recog 3.1.4 → 3.1.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/Gemfile +1 -0
- data/lib/recog/fingerprint.rb +1 -1
- data/lib/recog/version.rb +1 -1
- data/recog/xml/favicons.xml +16 -10
- data/recog/xml/html_title.xml +23 -0
- data/recog/xml/http_servers.xml +19 -4
- data/recog/xml/http_wwwauth.xml +6 -0
- data/recog/xml/http_xpoweredby.xml +15 -0
- data/recog/xml/rtsp_servers.xml +3 -1
- data/recog/xml/sip_user_agents.xml +2 -2
- data/recog/xml/snmp_sysdescr.xml +57 -0
- data/recog/xml/telnet_banners.xml +1 -3
- data/recog/xml/x509_issuers.xml +16 -0
- data/recog/xml/x509_subjects.xml +13 -2
- data/recog.gemspec +6 -3
- data.tar.gz.sig +0 -0
- metadata +3 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 998c4040618037f1c4b09f46f9c26e0511b6e10c2e67be3904e622036b260647
|
4
|
+
data.tar.gz: 23c95129d88f13a047f13bd7634656d33911de9b21809a27abd9fd7c7c85a916
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 61acbc3cb13e1273fa1c57cd87bc76a4cf93465aeb02d5e431b6eb47fa336e6a08763ad8d86f60248f1ac6645a48cabdb53108cc31f207d6da4b56b039b4df5b
|
7
|
+
data.tar.gz: 32ec550d3fb7f2e4657be4753716fc9e9cc238a8ea94ab110c80b3d3ce29523220d60195a9464edb0b6ba8360e8dfb5b935d5c0a9450f8994e636bf54bfbde4e
|
checksums.yaml.gz.sig
CHANGED
Binary file
|
data/Gemfile
CHANGED
data/lib/recog/fingerprint.rb
CHANGED
@@ -222,7 +222,7 @@ module Recog
|
|
222
222
|
|
223
223
|
# match up the fingerprint parameters with test attributes
|
224
224
|
tests.each do |test|
|
225
|
-
test.attributes.
|
225
|
+
test.attributes.each_key do |k|
|
226
226
|
capture_group_used[k] = true if capture_group_used.key?(k)
|
227
227
|
end
|
228
228
|
end
|
data/lib/recog/version.rb
CHANGED
data/recog/xml/favicons.xml
CHANGED
@@ -30,16 +30,16 @@
|
|
30
30
|
<param pos="0" name="service.product" value="Media Server"/>
|
31
31
|
</fingerprint>
|
32
32
|
|
33
|
-
<fingerprint pattern="^(?:1a60f7f928a659f763204d525b3cf90d|6d4c72194ecff7ead96f65db45851be9|55ece828b1329741c1d553a6575d71f1)$">
|
33
|
+
<fingerprint pattern="^(?:1a60f7f928a659f763204d525b3cf90d|6d4c72194ecff7ead96f65db45851be9|55ece828b1329741c1d553a6575d71f1|6e5e9d5cf722ba7dca6ffe417c3bb678)$">
|
34
34
|
<description>Radarr</description>
|
35
35
|
<!-- favicon-16x16.png -->
|
36
|
-
|
37
36
|
<example>1a60f7f928a659f763204d525b3cf90d</example>
|
38
|
-
<!-- favicon-32x32.png -->
|
39
37
|
|
38
|
+
<!-- favicon-32x32.png -->
|
40
39
|
<example>6d4c72194ecff7ead96f65db45851be9</example>
|
41
|
-
|
40
|
+
<example>6e5e9d5cf722ba7dca6ffe417c3bb678</example>
|
42
41
|
|
42
|
+
<!-- favicon.ico -->
|
43
43
|
<example>55ece828b1329741c1d553a6575d71f1</example>
|
44
44
|
<param pos="0" name="service.vendor" value="Radarr"/>
|
45
45
|
<param pos="0" name="service.product" value="Radarr"/>
|
@@ -1216,13 +1216,20 @@
|
|
1216
1216
|
<fingerprint pattern="^e4fd990b4b8a5d61bd5ddb98cdfc7190$">
|
1217
1217
|
<description>OPNsense Firewall</description>
|
1218
1218
|
<example>e4fd990b4b8a5d61bd5ddb98cdfc7190</example>
|
1219
|
+
<param pos="0" name="service.vendor" value="OPNSense"/>
|
1220
|
+
<param pos="0" name="service.product" value="OPNSense"/>
|
1221
|
+
<param pos="0" name="service.device" value="Firewall"/>
|
1222
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opnsense:opnsense:-"/>
|
1223
|
+
<param pos="0" name="service.component.vendor" value="lighttpd"/>
|
1224
|
+
<param pos="0" name="service.component.product" value="lighttpd"/>
|
1225
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:lighttpd:lighttpd:-"/>
|
1226
|
+
<param pos="0" name="os.vendor" value="FreeBSD"/>
|
1227
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
1228
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
|
1219
1229
|
<param pos="0" name="hw.vendor" value="OPNsense"/>
|
1220
1230
|
<param pos="0" name="hw.device" value="Firewall"/>
|
1221
1231
|
<param pos="0" name="hw.product" value="Firewall"/>
|
1222
1232
|
<param pos="0" name="hw.certainty" value="0.5"/>
|
1223
|
-
<param pos="0" name="os.vendor" value="OPNsense"/>
|
1224
|
-
<param pos="0" name="os.product" value="FreeBSD"/>
|
1225
|
-
<param pos="0" name="os.certainty" value="0.5"/>
|
1226
1233
|
</fingerprint>
|
1227
1234
|
|
1228
1235
|
<fingerprint pattern="^979d9a884c322862e6830f61e2c378e6$">
|
@@ -1987,7 +1994,6 @@
|
|
1987
1994
|
<example>1b786be7a46bd96a503a81b7faf86263</example>
|
1988
1995
|
<param pos="0" name="service.vendor" value="AdGuard"/>
|
1989
1996
|
<param pos="0" name="service.product" value="AdGuard Home"/>
|
1990
|
-
<param pos="0" name="service.certainty" value="0.5"/>
|
1991
1997
|
</fingerprint>
|
1992
1998
|
|
1993
1999
|
<fingerprint pattern="^4f52bd9a74742b08b0a152559da4d32a$">
|
@@ -2503,7 +2509,7 @@
|
|
2503
2509
|
<param pos="0" name="service.product" value="SYNAPSE Medical Platform"/>
|
2504
2510
|
<param pos="0" name="service.certainty" value="0.5"/>
|
2505
2511
|
</fingerprint>
|
2506
|
-
|
2512
|
+
|
2507
2513
|
<fingerprint pattern="^6daa3eca79787964627179fd5a1c724d">
|
2508
2514
|
<description>b-rayZ</description>
|
2509
2515
|
<example>6daa3eca79787964627179fd5a1c724d</example>
|
@@ -2552,4 +2558,4 @@
|
|
2552
2558
|
<param pos="0" name="service.certainty" value="0.5"/>
|
2553
2559
|
</fingerprint>
|
2554
2560
|
|
2555
|
-
</fingerprints>
|
2561
|
+
</fingerprints>
|
data/recog/xml/html_title.xml
CHANGED
@@ -3952,6 +3952,21 @@
|
|
3952
3952
|
<param pos="0" name="os.product" value="FreeBSD"/>
|
3953
3953
|
</fingerprint>
|
3954
3954
|
|
3955
|
+
<fingerprint pattern="^Login \| OPNsense$">
|
3956
|
+
<description>OPNSense Firewall</description>
|
3957
|
+
<example>Login | OPNsense</example>
|
3958
|
+
<param pos="0" name="service.vendor" value="OPNSense"/>
|
3959
|
+
<param pos="0" name="service.product" value="OPNSense"/>
|
3960
|
+
<param pos="0" name="service.device" value="Firewall"/>
|
3961
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opnsense:opnsense:-"/>
|
3962
|
+
<param pos="0" name="service.component.vendor" value="lighttpd"/>
|
3963
|
+
<param pos="0" name="service.component.product" value="lighttpd"/>
|
3964
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:lighttpd:lighttpd:-"/>
|
3965
|
+
<param pos="0" name="os.vendor" value="FreeBSD"/>
|
3966
|
+
<param pos="0" name="os.product" value="FreeBSD"/>
|
3967
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
|
3968
|
+
</fingerprint>
|
3969
|
+
|
3955
3970
|
<fingerprint pattern="^Vigor Login Page$">
|
3956
3971
|
<description>DrayTek Vigor network equipment - without model or version</description>
|
3957
3972
|
<example>Vigor Login Page</example>
|
@@ -4337,4 +4352,12 @@
|
|
4337
4352
|
<param pos="0" name="hw.device" value="SD-WAN Appliance"/>
|
4338
4353
|
</fingerprint>
|
4339
4354
|
|
4355
|
+
<fingerprint pattern="^Sign In - Miniflux$">
|
4356
|
+
<description>Miniflux</description>
|
4357
|
+
<example>Sign In - Miniflux</example>
|
4358
|
+
<param pos="0" name="service.vendor" value="Miniflux"/>
|
4359
|
+
<param pos="0" name="service.product" value="Miniflux"/>
|
4360
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:miniflux:miniflux:-"/>
|
4361
|
+
</fingerprint>
|
4362
|
+
|
4340
4363
|
</fingerprints>
|
data/recog/xml/http_servers.xml
CHANGED
@@ -4398,11 +4398,16 @@
|
|
4398
4398
|
<fingerprint pattern="^OPNsense$">
|
4399
4399
|
<description>OPNsense Firewall</description>
|
4400
4400
|
<example>OPNsense</example>
|
4401
|
-
<param pos="0" name="
|
4402
|
-
<param pos="0" name="
|
4403
|
-
<param pos="0" name="
|
4404
|
-
<param pos="0" name="
|
4401
|
+
<param pos="0" name="service.vendor" value="OPNSense"/>
|
4402
|
+
<param pos="0" name="service.product" value="OPNSense"/>
|
4403
|
+
<param pos="0" name="service.device" value="Firewall"/>
|
4404
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:opnsense:opnsense:-"/>
|
4405
|
+
<param pos="0" name="service.component.vendor" value="lighttpd"/>
|
4406
|
+
<param pos="0" name="service.component.product" value="lighttpd"/>
|
4407
|
+
<param pos="0" name="service.component.cpe23" value="cpe:/a:lighttpd:lighttpd:-"/>
|
4408
|
+
<param pos="0" name="os.vendor" value="FreeBSD"/>
|
4405
4409
|
<param pos="0" name="os.product" value="FreeBSD"/>
|
4410
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:freebsd:freebsd:-"/>
|
4406
4411
|
</fingerprint>
|
4407
4412
|
|
4408
4413
|
<fingerprint pattern="^ELAN Controller$">
|
@@ -5175,4 +5180,14 @@
|
|
5175
5180
|
<param pos="2" name="os.arch"/>
|
5176
5181
|
</fingerprint>
|
5177
5182
|
|
5183
|
+
<fingerprint pattern="^FbxWSD/1[.]0$">
|
5184
|
+
<description>Freebox Device</description>
|
5185
|
+
<example >FbxWSD/1.0</example>
|
5186
|
+
<param pos="0" name="os.vendor" value="Freebox"/>
|
5187
|
+
<param pos="0" name="os.product" value="Freebox OS"/>
|
5188
|
+
<param pos="0" name="os.family" value="Linux"/>
|
5189
|
+
<param pos="0" name="hw.vendor" value="Freebox"/>
|
5190
|
+
<param pos="0" name="hw.device" value="Device"/>
|
5191
|
+
</fingerprint>
|
5192
|
+
|
5178
5193
|
</fingerprints>
|
data/recog/xml/http_wwwauth.xml
CHANGED
@@ -726,6 +726,12 @@
|
|
726
726
|
<param pos="0" name="hw.device" value="Power Device"/>
|
727
727
|
</fingerprint>
|
728
728
|
|
729
|
+
<fingerprint pattern="(?i)^Basic realm="Lidarr"">
|
730
|
+
<description>Lidarr</description>
|
731
|
+
<param pos="0" name="service.vendor" value="Lidarr"/>
|
732
|
+
<param pos="0" name="service.product" value="Lidarr"/>
|
733
|
+
</fingerprint>
|
734
|
+
|
729
735
|
<!-- a variety of headers we currently just ignore -->
|
730
736
|
|
731
737
|
<fingerprint pattern="(?i)^NTLM$">
|
@@ -0,0 +1,15 @@
|
|
1
|
+
<?xml version='1.0' encoding='UTF-8'?>
|
2
|
+
<fingerprints matches="http_header.x-powered-by" protocol="http" database_type="service" preference="0.90">
|
3
|
+
<!-- HTTP X-Powered_by headers are matched against these patterns to fingerprint HTTP services. -->
|
4
|
+
|
5
|
+
<fingerprint pattern="^PHP/([0-9.]+)$">
|
6
|
+
<description>PHP</description>
|
7
|
+
<example service.version="8.2.14">PHP/8.2.14</example>
|
8
|
+
<param pos="0" name="service.vendor" value="PHP"/>
|
9
|
+
<param pos="0" name="service.family" value="PHP"/>
|
10
|
+
<param pos="0" name="service.product" value="PHP"/>
|
11
|
+
<param pos="1" name="service.version"/>
|
12
|
+
<param pos="0" name="service.cpe23" value="cpe:/a:php:php:{service.version}"/>
|
13
|
+
</fingerprint>
|
14
|
+
|
15
|
+
</fingerprints>
|
data/recog/xml/rtsp_servers.xml
CHANGED
@@ -100,12 +100,14 @@
|
|
100
100
|
<param pos="0" name="hw.device" value="IP Camera"/>
|
101
101
|
</fingerprint>
|
102
102
|
|
103
|
-
<fingerprint pattern="^fbxrtspd/[0-9.]+ Freebox RTSP server$">
|
103
|
+
<fingerprint pattern="^fbxrtspd/([0-9.]+) Freebox RTSP server$">
|
104
104
|
<description>Freebox OS on Freebox Set-top Box Devices</description>
|
105
|
+
<example os.version="1.2">fbxrtspd/1.2 Freebox RTSP server</example>
|
105
106
|
<param pos="0" name="os.vendor" value="Freebox"/>
|
106
107
|
<param pos="0" name="os.product" value="Freebox OS"/>
|
107
108
|
<param pos="0" name="os.family" value="Linux"/>
|
108
109
|
<param pos="0" name="hw.vendor" value="Freebox"/>
|
110
|
+
<param pos="1" name="os.version"/>
|
109
111
|
</fingerprint>
|
110
112
|
|
111
113
|
</fingerprints>
|
@@ -312,7 +312,7 @@
|
|
312
312
|
<param pos="2" name="hw.version"/>
|
313
313
|
</fingerprint>
|
314
314
|
|
315
|
-
<fingerprint pattern="^PolycomRealPresenceGroup(\d+)/([\d\._]+)
|
315
|
+
<fingerprint pattern="^PolycomRealPresenceGroup(\d+)/([\d\._]+)$">
|
316
316
|
<description>Polycom RealPresence Group Video Conferencing</description>
|
317
317
|
<example hw.model="700" hw.product="RealPresence Group 700" hw.version="6.2.0">PolycomRealPresenceGroup700/6.2.0</example>
|
318
318
|
