RubyGems - recog - Versions diffs - 3.1.27 → 3.1.29 - Mend

recog 3.1.27 → 3.1.29

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/lib/recog/fingerprint.rb +2 -2
data/lib/recog/version.rb +1 -1
data/recog/xml/sip_banners.xml +42 -0
data/recog/xml/sip_user_agents.xml +20 -9
data/recog/xml/snmp_sysdescr.xml +13 -0
data/spec/lib/recog/match_reporter_spec.rb +1 -1
data.tar.gz.sig +0 -0
metadata +2 -2
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b262a6c8f84beaf7a3a9fb003e3fee03da3a8ef13f3f5a312c69e8bb4753fe73
-  data.tar.gz: 118bb5f0b94fd7c6ecc5625b05cbeedf88e32711dae592cf8e3cdf9f9a1f271c
+  metadata.gz: fdf4107f2b3c24b69af925f4e8021780a7c6b420af7b059f0a905e42f6c24150
+  data.tar.gz: 83e9888b9a5ccf0a4e29ab7673e7182a09d85c6add1dd6a7dccfab0a8884441e
 SHA512:
-  metadata.gz: 9d137b2880cad5ed5ec9bde7e2056c88b5d0ed38aa2646a20df102302c3b3de761a750671476367f2d63b2a466464f71198373fc3a7292c4314bf6823f4ff3fd
-  data.tar.gz: a65098416198df78d7f40aaf3d0981de87db5c6460df361cd9cd5f2cfa943288bef1e6c879a807dd8cb751b496a123a83325b1bb753f4e5aed473e79e7a4c021
+  metadata.gz: 50536e1cee6eeb725e0465623735a09fa09cd633a4750d5723b3de15795309a3f2d4cd43013d0867cb036672aa9e79455e8f21c6ede538b24670ec15108d8b5d
+  data.tar.gz: 4abe507dbca5605a8eb1ee9a91215f5b7d91f456d3c8fb50a8f3b887c76da583872bfa7483dc8c1ae070fe9f0579699eca93903df2c596c3e3c412d35fd87980

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/lib/recog/fingerprint.rb CHANGED Viewed

@@ -104,7 +104,7 @@ module Recog
       # Use the protocol specified in the XML database if there isn't one
       # provided as part of this fingerprint.
-      result['service.protocol'] = @protocol if @protocol && !(result['service.protocol'])
+      result['service.protocol'] = @protocol if @protocol && !result['service.protocol']
       result['fingerprint_db'] = @match_key if @match_key
@@ -123,7 +123,7 @@ module Recog
             # standard of '-' for the version, otherwise raise and exception as
             # this code currently does not handle interpolation of undefined
             # values in other cases.
-            raise "Invalid use of nil interpolated non-version value #{replacement} in non-cpe23 fingerprint param #{replacement_k}" unless replacement_k =~ (/\.cpe23$/) && replacement =~ (/\.version$/)
+            raise "Invalid use of nil interpolated non-version value #{replacement} in non-cpe23 fingerprint param #{replacement_k}" unless replacement_k =~ /\.cpe23$/ && replacement =~ /\.version$/
             result[replacement_k] = result[replacement_k].gsub(/\{#{replacement}\}/, '-')

data/lib/recog/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Recog
-  VERSION = '3.1.27'
+  VERSION = '3.1.29'
 end

