RubyGems - recog - Versions diffs - 2.1.25 → 2.1.26 - Mend

recog 2.1.25 → 2.1.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: dca9789b2018dcb894fa9e5dff3f664b5e75fc12
-  data.tar.gz: a599644447ce120f8ff22ef7994adf567469a009
+  metadata.gz: 176fcc07ee328625371e582ea351a065b0149900
+  data.tar.gz: d2dc6e810cdb79662ab01ae7c4efad576469c026
 SHA512:
-  metadata.gz: 8cfff6a20c9dff48aba6c66bcfce5f06e84b167ca18f5fcdd334201e3ae85513d1a47ba3d5029fa007ffece1e10f9cb8f0eaa1202812c05954edfc0539bd7f1c
-  data.tar.gz: 5d3509715e5929f2dbd3c7f5c3d172afcafa370f6f006744517053bc037bfc91624b2f10373f94a980a7ec8a872102583dad79eafa4d9fd90b11cf50372fbb36
+  metadata.gz: d21436b918ada12e8ad24bdcbe420aca924230e38be2458cb3ac722c01c595c8221de9ab8a375b90e223511c2d3e38baba86e17f7b44460916a4e315d4333a2e
+  data.tar.gz: 6f3e0f933de01c54e0a4d72100ee8525b290f819c17769ec55d075d5daed3455a18312a5c09801499799c7b181292bab28a2698365014df13fa3a4a72a2dadbe

data/lib/recog/version.rb CHANGED

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = '2.1.25'
+  VERSION = '2.1.26'
 end

data/xml/http_cookies.xml CHANGED

@@ -105,6 +105,24 @@
     <param pos="0" name="service.family" value="Content Service Switch"/>
     <param pos="0" name="service.product" value="11000 Series Content Service Switch"/>
   </fingerprint>
+  <fingerprint pattern="^webvpn(?:c|_portal|Lang|login|SharePoint)?=">
+    <description>Cisco ASA VPN</description>
+    <example>webvpn=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure</example>
+    <example>webvpnc=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure</example>
+    <example>webvpn_portal=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure</example>
+    <example>webvpnSharePoint=; expires=Thu, 01 Jan 1970 22:00:00 GMT; path=/; secure</example>
+    <example>webvpnlogin=1; path=/; secure</example>
+    <param pos="0" name="service.vendor" value="Cisco"/>
+    <param pos="0" name="service.product" value="HTTP"/>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.family" value="ASA"/>
+    <param pos="0" name="os.product" value="VPN"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.family" value="ASA"/>
+    <param pos="0" name="hw.cpe23" value="cpe:/h:cisco:adaptive_security_appliance:-"/>
+    <param pos="0" name="hw.product" value="Adaptive Security Appliance"/>
+    <param pos="0" name="hw.device" value="Firewall"/>
+  </fingerprint>
   <fingerprint pattern="^(st8id)=.*">
     <description>Citrix Application Protection System, Enterprise
       http://support.citrix.com/article/CTX109330