<param pos="0" name="hw.vendor" value="Polycom"/>
|
@@ -712,4 +712,4 @@
|
|
712
712
|
<param pos="0" name="hw.device" value="Broadband Router"/>
|
713
713
|
</fingerprint>
|
714
714
|
|
715
|
-
</fingerprints>
|
715
|
+
</fingerprints>
|
data/recog/xml/snmp_sysdescr.xml
CHANGED
@@ -1820,6 +1820,47 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
1820
1820
|
<param pos="0" name="os.product" value="Wireless Controller"/>
|
1821
1821
|
</fingerprint>
|
1822
1822
|
|
1823
|
+
<fingerprint pattern="^Meraki (MX[A-Z0-9]{2,10})">
|
1824
|
+
<description>Meraki MX Cloud-Managed Security and SD-WAN</description>
|
1825
|
+
<example hw.model="MX68">Meraki MX68 Router/Security Appliance</example>
|
1826
|
+
<example hw.model="MX84">Meraki MX84 Cloud Managed Router</example>
|
1827
|
+
<param pos="0" name="os.certainty" value="0.7"/>
|
1828
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
1829
|
+
<param pos="0" name="os.family" value="Meraki"/>
|
1830
|
+
<param pos="0" name="os.product" value="Meraki MX"/>
|
1831
|
+
<param pos="0" name="os.device" value="Security Appliance"/>
|
1832
|
+
<param pos="0" name="hw.series" value="Meraki MX"/>
|
1833
|
+
<param pos="1" name="hw.model"/>
|
1834
|
+
</fingerprint>
|
1835
|
+
|
1836
|
+
<fingerprint pattern="^Meraki (MR[A-Z0-9]{2,10})">
|
1837
|
+
<description>Meraki MR Cloud-Managed Wi-Fi Access Points</description>
|
1838
|
+
<example hw.model="MR46E">Meraki MR46E Cloud Managed AP</example>
|
1839
|
+
<example hw.model="MR90">Meraki MR90 Cloud Managed AP</example>
|
1840
|
+
<param pos="0" name="os.certainty" value="0.7"/>
|
1841
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
1842
|
+
<param pos="0" name="os.family" value="Meraki"/>
|
1843
|
+
<param pos="0" name="os.product" value="Meraki MR"/>
|
1844
|
+
<param pos="0" name="os.device" value="WAP"/>
|
1845
|
+
<param pos="0" name="hw.series" value="Meraki MR"/>
|
1846
|
+
<param pos="1" name="hw.model"/>
|
1847
|
+
</fingerprint>
|
1848
|
+
|
1849
|
+
<fingerprint pattern="^(?:Cisco Meraki|Meraki) (MS[A-Z0-9-]{2,15})">
|
1850
|
+
<description>Meraki MS Cloud-Managed Network Switches</description>
|
1851
|
+
<example hw.model="MS120-8LP">Meraki MS120-8LP Cloud Managed PoE Switch</example>
|
1852
|
+
<example hw.model="MS225-24P">Meraki MS225-24P Cloud Managed PoE Switch</example>
|
1853
|
+
<example hw.model="MS220-8P">Meraki MS220-8P Cloud Managed PoE Switch</example>
|
1854
|
+
<example hw.model="MS250-48">Cisco Meraki MS250-48 Cloud Managed Switch</example>
|
1855
|
+
<param pos="0" name="os.certainty" value="0.7"/>
|
1856
|
+
<param pos="0" name="os.vendor" value="Cisco"/>
|
1857
|
+
<param pos="0" name="os.family" value="Meraki"/>
|
1858
|
+
<param pos="0" name="os.product" value="Meraki MS"/>
|
1859
|
+
<param pos="0" name="os.device" value="Switch"/>
|
1860
|
+
<param pos="0" name="hw.series" value="Meraki MS"/>
|
1861
|
+
<param pos="1" name="hw.model"/>
|
1862
|
+
</fingerprint>