data/recog/xml/sip_banners.xml CHANGED Viewed

@@ -738,4 +738,46 @@
     <param pos="0" name="hw.device" value="Router"/>
   </fingerprint>
+  <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(SoundPoint|VVX|SoundStation)\S+_(\d+)-UA/([\d\.]+)(?:_(.{12}))?$">
+    <description>Polycom SoundPoint, SountdStation, VVX VoIP phones</description>
+    <example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350" hw.model="350" os.version="5.8.0.13337">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
+    <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506" hw.model="400" os.version="4.1.4.7430">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
+    <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501" hw.model="501" os.version="5.5.0.23866">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
+    <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670" hw.model="670" os.version="4.0.7.2514">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
+    <example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000" os.version="4.0.8.1608">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
+    <param pos="0" name="hw.vendor" value="Polycom"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.family"/>
+    <param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
+    <param pos="2" name="hw.model"/>
+    <param pos="3" name="hw.version"/>
+    <param pos="3" name="os.version"/>
+    <param pos="4" name="host.mac"/>
+    <param pos="0" name="os.vendor" value="Polycom"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="os.product" value="{hw.family} {hw.model}"/>
+    <param pos="3" name="os.version"/>
+  </fingerprint>
+  <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(?:RealPresenceTrio)-Trio_(\S+)-UA/([\d\.]+)(?:_(.{12}))?$">
+    <description>Polycom RealPresence Trio Phones</description>
+    <example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800" hw.model="8800" os.version="5.4.0.12197">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
+    <example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+" hw.model="Visual+" os.version="5.7.2.3123">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" os.version="5.4.3.2389">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" host.mac="DEADBEEF0000" os.version="5.4.3.2389">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389_DEADBEEF0000</example>
+    <param pos="0" name="hw.vendor" value="Polycom"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="0" name="hw.family" value="RealPresence"/>
+    <param pos="0" name="hw.product" value="RealPresence Trio {hw.model}"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+    <param pos="2" name="os.version"/>
+    <param pos="3" name="host.mac"/>
+    <param pos="0" name="os.vendor" value="Polycom"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="os.product" value="RealPresence Trio {hw.model}"/>
+    <param pos="2" name="os.version"/>
+  </fingerprint>
 </fingerprints>

data/recog/xml/sip_user_agents.xml CHANGED Viewed

@@ -269,33 +269,44 @@
   <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(SoundPoint|VVX|SoundStation)\S+_(\d+)-UA/([\d\.]+)(?:_(.{12}))?$">
     <description>Polycom SoundPoint, SountdStation, VVX VoIP phones</description>
-    <example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350" hw.model="350">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
-    <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506" hw.model="400">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
-    <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501" hw.model="501">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
-    <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670" hw.model="670">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
-    <example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
+    <example hw.version="5.8.0.13337" hw.family="VVX" hw.product="VVX 350" hw.model="350" os.version="5.8.0.13337">PolycomVVX-VVX_350-UA/5.8.0.13337</example>
+    <example hw.version="4.1.4.7430" hw.family="VVX" hw.product="VVX 400" host.mac="010203040506" hw.model="400" os.version="4.1.4.7430">PolycomVVX-VVX_400-UA/4.1.4.7430_010203040506</example>
+    <example hw.version="5.5.0.23866" hw.family="VVX" hw.product="VVX 501" hw.model="501" os.version="5.5.0.23866">Polycom/5.5.0.23866 PolycomVVX-VVX_501-UA/5.5.0.23866</example>
+    <example hw.version="4.0.7.2514" hw.family="SoundPoint" hw.product="SoundPoint 670" hw.model="670" os.version="4.0.7.2514">PolycomSoundPointIP-SPIP_670-UA/4.0.7.2514</example>
+    <example hw.version="4.0.8.1608" hw.model="7000" hw.family="SoundStation" hw.product="SoundStation 7000" os.version="4.0.8.1608">PolycomSoundStationIP-SSIP_7000-UA/4.0.8.1608</example>
     <param pos="0" name="hw.vendor" value="Polycom"/>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="1" name="hw.family"/>
     <param pos="0" name="hw.product" value="{hw.family} {hw.model}"/>
     <param pos="2" name="hw.model"/>
     <param pos="3" name="hw.version"/>
+    <param pos="3" name="os.version"/>
     <param pos="4" name="host.mac"/>
+    <param pos="0" name="os.vendor" value="Polycom"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="os.product" value="{hw.family} {hw.model}"/>
+    <param pos="3" name="os.version"/>
   </fingerprint>
   <fingerprint pattern="^(?:Polycom/[\d\.]+ )?Polycom(?:RealPresenceTrio)-Trio_(\S+)-UA/([\d\.]+)(?:_(.{12}))?$">
     <description>Polycom RealPresence Trio Phones</description>
-    <example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800" hw.model="8800">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
-    <example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+" hw.model="Visual+">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
-    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
-    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" host.mac="DEADBEEF0000">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389_DEADBEEF0000</example>
+    <example hw.version="5.4.0.12197" hw.product="RealPresence Trio 8800" hw.model="8800" os.version="5.4.0.12197">PolycomRealPresenceTrio-Trio_8800-UA/5.4.0.12197</example>
+    <example hw.version="5.7.2.3123" hw.product="RealPresence Trio Visual+" hw.model="Visual+" os.version="5.7.2.3123">PolycomRealPresenceTrio-Trio_Visual+-UA/5.7.2.3123</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" os.version="5.4.3.2389">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389</example>
+    <example hw.version="5.4.3.2389" hw.product="RealPresence Trio 8800" hw.model="8800" host.mac="DEADBEEF0000" os.version="5.4.3.2389">Polycom/5.4.3.2389 PolycomRealPresenceTrio-Trio_8800-UA/5.4.3.2389_DEADBEEF0000</example>
     <param pos="0" name="hw.vendor" value="Polycom"/>
     <param pos="0" name="hw.device" value="VoIP"/>
     <param pos="0" name="hw.family" value="RealPresence"/>
     <param pos="0" name="hw.product" value="RealPresence Trio {hw.model}"/>
     <param pos="1" name="hw.model"/>
     <param pos="2" name="hw.version"/>
+    <param pos="2" name="os.version"/>
     <param pos="3" name="host.mac"/>
+    <param pos="0" name="os.vendor" value="Polycom"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="os.product" value="RealPresence Trio {hw.model}"/>
+    <param pos="2" name="os.version"/>
   </fingerprint>
   <fingerprint pattern="^Polycom ?HDX ?(\d+)(?: ?HD)?(?:/| \(Release - )([^\)]+)\)?">

