recog 2.1.43 → 2.1.44
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/recog/version.rb +1 -1
- data/xml/ftp_banners.xml +5 -4
- data/xml/ldap_searchresult.xml +2 -2
- data/xml/telnet_banners.xml +11 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4b6e9731114ba1506c7f5aa507176d28345b4ec4
|
|
4
|
+
data.tar.gz: 50a3e6688afbac0eae03b17bae41dedf91595292
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9c8bddf9f1cd01a8a2884e7b5537de4e78bd3dc484cb55ed9d9d5f79646623ee8c2f93ffa8568384a7ff3c30e8ad6087e6a9c2ce9fbb58fd1d8857df51c32fbb
|
|
7
|
+
data.tar.gz: 65c45fc4af19334087aa0a2d3a375232f4f0c5c500ecace2b0ffaf72c4d8c886c56a8626172164be06a906e4f325e5217c6e7b096214f4f31256b69b6bd2a941
|
data/lib/recog/version.rb
CHANGED
data/xml/ftp_banners.xml
CHANGED
|
@@ -287,7 +287,7 @@ example.com FTP server (Version: Mac OS X Server) ready.</example>
|
|
|
287
287
|
<param pos="0" name="service.cpe23" value="cpe:/a:proftpd:proftpd:-"/>
|
|
288
288
|
<param pos="1" name="host.name"/>
|
|
289
289
|
</fingerprint>
|
|
290
|
-
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[[
|
|
290
|
+
<fingerprint pattern="^ProFTPD (\d+\.[^\s]+) Server \((.*)\) \[[a-f\d.:\]]*$">
|
|
291
291
|
<description>ProFTPD with version info - truncated</description>
|
|
292
292
|
<example service.version="1.3.2c">ProFTPD 1.3.2c Server (ProFTPD Default Installation) [</example>
|
|
293
293
|
<example proftpd.server.name="svrname.hosting.com">ProFTPD 1.3.0 Server (svrname.hosting.com) [10.10.10.</example>
|
|
@@ -1222,7 +1222,7 @@ more text</example>
|
|
|
1222
1222
|
<param pos="0" name="service.vendor" value="Multicraft"/>
|
|
1223
1223
|
<param pos="1" name="service.version"/>
|
|
1224
1224
|
</fingerprint>
|
|
1225
|
-
<fingerprint pattern="^bftpd ([\d.]+) at ([
|
|
1225
|
+
<fingerprint pattern="^bftpd ([\d.]+) at ([a-f\d.:]+) ready\.$">
|
|
1226
1226
|
<description>Bftpd FTPD Server</description>
|
|
1227
1227
|
<example service.version="2.2.1" host.ip="192.168.0.1">bftpd 2.2.1 at 192.168.0.1 ready.</example>
|
|
1228
1228
|
<example service.version="2.2" host.ip="::ffff:192.168.1.1">bftpd 2.2 at ::ffff:192.168.1.1 ready.</example>
|
|
@@ -1233,7 +1233,8 @@ more text</example>
|
|
|
1233
1233
|
<param pos="0" name="service.cpe23" value="cpe:/a:bftpd_project:bftpd:{service.version}"/>
|
|
1234
1234
|
<param pos="2" name="host.ip"/>
|
|
1235
1235
|
</fingerprint>
|
|
1236
|
-
|
|
1236
|
+
|
|
1237
|
+
<fingerprint pattern="^NASFTPD Turbo station (?:2.x )?([\w.]+) Server \(ProFTPD\)(?: \[([a-f\d.:]+)\])?$">
|
|
1237
1238
|
<description>ProFTPD on QNAP Turbo Station NAS</description>
|
|
1238
1239
|
<example service.version="1.3.5a" host.ip="192.168.1.100">NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.100]</example>
|
|
1239
1240
|
<example service.version="1.3.1rc2" host.ip="192.168.1.100">NASFTPD Turbo station 2.x 1.3.1rc2 Server (ProFTPD) [192.168.1.100]</example>
|
|
@@ -1298,7 +1299,7 @@ more text</example>
|
|
|
1298
1299
|
<param pos="0" name="os.product" value="Windows"/>
|
|
1299
1300
|
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows:-"/>
|
|
1300
1301
|
</fingerprint>
|
|
1301
|
-
<fingerprint pattern="^FTP Server \(ZyWALL (USG\s?[\w-]+)\) \[([
|
|
1302
|
+
<fingerprint pattern="^FTP Server \(ZyWALL (USG\s?[\w-]+)\) \[([a-f\d:.]+)\]$">
|
|
1302
1303
|
<description>ZyXEL Unified Security Gateway</description>
|
|
1303
1304
|
<example hw.product="USG 20" host.ip="::ffff:192.168.0.2">FTP Server (ZyWALL USG 20) [::ffff:192.168.0.2]</example>
|
|
1304
1305
|
<example hw.product="USG100-PLUS" host.ip="::ffff:192.168.5.101">FTP Server (ZyWALL USG100-PLUS) [::ffff:192.168.5.101]</example>
|
data/xml/ldap_searchresult.xml
CHANGED
|
@@ -657,7 +657,7 @@
|
|
|
657
657
|
<param pos="0" name="service.product" value="UnboundID Directory Proxy Server"/>
|
|
658
658
|
<param pos="1" name="service.version"/>
|
|
659
659
|
</fingerprint>
|
|
660
|
-
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.IPVA-\w+-)">
|
|
660
|
+
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.IPVA-\w+-)" flags="REG_MULTILINE">
|
|
661
661
|
