recog 2.1.43 → 2.1.44
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/recog/version.rb +1 -1
- data/xml/ftp_banners.xml +5 -4
- data/xml/ldap_searchresult.xml +2 -2
- data/xml/telnet_banners.xml +11 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4b6e9731114ba1506c7f5aa507176d28345b4ec4
|
|
4
|
+
data.tar.gz: 50a3e6688afbac0eae03b17bae41dedf91595292
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9c8bddf9f1cd01a8a2884e7b5537de4e78bd3dc484cb55ed9d9d5f79646623ee8c2f93ffa8568384a7ff3c30e8ad6087e6a9c2ce9fbb58fd1d8857df51c32fbb
|
|
7
|
+
data.tar.gz: 65c45fc4af19334087aa0a2d3a375232f4f0c5c500ecace2b0ffaf72c4d8c886c56a8626172164be06a906e4f325e5217c6e7b096214f4f31256b69b6bd2a941
|
data/lib/recog/version.rb
CHANGED
data/xml/ftp_banners.xml
CHANGED
|
@@ -287,7 +287,7 @@ example.com FTP server (Version: Mac OS X Server) ready.</example>
|
|
|
287
287
|
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
|
288
288
|
<param pos="1" name="host.name"/>
|
|
289
289
|
</fingerprint>
|
|
290
|
-
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[[
|
|
290
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[[a-f\d.:\]]*$">
|
|
291
291
|
<description>ProFTPD with version info - truncated</description>
|
|
292
292
|
<example service.version="1.3.2c">ProFTPD 1.3.2c Server (ProFTPD Default Installation) [</example>
|
|
293
293
|
<example proftpd.server.name="svrname.hosting.com">ProFTPD 1.3.0 Server (svrname.hosting.com) [10.10.10.</example>
|
|
@@ -1222,7 +1222,7 @@ more text</example>
|
|
|
1222
1222
|
<param pos="0" name="service.vendor" value="Multicraft"/>
|
|
1223
1223
|
<param pos="1" name="service.version"/>
|
|
1224
1224
|
</fingerprint>
|
|
1225
|
-
<fingerprint pattern="^bftpd ([\d.]+) at ([
|
|
1225
|
+
<fingerprint pattern="^bftpd ([\d.]+) at ([a-f\d.:]+) ready\.$">
|
|
1226
1226
|
<description>Bftpd FTPD Server</description>
|
|
1227
1227
|
<example service.version="2.2.1" host.ip="192.168.0.1">bftpd 2.2.1 at 192.168.0.1 ready.</example>
|
|
1228
1228
|
<example service.version="2.2" host.ip="::ffff:192.168.1.1">bftpd 2.2 at ::ffff:192.168.1.1 ready.</example>
|
|
@@ -1233,7 +1233,8 @@ more text</example>
|
|
|
1233
1233
|
<param pos="0" name="service.cpe23" value="cpe:/a:bftpd_project:bftpd:{service.version}"/>
|
|
1234
1234
|
<param pos="2" name="host.ip"/>
|
|
1235
1235
|
</fingerprint>
|
|
1236
|
-
|
|
1236
|
+
|
|
1237
|
+
<fingerprint pattern="^NASFTPD Turbo station (?:2.x )?([\w.]+) Server \(ProFTPD\)(?: \[([a-f\d.:]+)\])?$">
|
|
1237
1238
|
<description>ProFTPD on QNAP Turbo Station NAS</description>
|
|
1238
1239
|
<example service.version="1.3.5a" host.ip="192.168.1.100">NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.100]</example>
|
|
1239
1240
|
<example service.version="1.3.1rc2" host.ip="192.168.1.100">NASFTPD Turbo station 2.x 1.3.1rc2 Server (ProFTPD) [192.168.1.100]</example>
|
|
@@ -1298,7 +1299,7 @@ more text</example>
|
|
|
1298
1299
|
<param pos="0" name="os.product" value="Windows"/>
|
|
1299
1300
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
1300
1301
|
</fingerprint>
|
|
1301
|
-
<fingerprint pattern="^FTP Server \(ZyWALL (USG\s?[\w-]+)\) \[([
|
|
1302
|
+
<fingerprint pattern="^FTP Server \(ZyWALL (USG\s?[\w-]+)\) \[([a-f\d:.]+)\]$">
|
|
1302
1303
|
<description>ZyXEL Unified Security Gateway</description>
|
|
1303
1304
|
<example hw.product="USG 20" host.ip="::ffff:192.168.0.2">FTP Server (ZyWALL USG 20) [::ffff:192.168.0.2]</example>
|
|
1304
1305
|
<example hw.product="USG100-PLUS" host.ip="::ffff:192.168.5.101">FTP Server (ZyWALL USG100-PLUS) [::ffff:192.168.5.101]</example>
|
data/xml/ldap_searchresult.xml
CHANGED
|
@@ -657,7 +657,7 @@
|
|
|
657
657
|
<param pos="0" name="service.product" value="UnboundID Directory Proxy Server"/>
|
|
658
658
|
<param pos="1" name="service.version"/>
|
|
659
659
|
</fingerprint>
|
|
660
|
-
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.IPVA-\w+-)">
|
|
660
|
+
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.IPVA-\w+-)" flags="REG_MULTILINE">
|
|
661
661
|
<description>innovaphone VoIP Gateway Virtual Appliance</description>
|
|
662
662
|
<example _encoding="base64">
|
|
663
663
|
Dm5hbWluZ0NvbnRleHRzMQoECGNuPUtQQlgwMCIED2xkYXBTZXJ2aWNlTmFtZTEPBA1JUFZBL
|
|
@@ -667,7 +667,7 @@
|
|
|
667
667
|
<param pos="0" name="service.family" value="VoiP Gateway"/>
|
|
668
668
|
<param pos="0" name="service.product" value="IPVA"/>
|
|
669
669
|
</fingerprint>
|
|
670
|
-
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.(IP\d+)-\w+-)">
|
|
670
|
+
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.(IP\d+)-\w+-)" flags="REG_MULTILINE">
|
|
671
671
|
<description>innovaphone VoIP Gateway</description>
|
|
672
672
|
<example service.product="IP800" _encoding="base64">
|
|
673
673
|
bmFtaW5nQ29udGV4dHMxCgQIY249S1BCWDAwIwQPbGRhcFNlcnZpY2VOYW1lMRAEDklQODAwL
|
data/xml/telnet_banners.xml
CHANGED
|
@@ -336,7 +336,7 @@
|
|
|
336
336
|
<param pos="3" name="os.arch"/>
|
|
337
337
|
<param pos="4" name="host.name"/>
|
|
338
338
|
</fingerprint>
|
|
339
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$">
|
|
339
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
340
340
|
<description>ALCATEL Service Router running TiMOS</description>
|
|
341
341
|
<!-- TiMOS-C-12.0.R12 cpm/hops64 ALCATEL SR 7750 Copyright (c) 2000-2015 Alcatel-Lucent.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
342
342
|
<example _encoding="base64" os.version="12.0.R12" hw.product="SR 7750" os.arch="hops64">
|
|
@@ -355,7 +355,7 @@
|
|
|
355
355
|
<param pos="3" name="hw.product"/>
|
|
356
356
|
</fingerprint>
|
|
357
357
|
<!-- Nokia purchased Alcatel Lucent, finalized in Nov 2016 -->
|
|
358
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$">
|
|
358
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
359
359
|
<description>Nokia Service Router running TiMOS</description>
|
|
360
360
|
<!-- TiMOS-C-14.0.R5 cpm/hops64 Nokia 7750 SR Copyright (c) 2000-2016 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
361
361
|
<example _encoding="base64" os.version="14.0.R5" os.arch="hops64" hw.product="7750 SR">
|
|
@@ -379,7 +379,7 @@
|
|
|
379
379
|
<param pos="0" name="hw.device" value="Router"/>
|
|
380
380
|
<param pos="3" name="hw.product"/>
|
|
381
381
|
</fingerprint>
|
|
382
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$">
|
|
382
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
383
383
|