data/recog/xml/snmp_sysdescr.xml CHANGED Viewed

@@ -6503,6 +6503,19 @@ Copyright (c) 1995-2005 by Cisco Systems
   <!--======================================================================
                               SonicWall
    =======================================================================-->
+  <fingerprint pattern="^SonicWALL (\S+)\s+(\d+)\s*\(SonicOS[X]?\s+(\d[^\)]+)\)\s*$">
+    <description>SonicWall Gen7 - SonicOS without Enhanced keyword</description>
+    <example hw.product="TZ" hw.model="670" os.version="7.1.3-7015-R6965">SonicWALL TZ 670 (SonicOS 7.1.3-7015-R6965)</example>
+    <example hw.product="NSv" hw.model="270" os.version="7.1.3-7015-R6965">SonicWALL NSv 270 (SonicOSX 7.1.3-7015-R6965)</example>
+    <param pos="0" name="os.vendor" value="SonicWall"/>
+    <param pos="0" name="os.device" value="Firewall"/>
+    <param pos="0" name="os.product" value="SonicOS"/>
+    <param pos="0" name="hw.vendor" value="SonicWall"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.model"/>
+    <param pos="3" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:sonicwall:sonicos:{os.version}"/>
+  </fingerprint>
   <fingerprint pattern="^SonicWALL (\S+)\s*(\d+).*?\(SonicOS \S+ (\d[^\)]+)\)\s*$">
     <description>SonicWall - SonicOS Enhanced variant</description>

data/spec/lib/recog/match_reporter_spec.rb CHANGED Viewed

@@ -17,7 +17,7 @@ describe Recog::MatchReporter do
   describe '#report' do
     it 'prints matches' do
-      expect(formatter).to receive(:success_message).with('MATCH: {"data"=>"a match"}')
+      expect(formatter).to receive(:success_message).with(a_string_matching(/\AMATCH: \{\s*"data"\s*=>\s*"a match"\s*\}\z/))
       run_report
     end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 3.1.27
+  version: 3.1.29
 platform: ruby
 authors:
 - Rapid7 Research
@@ -35,7 +35,7 @@ cert_chain:
   XXBvE6wC6iokirNlDvZlbO9G18iiVLdwQrWvhAiMXpuLobG6mXRnm2nRjGAbeluj
   F5KvN7/Jo4xic61stZ/n41BgEGMdZhzI20QStLGk6rsnKhmlXs1TKFr9NQRr4Hz/
   -----END CERTIFICATE-----
-date: 2026-05-21 00:00:00.000000000 Z
+date: 2026-06-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec

metadata.gz.sig CHANGED Viewed

Binary file