|
1863
|
+
|
1823
1864
|
<!--======================================================================
|
1824
1865
|
Crestron
|
1825
1866
|
=======================================================================-->
|
@@ -3541,6 +3582,22 @@ Copyright (c) 1995-2005 by Cisco Systems
|
|
3541
3582
|
<param pos="0" name="os.device" value="Printer"/>
|
3542
3583
|
</fingerprint>
|
3543
3584
|
|
3585
|
+
<!--======================================================================
|
3586
|
+
Ivanti (Pulse Secure)
|
3587
|
+
=======================================================================-->
|
3588
|
+
|
3589
|
+
<fingerprint pattern="^(?:Pulse Secure, LLC|Ivanti Connect Secure),.*,(\d+\.\d+R\d+(?:\.\d+)?) \(build \d+\)$">
|
3590
|
+
<description>Pulse Secure, LLC, Ivanti Connect Secure</description>
|
3591
|
+
<example os.version="22.3R1">Pulse Secure, LLC,Ivanti Connect Secure,ISA-V,22.3R1 (build 1647)</example>
|
3592
|
+
<example os.version="22.3R2.1245">Pulse Secure, LLC,Ivanti Connect Secure,ISA-V,22.3R2.1245 (build 1647)</example>
|
3593
|
+
<example os.version="22.3R1">Pulse Secure, LLC,ISA-V,22.3R1 (build 1647)</example>
|
3594
|
+
<example os.version="22.3R2.1245">Ivanti Connect Secure,ISA-V,22.3R2.1245 (build 1647)</example>
|
3595
|
+
<param pos="0" name="os.certainty" value="0.99"/>
|
3596
|
+
<param pos="0" name="os.vendor" value="Pulse Secure"/>
|
3597
|
+
<param pos="0" name="os.product" value="Pulse Connect Secure"/>
|
3598
|
+
<param pos="1" name="os.version"/>
|
3599
|
+
</fingerprint>
|
3600
|
+
|
3544
3601
|
<!--======================================================================
|
3545
3602
|
Juniper
|
3546
3603
|
=======================================================================-->
|
@@ -2257,9 +2257,9 @@
|
|
2257
2257
|
********************************************
|
2258
2258
|
* Welcome to SMG1016M *
|
2259
2259
|
********************************************
|
2260
|
-
|
2261
2260
|
foo.bar.baz login:
|
2262
2261
|
-->
|
2262
|
+
|
2263
2263
|
<example hw.product="SMG1016M" host.name="foo.bar.baz" _encoding="base64">
|
2264
2264
|
DQ0KDQoNKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioNCg0qI
|
2265
2265
|
CAgICAgICAgICAgV2VsY29tZSB0byBTTUcxMDE2TSAgICAgICAgICAgKg0KDSoqKioqKioqKi
|
@@ -2299,12 +2299,10 @@
|
|
2299
2299
|
<description>Baxter SIGMA Spectrum Infusion System with Wireless Battery Module</description>
|
2300
2300
|
<!--
|
2301
2301
|
Welcome to the SIGMA Spectrum Diagnostic Terminal
|
2302
|
-
|
2303
2302
|
Wireless Battery Module (802.11a/b/g/n)
|
2304
2303
|
MAC Address: 00-40-9d-12-34-56 SW: 20 D29
|
2305
2304
|
Sigma Spectrum SN: 1234567 SW: v8.00.01
|
2306
2305
|
Radio up since: Fri Mar 1 03:14:24 2019
|
2307
|
-
|
2308
2306
|
login:
|
2309
2307
|
-->
|
2310
2308
|
|
data/recog/xml/x509_issuers.xml
CHANGED
@@ -120,6 +120,7 @@
|
|
120
120
|
<example chromecast.generation="9" chromecast.capabilities="Audio Assist">CN=Chromecast ICA 9 (Audio Assist),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
