
+
</fingerprint>
|
336
|
+
|
337
|
+
<fingerprint pattern="^Cisco AP C(9115|9120)AX$" certainty="0.8">
|
338
|
+
<description>Cisco Catalyst 9100 Series Wireless Access Point</description>
|
339
|
+
<example hw.model="9115">Cisco AP C9115AX</example>
|
340
|
+
<example hw.model="9120">Cisco AP C9120AX</example>
|
341
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
342
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
343
|
+
<param pos="1" name="hw.model"/>
|
344
|
+
<param pos="0" name="hw.product" value="Catalyst {hw.model} AP"/>
|
345
|
+
<param pos="0" name="os.product" value="Catalyst {hw.model} AP Firmware"/>
|
346
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
347
|
+
</fingerprint>
|
348
|
+
|
349
|
+
<fingerprint pattern="^Cisco (AP80[123])$" certainty="0.8">
|
350
|
+
<description>Cisco 800 Series Integrated Access Point</description>
|
351
|
+
<example hw.model="AP801">Cisco AP801</example>
|
352
|
+
<example hw.model="AP802">Cisco AP802</example>
|
353
|
+
<example hw.model="AP803">Cisco AP803</example>
|
354
|
+
<param pos="0" name="hw.device" value="WAP"/>
|
355
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
356
|
+
<param pos="1" name="hw.model"/>
|
357
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
358
|
+
</fingerprint>
|
359
|
+
|
360
|
+
<fingerprint pattern="^Cisco AIR-CTVM-K9$" certainty="0.8">
|
361
|
+
<description>Cisco Virtual Wireless Controller</description>
|
362
|
+
<example>Cisco AIR-CTVM-K9</example>
|
363
|
+
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
364
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
365
|
+
<param pos="0" name="hw.model" value="AIR-CTVM-K9"/>
|
366
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
367
|
+
</fingerprint>
|
368
|
+
|
369
|
+
<fingerprint pattern="^Cisco (AIR-CT55\d{2}-K9)$" certainty="0.8">
|
370
|
+
<description>Cisco 5500 Series Wireless Controller</description>
|
371
|
+
<example hw.model="AIR-CT5508-K9">Cisco AIR-CT5508-K9</example>
|
372
|
+
<param pos="0" name="hw.device" value="Wireless Controller"/>
|
373
|
+
<param pos="0" name="hw.vendor" value="Cisco"/>
|
374
|
+
<param pos="1" name="hw.model"/>
|
375
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
376
|
+
</fingerprint>
|
377
|
+
|
378
|
+
<fingerprint pattern="^BrightSign ((?:HS|XD|LS|XT|HD)\d{3,4}(?:-W|-PP)?)$">
|
379
|
+
<description>BrightSign Digital Signage Player</description>
|
380
|
+
<example hw.model="HS124">BrightSign HS124</example>
|
381
|
+
<example hw.model="XD1034">BrightSign XD1034</example>
|
382
|
+
<example hw.model="XD1034-W">BrightSign XD1034-W</example>
|
383
|
+
<example hw.model="LS424-W">BrightSign LS424-W</example>
|
384
|
+
<example hw.model="XT244">BrightSign XT244</example>
|
385
|
+
<example hw.model="HD1023">BrightSign HD1023</example>
|
386
|
+
<example hw.model="XT1144-PP">BrightSign XT1144-PP</example>
|
387
|
+
<param pos="0" name="hw.vendor" value="BrightSign"/>
|
388
|
+
<param pos="0" name="hw.device" value="Media Server"/>
|
389
|
+
<param pos="1" name="hw.model"/>
|
390
|
+
<param pos="0" name="os.vendor" value="BrightSign"/>
|
391
|
+
<param pos="0" name="os.family" value="Linux"/>
|
392
|
+
<param pos="0" name="os.device" value="Media Server"/>
|
393
|
+
<param pos="0" name="os.product" value="{hw.model} Firmware"/>
|
394
|
+
</fingerprint>
|
395
|
+
|
396
|
+
<fingerprint pattern="^iDRAC$">
|
397
|
+
<description>Integrated Dell Remote Access Controller</description>
|
398
|
+
<example>iDRAC</example>
|
399
|
+
<param pos="0" name="hw.vendor" value="Dell"/>
|
400
|
+
<param pos="0" name="hw.product" value="iDRAC"/>
|
401
|
+
</fingerprint>
|
402
|
+
|
403
|
+
<fingerprint pattern="^udhcp(?:c|\s)([0-1]\.\d+\.\d(?:-pre)?)$">
|
404
|
+
<description>Linux System using Busybox</description>
|
405
|
+
<example service.version="1.22.1">udhcp 1.22.1</example>
|
406
|
+
<example service.version="1.21.1">udhcpc1.21.1</example>
|
407
|
+
<example service.version="0.9.9-pre">udhcp 0.9.9-pre</example>
|
408
|
+
<param pos="0" name="service.vendor" value="Busybox"/>
|
409
|
+
<param pos="1" name="service.version"/>
|
410
|
+
<param pos="0" name="os.family" value="Linux"/>
|
411
|
+
<param pos="0" name="os.certainty" value="0.1"/>
|
412
|
+
</fingerprint>
|
413
|
+
|
414
|
+
<fingerprint pattern="^ccp\.avaya\.com$">
|
415
|
+
<description>Avaya device</description>
|
416
|
+
<example>ccp.avaya.com</example>
|
417
|
+
<param pos="0" name="hw.vendor" value="Avaya"/>
|
418
|
+
<param pos="0" name="hw.certainty" value="0.8"/>
|
419
|
+
<param pos="0" name="os.vendor" value="Avaya"/>
|
420
|
+
<param pos="0" name="os.certainty" value="0.8"/>
|
421
|
+
</fingerprint>
|
422
|
+
|
206
423
|
</fingerprints>
|