<description>Nokia Service Access Switch running TiMOS</description>
|
|
384
384
|
<!-- TiMOS-B-8.0.R12 both/hops Nokia SAS-Mxp 22F2C 4SFP+ 7210 Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
385
385
|
<example _encoding="base64" os.version="8.0.R12" os.arch="hops" hw.product="SAS-Mxp 22F2C 4SFP+ 7210">
|
|
@@ -546,7 +546,7 @@
|
|
|
546
546
|
<param pos="0" name="hw.product" value="JetDirect"/>
|
|
547
547
|
<param pos="0" name="hw.device" value="Printer"/>
|
|
548
548
|
</fingerprint>
|
|
549
|
-
<fingerprint pattern="^(?:\r|\n)*%connection closed by remote host!(?:\
|
|
549
|
+
<fingerprint pattern="^(?:\r|\n)*%connection closed by remote host!(?:\x00)?$">
|
|
550
550
|
<description>HP switch blocking connection using network ACL</description>
|
|
551
551
|
<!-- %connection closed by remote host! -->
|
|
552
552
|
<example _encoding="base64">JWNvbm5lY3Rpb24gY2xvc2VkIGJ5IHJlbW90ZSBob3N0IQ==</example>
|
|
@@ -593,7 +593,7 @@
|
|
|
593
593
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
594
594
|
<param pos="0" name="hw.device" value="Router"/>
|
|
595
595
|
</fingerprint>
|
|
596
|
-
<fingerprint pattern="^(?m)(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply">
|
|
596
|
+
<fingerprint pattern="^(?m)(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply" flags="REG_MULTILINE">
|
|
597
597
|
<description>Cisco Catalyst 1900</description>
|
|
598
598
|
<!-- Catalyst 1900, unlike other Catalyst models, didn't run CatOS or IOS -->
|
|
599
599
|
<!-- Catalyst 1900 Management Console\r\nCopyright (c) Cisco Systems, Inc. 1993-1998\r\nAll rights reserved.\r\nEnterprise Edition Software\r\nEthernet Address: 00-AA-19-38-AA-00\r\n\r\nPCA Number: 73-31AA-AA\r\nPCA Serial Number: FAB033AAAAA\r\nModel Number: WS-C1924-EN\r\nSystem Serial Number: FAB0341AAAA\r\nPower Supply S/N: -->
|
|
@@ -708,7 +708,7 @@
|
|
|
708
708
|
<param pos="0" name="hw.device" value="Router"/>
|
|
709
709
|
<param pos="1" name="hw.product"/>
|
|
710
710
|
</fingerprint>
|
|
711
|
-
<fingerprint pattern="^(?m)(BCM\d+) Broadband Router\r\n.*Please input the verification code:$">
|
|
711
|
+
<fingerprint pattern="^(?m)(BCM\d+) Broadband Router\r\n.*Please input the verification code:$" flags="REG_MULTILINE">
|
|
712
712
|
<description>OEM'd Broadcom Router - input validation code</description>
|
|
713
713
|
<!-- BCM96318 Broadband Router\r\n====================================================\r\n * * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * * * * \r\n====================================================\r\nPlease input the verification code: -->
|
|
714
714
|
<example _encoding="base64" hw.product="BCM96318">
|
|
@@ -842,7 +842,7 @@
|
|
|
842
842
|
<param pos="0" name="os.device" value="Linux"/>
|
|
843
843
|
<param pos="1" name="os.version"/>
|
|
844
844
|
</fingerprint>
|
|
845
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux ES release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)">
|
|
845
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux ES release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
|
846
846
|
<description>RedHat Enterprise Linux ES</description>
|
|
847
847
|
<!-- Red Hat Enterprise Linux ES release 3 (Taroon Update 9\nKernel 2.4.21-47.EL on an x86_64\nlogin: -->
|
|
848
848
|
<example _encoding="base64" os.version="3" linux.kernel.version="2.4.21-47.EL" os.arch="x86_64">
|
|
@@ -857,7 +857,7 @@
|
|
|
857
857
|
<param pos="3" name="os.arch"/>
|
|
858
858
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
|
859
859
|
</fingerprint>
|
|
860
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux AS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)">
|
|
860
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux AS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
|
861
861
|
<description>RedHat Enterprise Linux AS</description>
|
|
862
862
|
<!-- Red Hat Enterprise Linux AS release 5.8 (Tikanga)\nKernel 2.6.18-308.11.1.el5 on an x86_64\nlogin: -->
|
|
863
863
|
<example _encoding="base64" os.version="5.8" linux.kernel.version="2.6.18-308.11.1.el5" os.arch="x86_64">
|
|
@@ -871,7 +871,7 @@
|
|
|
871
871
|
<param pos="2" name="linux.kernel.version"/>
|
|
872
872
|
<param pos="3" name="os.arch"/>
|
|
873
873
|
</fingerprint>
|
|
874
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux WS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*)">
|
|
874
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux WS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*)" flags="REG_MULTILINE">
|
|
875
875
|
<description>RedHat Enterprise Linux WS</description>
|
|
876
876
|
<!--Red Hat Enterprise Linux WS release 2.1 (Tampa) \nKernel 2.4.9-e.40smp on an i686 \nlogin: -->
|
|
877
877
|
<example _encoding="base64" os.version="2.1" linux.kernel.version="2.4.9-e.40smp" os.arch="i686">
|
|
@@ -885,7 +885,7 @@
|
|
|
885
885
|
<param pos="2" name="linux.kernel.version"/>
|
|
886
886
|
<param pos="3" name="os.arch"/>
|
|
887
887
|
</fingerprint>
|
|
888
|
-
<fingerprint pattern="^(?m)Fedora Core.release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d).*$">
|
|
888
|
+
<fingerprint pattern="^(?m)Fedora Core.release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d).*$" flags="REG_MULTILINE">
|
|
889
889
|
<description>Fedora Core Release</description>
|
|
890
890
|
<!-- Fedora Core release 1 (Yarrow)\nKernel 2.4.20-13.9ensim-3.5.0-13 on an i686\nlogin:-->
|
|
891
891
|
<example _encoding="base64" os.version="1" linux.kernel.version="2.4.20-13.9ensim-3.5.0-13" os.arch="i686">
|
|
@@ -1322,7 +1322,7 @@
|
|
|
1322
1322
|
<param pos="0" name="os.cpe23" value="cpe:/o:sgi:irix:-"/>
|
|
1323
1323
|
<param pos="1" name="host.name"/>
|
|
1324
1324
|
</fingerprint>
|
|
1325
|
-
<fingerprint pattern="(?m)(ES|RS)\s([^\s]+) System Software, Version ([^\s]+).*Riverstone Networks">
|
|
1325
|
+
<fingerprint pattern="(?m)(ES|RS)\s([^\s]+) System Software, Version ([^\s]+).*Riverstone Networks" flags="REG_MULTILINE">
|
|
1326
1326
|
<description>a Riverstone router</description>
|
|
1327
1327
|
<!-- Using '+' instead of '-' due to xml issue -->
|
|
1328
1328
|
<!-- ++++++++++++++++++++++++++++++++++\nES 10170 System Software, Version 9.3.0.4\n
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.44
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rapid7 Research
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-01-
|
|
11
|
+
date: 2019-01-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|