121
121
|
<example chromecast.generation="11" chromecast.capabilities="Video Assist">CN=Chromecast ICA 11 (Video Assist),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
122
122
|
<example chromecast.generation="12">CN=Chromecast ICA 12,OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
123
|
+
<example chromecast.generation="21" chromecast.capabilities="ATV">CN=Chromecast ICA 21 (ATV),OU=Cast,O=Google Inc,L=Mountain View,ST=California,C=US</example>
|
123
124
|
<param pos="0" name="os.vendor" value="Google"/>
|
124
125
|
<param pos="0" name="os.product" value="Chrome OS"/>
|
125
126
|
<param pos="0" name="os.certainty" value="0.5"/>
|
@@ -133,6 +134,21 @@
|
|
133
134
|
<param pos="2" name="chromecast.capabilities"/>
|
134
135
|
</fingerprint>
|
135
136
|
|
137
|
+
<fingerprint pattern="^CN=atvremote/[a-z_]+/([a-z]+)/Chromecast/">
|
138
|
+
<description>Google Chromecast - mDNS</description>
|
139
|
+
<example chromecast.codename="sabrina">CN=atvremote/sabrina_prod_stable/sabrina/Chromecast/13:37:F0:0B:AR:42</example>
|
140
|
+
<param pos="0" name="os.vendor" value="Google"/>
|
141
|
+
<param pos="0" name="os.product" value="Chrome OS"/>
|
142
|
+
<param pos="0" name="os.certainty" value="0.5"/>
|
143
|
+
<param pos="0" name="os.cpe23" value="cpe:/o:google:chrome_os:-"/>
|
144
|
+
<param pos="0" name="hw.device" value="Media Server"/>
|
145
|
+
<param pos="0" name="hw.vendor" value="Google"/>
|
146
|
+
<param pos="0" name="hw.product" value="Chromecast"/>
|
147
|
+
<param pos="0" name="hw.certainty" value="0.5"/>
|
148
|
+
<param pos="0" name="hw.cpe23" value="cpe:/h:google:chromecast:-"/>
|
149
|
+
<param pos="1" name="chromecast.codename"/>
|
150
|
+
</fingerprint>
|
151
|
+
|
136
152
|
<fingerprint pattern="^CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US$">
|
137
153
|
<description>ASUS Nexus Player (Android) with Google Cast</description>
|
138
154
|
<example>CN=Asus fugu Cast ICA,OU=Widevine,O=Google Inc,L=Kirkland,ST=Washington,C=US</example>
|
data/recog/xml/x509_subjects.xml
CHANGED
@@ -1091,9 +1091,10 @@
|
|
1091
1091
|
<param pos="0" name="os.product" value="FreeBSD"/>
|
1092
1092
|
</fingerprint>
|
1093
1093
|
|
1094
|
-
<fingerprint pattern="^O=OPNsense
|
1094
|
+
<fingerprint pattern="^O=OPNsense(?:[.]localdomain)?,L=Middelharnis,ST=Zuid-Holland,C=NL$">
|
1095
1095
|
<description>OPNsense Firewall</description>
|
1096
1096
|
<example>O=OPNsense,L=Middelharnis,ST=Zuid-Holland,C=NL</example>
|
1097
|
+
<example>O=OPNsense.localdomain,L=Middelharnis,ST=Zuid-Holland,C=NL</example>
|
1097
1098
|
<param pos="0" name="hw.vendor" value="OPNsense"/>
|
1098
1099
|
<param pos="0" name="hw.device" value="Firewall"/>
|
1099
1100
|
<param pos="0" name="hw.product" value="Firewall"/>
|
@@ -1657,7 +1658,7 @@
|
|
1657
1658
|
</fingerprint>
|
1658
1659
|
|
1659
1660
|
