recog 3.1.26 → 3.1.28

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1e095d5c5e70f2cc886f7c8c25bd0a36eaef4c996f4dd1136fa511505ea3bca0
-  data.tar.gz: 26e9d3ec04eeca9fe906a8c574aee69fc934f21b0dc5e6d4402690148d46d9ac
+  metadata.gz: '080a93966a4a26d07ec5e967792d64e844a830deeb8aaa7903ef02a4ba388006'
+  data.tar.gz: d23323a4842ea86d93ca5f651c57099d38e1a14211418850bf9f2d860a84def8
 SHA512:
-  metadata.gz: 592b77b6c2aef5e423c4de88689134f937799696ffea03bcf5ca2e0086f8539b02c73138de8770b5e62ed281106aa497681f9b22a5562b440fe0f30a09512b6e
-  data.tar.gz: '038647c69961844d9a0c1da83d0c91d5563e20f0dfd615fde16685b2402227035c4bfa136806af3aa7d225057dfdba53dff7c78ebba75bdc88c9c26241ac55a5'
+  metadata.gz: 70ae7a6aef0755cf8695acd65fe1374ddda9b12dff2456d3381b32ca01abebe8ee7ea6b6a9f7cf7082cb54a9e71828ce3916f4bfb9c8b5302a6c37de0e1dec62
+  data.tar.gz: a169287c75a6d9f9861537441621031f6f0a5b80206b19f40e29662d8055b4f9ad6a9771565ab6da752ffae6d1c9b42dad3dc3381a6f5842769139316dbce017

data/lib/recog/fingerprint.rb

@@ -104,7 +104,7 @@ module Recog
 
       # Use the protocol specified in the XML database if there isn't one
       # provided as part of this fingerprint.
-      result['service.protocol'] = @protocol if @protocol && !(result['service.protocol'])
+      result['service.protocol'] = @protocol if @protocol && !result['service.protocol']
 
       result['fingerprint_db'] = @match_key if @match_key
 
@@ -123,7 +123,7 @@ module Recog
             # standard of '-' for the version, otherwise raise and exception as
             # this code currently does not handle interpolation of undefined
             # values in other cases.
-            raise "Invalid use of nil interpolated non-version value #{replacement} in non-cpe23 fingerprint param #{replacement_k}" unless replacement_k =~ (/\.cpe23$/) && replacement =~ (/\.version$/)
+            raise "Invalid use of nil interpolated non-version value #{replacement} in non-cpe23 fingerprint param #{replacement_k}" unless replacement_k =~ /\.cpe23$/ && replacement =~ /\.version$/
 
             result[replacement_k] = result[replacement_k].gsub(/\{#{replacement}\}/, '-')
 

data/lib/recog/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Recog
-  VERSION = '3.1.26'
+  VERSION = '3.1.28'
 end

data/recog/xml/ntp_banners.xml

@@ -365,7 +365,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:citrix:netscaler_firmware:{os.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
+  <fingerprint pattern="version=&quot;ntpd ([^ ]+)[^&quot;]+&quot;,.*processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([\d][^ ]*)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntpd running on FreeBSD</description>
     <example service.version="4.2.6p2@1.2194" os.arch="i386" os.version="7.4-PRERELEASE">
       version="ntpd 4.2.6p2@1.2194 Wed Nov 24 15:54:11 UTC 2010 (1)",
@@ -382,7 +382,7 @@
     <param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:{os.version}"/>
   </fingerprint>
 
-  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([^ ]+)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
+  <fingerprint pattern="processor=&quot;([^ ]+)&quot;,.*system=&quot;FreeBSD/?([\d][^ ]*)&quot;" flags="REG_DOT_NEWLINE,REG_ICASE">
     <description>ntp without a version on FreeBSD</description>
     <example os.arch="i386" os.version="4.1-RELEASE">
       processor="i386", system="FreeBSD4.1-RELEASE"
@@ -1318,4 +1318,4 @@
     <param pos="1" name="service.version"/>
   </fingerprint>
 
-</fingerprints>
+</fingerprints>

data/recog/xml/snmp_sysdescr.xml

@@ -6503,6 +6503,19 @@ Copyright (c) 1995-2005 by Cisco Systems
   <!--======================================================================
                               SonicWall
    =======================================================================-->
+  <fingerprint pattern="^SonicWALL (\S+)\s+(\d+)\s*\(SonicOS[X]?\s+(\d[^\)]+)\)\s*$">
+    <description>SonicWall Gen7 - SonicOS without Enhanced keyword</description>
+    <example hw.product="TZ" hw.model="670" os.version="7.1.3-7015-R6965">SonicWALL TZ 670 (SonicOS 7.1.3-7015-R6965)</example>
+    <example hw.product="NSv" hw.model="270" os.version="7.1.3-7015-R6965">SonicWALL NSv 270 (SonicOSX 7.1.3-7015-R6965)</example>
+    <param pos="0" name="os.vendor" value="SonicWall"/>
+    <param pos="0" name="os.device" value="Firewall"/>
+    <param pos="0" name="os.product" value="SonicOS"/>
+    <param pos="0" name="hw.vendor" value="SonicWall"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.model"/>
+    <param pos="3" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
+  </fingerprint>
 
   <fingerprint pattern="^SonicWALL (\S+)\s*(\d+).*?\(SonicOS \S+ (\d[^\)]+)\)\s*$">
     <description>SonicWall - SonicOS Enhanced variant</description>

data/spec/lib/recog/match_reporter_spec.rb

@@ -17,7 +17,7 @@ describe Recog::MatchReporter do
 
   describe '#report' do
     it 'prints matches' do
-      expect(formatter).to receive(:success_message).with('MATCH: {"data"=>"a match"}')
+      expect(formatter).to receive(:success_message).with(a_string_matching(/\AMATCH: \{\s*"data"\s*=>\s*"a match"\s*\}\z/))
       run_report
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 3.1.26
+  version: 3.1.28
 platform: ruby
 authors:
 - Rapid7 Research
@@ -35,7 +35,7 @@ cert_chain:
   XXBvE6wC6iokirNlDvZlbO9G18iiVLdwQrWvhAiMXpuLobG6mXRnm2nRjGAbeluj
   F5KvN7/Jo4xic61stZ/n41BgEGMdZhzI20QStLGk6rsnKhmlXs1TKFr9NQRr4Hz/
   -----END CERTIFICATE-----
-date: 2026-02-18 00:00:00.000000000 Z
+date: 2026-05-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec