recog 2.1.24 → 2.1.25
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/recog/fingerprint.rb +16 -14
- data/lib/recog/version.rb +1 -1
- data/spec/lib/fingerprint_self_test_spec.rb +8 -0
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dca9789b2018dcb894fa9e5dff3f664b5e75fc12
|
|
4
|
+
data.tar.gz: a599644447ce120f8ff22ef7994adf567469a009
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8cfff6a20c9dff48aba6c66bcfce5f06e84b167ca18f5fcdd334201e3ae85513d1a47ba3d5029fa007ffece1e10f9cb8f0eaa1202812c05954edfc0539bd7f1c
|
|
7
|
+
data.tar.gz: 5d3509715e5929f2dbd3c7f5c3d172afcafa370f6f006744517053bc037bfc91624b2f10373f94a980a7ec8a872102583dad79eafa4d9fd90b11cf50372fbb36
|
data/lib/recog/fingerprint.rb
CHANGED
|
@@ -3,6 +3,8 @@ module Recog
|
|
|
3
3
|
# A fingerprint that can be {#match matched} against a particular kind of
|
|
4
4
|
# fingerprintable data, e.g. an HTTP `Server` header
|
|
5
5
|
class Fingerprint
|
|
6
|
+
require 'set'
|
|
7
|
+
|
|
6
8
|
require 'recog/fingerprint/regexp_factory'
|
|
7
9
|
require 'recog/fingerprint/test'
|
|
8
10
|
|
|
@@ -73,11 +75,17 @@ class Fingerprint
|
|
|
73
75
|
return if match_data.nil?
|
|
74
76
|
|
|
75
77
|
result = { 'matched' => @name }
|
|
78
|
+
replacements = {}
|
|
76
79
|
@params.each_pair do |k,v|
|
|
77
80
|
pos = v[0]
|
|
78
81
|
if pos == 0
|
|
79
82
|
# A match offset of 0 means this param has a hardcoded value
|
|
80
83
|
result[k] = v[1]
|
|
84
|
+
# if this value uses interpolation, note it for handling later
|
|
85
|
+
v[1].scan(/\{([^\s{}]+)\}/).flatten.each do |replacement|
|
|
86
|
+
replacements[k] ||= Set[]
|
|
87
|
+
replacements[k] << replacement
|
|
88
|
+
end
|
|
81
89
|
else
|
|
82
90
|
# A match offset other than 0 means the value should come from
|
|
83
91
|
# the corresponding match result index
|
|
@@ -95,17 +103,11 @@ class Fingerprint
|
|
|
95
103
|
|
|
96
104
|
result['fingerprint_db'] = @match_key if @match_key
|
|
97
105
|
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
if /\{(?<replace>[^\s{}]+)\}/ =~ v
|
|
104
|
-
if result[replace]
|
|
105
|
-
if /\{(?<bad_replace>[^\s{}]+)\}/ =~ result[replace]
|
|
106
|
-
raise "Invalid recursive use of #{bad_replace} in #{replace}"
|
|
107
|
-
end
|
|
108
|
-
result[k] = v.gsub(/\{#{replace}\}/, result[replace])
|
|
106
|
+
# for everything identified as using interpolation, do so
|
|
107
|
+
replacements.each_pair do |replacement_k, replacement_vs|
|
|
108
|
+
replacement_vs.each do |replacement|
|
|
109
|
+
if result[replacement]
|
|
110
|
+
result[replacement_k] = result[replacement_k].gsub(/\{#{replacement}\}/, result[replacement])
|
|
109
111
|
else
|
|
110
112
|
# if the value uses an interpolated value that does not exist, in general this could be
|
|
111
113
|
# very bad, but over time we have allowed the use of regexes with
|
|
@@ -116,10 +118,10 @@ class Fingerprint
|
|
|
116
118
|
# standard of '-' for the version, otherwise raise and exception as
|
|
117
119
|
# this code currently does not handle interpolation of undefined
|
|
118
120
|
# values in other cases.
|
|
119
|
-
if
|
|
120
|
-
result[
|
|
121
|
+
if replacement_k =~ /\.cpe23$/ and replacement =~ /\.version$/
|
|
122
|
+
result[replacement_k] = result[replacement_k].gsub(/\{#{replacement}\}/, '-')
|
|
121
123
|
else
|
|
122
|
-
raise "Invalid use of nil interpolated value #{
|
|
124
|
+
raise "Invalid use of nil interpolated non-version value #{replacement} in non-cpe23 fingerprint param #{replacement_k}"
|
|
123
125
|
end
|
|
124
126
|
end
|
|
125
127
|
end
|
data/lib/recog/version.rb
CHANGED
|
@@ -60,6 +60,14 @@ describe Recog::DB do
|
|
|
60
60
|
param_names << param_name
|
|
61
61
|
end
|
|
62
62
|
end
|
|
63
|
+
|
|
64
|
+
it "uses interpolation correctly" do
|
|
65
|
+
if pos == 0 && /\{(?<interpolated>[^\s{}]+)\}/ =~ value
|
|
66
|
+
unless fp.params.key?(interpolated)
|
|
67
|
+
fail "'#{fp.name}' uses interpolated value '#{interpolated}' that does not exist"
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
end
|
|
63
71
|
end
|
|
64
72
|
end
|
|
65
73
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.25
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rapid7 Research
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-10-
|
|
11
|
+
date: 2018-10-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -244,7 +244,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
244
244
|
version: '0'
|
|
245
245
|
requirements: []
|
|
246
246
|
rubyforge_project:
|
|
247
|
-
rubygems_version: 2.
|
|
247
|
+
rubygems_version: 2.5.2
|
|
248
248
|
signing_key:
|
|
249
249
|
specification_version: 4
|
|
250
250
|
summary: Network service fingerprint database, classes, and utilities
|