data/xml/sip_banners.xml CHANGED

@@ -3,14 +3,107 @@
   <!--
   SIP Server header values are matched against these patterns to fingerprint SIP devices.
   -->
-  <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.x]+)$">
-    <description>Cisco SIPGateway</description>
-    <example>Cisco-SIPGateway/IOS-12.x</example>
+  <fingerprint pattern="^Cisco-SIPGateway/IOS-(\d+)\.x$">
+    <description>Cisco IOS with SIPGateway with only major version</description>
+    <example os.version="12">Cisco-SIPGateway/IOS-12.x</example>
     <param pos="0" name="os.vendor" value="Cisco"/>
     <param pos="0" name="os.product" value="IOS"/>
     <param pos="1" name="os.version"/>
     <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
   </fingerprint>
+  <fingerprint pattern="^Cisco-SIPGateway/IOS-([\d\.a-zA-Z]+)$">
+    <description>Cisco IOS with SIPGateway</description>
+    <example os.version="15.2.2.T1">Cisco-SIPGateway/IOS-15.2.2.T1</example>
+    <example os.version="15.2.3.T">Cisco-SIPGateway/IOS-15.2.3.T</example>
+    <example os.version="15.4.3.S5">Cisco-SIPGateway/IOS-15.4.3.S5</example>
+    <example os.version="15.6.3.M0a">Cisco-SIPGateway/IOS-15.6.3.M0a</example>
+    <example os.version="16.3.6">Cisco-SIPGateway/IOS-16.3.6</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.product" value="IOS"/>
+    <param pos="1" name="os.version"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:cisco:ios:{os.version}"/>
+  </fingerprint>
+  <fingerprint pattern="^Cisco-CP-?(\d+G?)(?:-\S+)?/([\d\.]+)">
+    <description>Cisco CP VoIP Phone</description>
+    <example hw.model="7960G" hw.version="8.0">Cisco-CP7960G/8.0</example>
+    <example hw.model="7912" hw.version="8.0.1">Cisco-CP7912/8.0.1-060412A</example>
+    <example hw.model="7821" hw.version="11.0.0">Cisco-CP-7821-3PCC/11.0.0</example>
+    <example hw.model="6841" hw.version="11.1.1">Cisco-CP-6841-3PCC/11.1.1 (00727826a4e1) (sip68xx.11-1-1MPP-897.loads)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="CP"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="(?:Cisco|Linksys)/(SPA\d+[DG]?\d?)-([\d\.a-zA-Z]+)">
+    <description>Cisco/Linksys SPA VoIP Phone</description>
+    <example hw.model="SPA112" hw.version="1.4.1SR1">Cisco/SPA112-1.4.1SR1(002)d-hisec</example>
+    <example hw.model="SPA122" hw.version="1.3.3">Cisco/SPA122-1.3.3(004)</example>
+    <example hw.model="SPA922" hw.version="6.1.5">PhoneSystems.net aabbccddeeff Linksys/SPA922-6.1.5(a)</example>
+    <example hw.model="SPA232D" hw.version="1.4.1">Cisco/SPA232D-1.4.1(002_282)</example>
+    <example hw.model="SPA504G" hw.version="7.5.2">Cisco/SPA504G-7.5.2</example>
+    <example hw.model="SPA525G2" hw.version="7.6.1">Cisco/SPA525G2-7.6.1</example>
+    <example hw.model="SPA922" hw.version="6.1.5">Linksys/SPA922-6.1.5</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="SPA"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="(?:Cisco|Linksys)(?: |/)(PAP2T?)(?:-|/)(\S+)$">
+    <description>Cisco/Linksys VoIP / Internet Phone adapter</description>
+    <example hw.version="3.1.22(LS)" hw.model="PAP2">PhoneSystems.net aabbccddeeff Linksys/PAP2-3.1.22(LS)</example>
+    <example hw.version="3.1.9(LSc)" hw.model="PAP2">aabbccddeeff Linksys/PAP2-3.1.9(LSc)</example>
+    <example hw.version="3.52.12X" hw.model="PAP2T">Linksys PAP2T/3.52.12X</example>
+    <example hw.version="2.0.10(LSb)" hw.model="PAP2">iLinksys/PAP2-2.0.10(LSb)</example>
+    <example hw.version="3.1.16(LS)" hw.model="PAP2T">Linksys/PAP2T-3.1.16(LS)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="VoIP"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="Internet Phone Adapter"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="^Cisco/(SRP\d+)-([\d\.]+)">
+    <description>Cisco Services Ready Platforms (SRP) Router</description>
+    <example hw.model="SRP541" hw.version="1.2.6">Cisco/SRP541-1.2.6(003)</example>