<fingerprint pattern="^CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR$">
|
1660
|
-
<description>Freebox Device</description>
|
1661
|
+
<description>Freebox Device - Intermediate CA</description>
|
1661
1662
|
<example>CN=Freebox Intermediate CA,O=Freebox,ST=France,C=FR</example>
|
1662
1663
|
<param pos="0" name="os.vendor" value="Freebox"/>
|
1663
1664
|
<param pos="0" name="os.product" value="Freebox OS"/>
|
@@ -1666,6 +1667,16 @@
|
|
1666
1667
|
<param pos="0" name="hw.device" value="Device"/>
|
1667
1668
|
</fingerprint>
|
1668
1669
|
|
1670
|
+
<fingerprint pattern="^CN=[0-9a-z]+[.]fbxos[.]fr,C=FR$">
|
1671
|
+
<description>Freebox Device</description>
|
1672
|
+
<example>CN=d36ob5re.fbxos.fr,C=FR</example>
|
1673
|
+
<param pos="0" name="os.vendor" value="Freebox"/>
|
1674
|
+
<param pos="0" name="os.product" value="Freebox OS"/>
|
1675
|
+
<param pos="0" name="os.family" value="Linux"/>
|
1676
|
+
<param pos="0" name="hw.vendor" value="Freebox"/>
|
1677
|
+
<param pos="0" name="hw.device" value="Device"/>
|
1678
|
+
</fingerprint>
|
1679
|
+
|
1669
1680
|
<fingerprint pattern="^CN=TP-LINK CA,O=TP-LINK Technologies CO.\\, LTD.,L=Shenzhen,ST=Guangdong,C=CN(?:,\S+)?$">
|
1670
1681
|
<description>TP-LINK Device</description>
|
1671
1682
|
<example>CN=TP-LINK CA,O=TP-LINK Technologies CO.\, LTD.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c16736572766963654074702d6c696e6b2e636f6d2e636e</example>
|
data/recog.gemspec
CHANGED
@@ -31,9 +31,12 @@ Gem::Specification.new do |s|
|
|
31
31
|
s.executables = s.files.grep(%r{^recog/bin/}).map { |f| File.basename(f) }
|
32
32
|
s.require_paths = ['lib']
|
33
33
|
|
34
|
-
|
35
|
-
|
36
|
-
|
34
|
+
gem_public_cert = ENV['GEM_PUBLIC_CERT']
|
35
|
+
gem_private_key = ENV['GEM_PRIVATE_KEY']
|
36
|
+
|
37
|
+
if gem_public_cert && gem_private_key
|
38
|
+
s.cert_chain = [gem_public_cert]
|
39
|
+
s.signing_key = File.expand_path(gem_private_key)
|
37
40
|
end
|
38
41
|
|
39
42
|
# ---- Dependencies ----
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: recog
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.1.
|
4
|
+
version: 3.1.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rapid7 Research
|
@@ -34,7 +34,7 @@ cert_chain:
|
|
34
34
|
DgscAao7wB3xW2BWEp1KnaDWkf1x9ttgoBEYyuYwU7uatB67kBQG1PKvLt79wHvz
|
35
35
|
Dxs+KOjGbBRfMnPgVGYkORKVrZIwlaboHbDKxcVW5xv+oZc7KYXWGg==
|
36
36
|
-----END CERTIFICATE-----
|
37
|
-
date:
|
37
|
+
date: 2024-06-13 00:00:00.000000000 Z
|
38
38
|
dependencies:
|
39
39
|
- !ruby/object:Gem::Dependency
|
40
40
|
name: rspec
|
@@ -168,6 +168,7 @@ files:
|
|
168
168
|
- recog/xml/http_cookies.xml
|
169
169
|
- recog/xml/http_servers.xml
|
170
170
|
- recog/xml/http_wwwauth.xml
|
171
|
+
- recog/xml/http_xpoweredby.xml
|
171
172
|
- recog/xml/imap_banners.xml
|
172
173
|
- recog/xml/ldap_searchresult.xml
|
173
174
|
- recog/xml/mdns_device-info_txt.xml
|
metadata.gz.sig
CHANGED
Binary file
|