+    <example hw.model="SRP527" hw.version="1.02.03">Cisco/SRP527-1.02.03(002)</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="SRP"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="(?:Cisco|Linksys)/(WRP\d+)-(\S+)$">
+    <description>Cisco/Linksys WRP Wireless Router</description>
+    <example hw.version="2.00.26" hw.model="WRP400">aabbccddeeff_FinalStage_Linksys/WRP400-2.00.26</example>
+    <example hw.version="1.01.08" hw.model="WRP200">Linksys/WRP200-1.01.08</example>
+    <example hw.version="1.00.05B2" hw.model="WRP400">Linksys/WRP400-1.00.05B2</example>
+    <param pos="0" name="os.vendor" value="Cisco"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="hw.vendor" value="Cisco"/>
+    <param pos="0" name="hw.product" value="Wireless Router"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.model"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="^M5T SIP(?: Stack|-UA SAFE)/v?([\d\.]+)">
+    <description>Media5 Corporation SIP Stack</description>
+    <example service.version="4.1.2.2">M5T SIP Stack/4.1.2.2</example>
+    <example service.version="3.6.4.8">M5T SIP-UA SAFE/v3.6.4.8</example>
+    <example service.version="4.1.2.2">M5T SIP Stack/4.1.2.2alliu</example>
+    <param pos="0" name="service.vendor" value="Media5 Corporation"/>
+    <param pos="0" name="service.product" value="SIP Stack"/>
+    <param pos="1" name="service.version"/>
+    <param pos="0" name="hw.device" value="VoIP"/>
+  </fingerprint>
   <fingerprint pattern="^TANDBERG/\d+ \(([a-zA-Z]+\d+(?:\.\d+)+).*\)">
     <description>Cisco TelePresence</description>
     <example os.version="X8.2.1">TANDBERG/4130 (X8.2.1)</example>
@@ -22,4 +115,35 @@
     <param pos="0" name="os.product" value="TelePresence"/>
     <param pos="1" name="os.version"/>
   </fingerprint>
+  <fingerprint pattern="^Tilgin Vood ([^_\s]+)">
+    <description>Tilgin Vood</description>
+    <example hw.model="HG238x">Tilgin Vood HG238x_ESx000-02_07_03_26</example>
+    <example hw.model="HG27xx">Tilgin Vood HG27xx</example>
+    <example hw.model="452W">Tilgin Vood 452W_S_3_4_2_RC_2</example>
+    <param pos="0" name="hw.vendor" value="Tilgin"/>
+    <param pos="0" name="hw.product" value="Vood"/>
+    <param pos="1" name="hw.model"/>
+  </fingerprint>
+  <fingerprint pattern="^(F\d{3})/VT?(\d(?:[\d\.A-Z]+))$">
+    <description>ZTE GPON Router</description>
+    <example hw.product="F620" hw.version="3.30.20P5T4S">F620/V3.30.20P5T4S</example>
+    <example hw.product="F660" hw.version="2.22.21P1T14S">F660/V2.22.21P1T14S</example>
+    <example hw.product="F668" hw.version="2.30.22P1T9">F668/VT2.30.22P1T9</example>
+    <param pos="0" name="hw.vendor" value="ZTE"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
+  <fingerprint pattern="^ZXHN (H\d{3}N)/V?(\d(?:[\d\.A-Z_]+))$">
+    <description>ZTE ZXHN router</description>
+    <example hw.product="H218N" hw.version="1.02.01_ERS">ZXHN H218N/V1.02.01_ERS</example>
+    <example hw.product="H367N" hw.version="1.0.4">ZXHN H367N/V1.0.4</example>
+    <example hw.product="H218N" hw.version="1.02.01">ZXHN H218N/V1.02.01</example>
+    <example hw.product="H208N" hw.version="1.0.2T02">ZXHN H208N/V1.0.2T02</example>
+    <param pos="0" name="hw.vendor" value="ZTE"/>
+    <param pos="0" name="hw.device" value="Router"/>
+    <param pos="0" name="hw.family" value="ZXHN"/>
+    <param pos="1" name="hw.product"/>
+    <param pos="2" name="hw.version"/>
+  </fingerprint>
 </fingerprints>

metadata CHANGED

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.1.25
+  version: 2.1.26
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2018-10-05 00:00:00.000000000 Z
+date: 2018-10-10 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -244,7 +244,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.5.2
+rubygems_version: 2.6.11
 signing_key:
 specification_version: 4
 summary: Network service fingerprint database, classes, and utilities