<description>innovaphone VoIP Gateway Virtual Appliance</description>
|
|
662
662
|
<example _encoding="base64">
|
|
663
663
|
Dm5hbWluZ0NvbnRleHRzMQoECGNuPUtQQlgwMCIED2xkYXBTZXJ2aWNlTmFtZTEPBA1JUFZBL
|
|
@@ -667,7 +667,7 @@
|
|
|
667
667
|
<param pos="0" name="service.family" value="VoiP Gateway"/>
|
|
668
668
|
<param pos="0" name="service.product" value="IPVA"/>
|
|
669
669
|
</fingerprint>
|
|
670
|
-
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.(IP\d+)-\w+-)">
|
|
670
|
+
<fingerprint pattern="(?im:namingContexts1.\x04.cn=.?pbx.*\x04.ldapServiceName1.\x04.(IP\d+)-\w+-)" flags="REG_MULTILINE">
|
|
671
671
|
<description>innovaphone VoIP Gateway</description>
|
|
672
672
|
<example service.product="IP800" _encoding="base64">
|
|
673
673
|
bmFtaW5nQ29udGV4dHMxCgQIY249S1BCWDAwIwQPbGRhcFNlcnZpY2VOYW1lMRAEDklQODAwL
|
data/xml/telnet_banners.xml
CHANGED
|
@@ -336,7 +336,7 @@
|
|
|
336
336
|
<param pos="3" name="os.arch"/>
|
|
337
337
|
<param pos="4" name="host.name"/>
|
|
338
338
|
</fingerprint>
|
|
339
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$">
|
|
339
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)/([\w]+) ALCATEL (SR [\S]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
340
340
|
<description>ALCATEL Service Router running TiMOS</description>
|
|
341
341
|
<!-- TiMOS-C-12.0.R12 cpm/hops64 ALCATEL SR 7750 Copyright (c) 2000-2015 Alcatel-Lucent.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
342
342
|
<example _encoding="base64" os.version="12.0.R12" hw.product="SR 7750" os.arch="hops64">
|
|
@@ -355,7 +355,7 @@
|
|
|
355
355
|
<param pos="3" name="hw.product"/>
|
|
356
356
|
</fingerprint>
|
|
357
357
|
<!-- Nokia purchased Alcatel Lucent, finalized in Nov 2016 -->
|
|
358
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$">
|
|
358
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia ([\S]+ [SRX]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
359
359
|
<description>Nokia Service Router running TiMOS</description>
|
|
360
360
|
<!-- TiMOS-C-14.0.R5 cpm/hops64 Nokia 7750 SR Copyright (c) 2000-2016 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
361
361
|
<example _encoding="base64" os.version="14.0.R5" os.arch="hops64" hw.product="7750 SR">
|
|
@@ -379,7 +379,7 @@
|
|
|
379
379
|
<param pos="0" name="hw.device" value="Router"/>
|
|
380
380
|
<param pos="3" name="hw.product"/>
|
|
381
381
|
</fingerprint>
|
|
382
|
-
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$">
|
|
382
|
+
<fingerprint pattern="^(?m)TiMOS-[CB]-([\S]+) (?:both|cpm)\/([\w]+) Nokia (SAS[+\w\s-]+) Copyright.*Login:\s*$" flags="REG_MULTILINE">
|
|
383
383
|
<description>Nokia Service Access Switch running TiMOS</description>
|
|
384
384
|
<!-- TiMOS-B-8.0.R12 both/hops Nokia SAS-Mxp 22F2C 4SFP+ 7210 Copyright (c) 2000-2017 Nokia.\r\r\nBanner Shortened For \r\r\nBrevity\r\nLogin: -->
|
|
385
385
|
<example _encoding="base64" os.version="8.0.R12" os.arch="hops" hw.product="SAS-Mxp 22F2C 4SFP+ 7210">
|
|
@@ -546,7 +546,7 @@
|
|
|
546
546
|
<param pos="0" name="hw.product" value="JetDirect"/>
|
|
547
547
|
<param pos="0" name="hw.device" value="Printer"/>
|
|
548
548
|
</fingerprint>
|
|
549
|
-
<fingerprint pattern="^(?:\r|\n)*%connection closed by remote host!(?:\
|
|
549
|
+
<fingerprint pattern="^(?:\r|\n)*%connection closed by remote host!(?:\x00)?$">
|
|
550
550
|
<description>HP switch blocking connection using network ACL</description>
|
|
551
551
|
<!-- %connection closed by remote host! -->
|
|
552
552
|
<example _encoding="base64">JWNvbm5lY3Rpb24gY2xvc2VkIGJ5IHJlbW90ZSBob3N0IQ==</example>
|
|
@@ -593,7 +593,7 @@
|
|
|
593
593
|
<param pos="0" name="hw.vendor" value="Cisco"/>
|
|
594
594
|
<param pos="0" name="hw.device" value="Router"/>
|
|
595
595
|
</fingerprint>
|
|
596
|
-
<fingerprint pattern="^(?m)(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply">
|
|
596
|
+
<fingerprint pattern="^(?m)(?:\r|\n)*Catalyst 1900 Management Console(?:\r|\n)+.*Ethernet Address:\s+([\w-]+)(?:\r|\n)+.*Model Number:\s+([\w-]+)(?:\r|\n)+System Serial Number:\s+(\w+)(?:\r|\n)+Power Supply" flags="REG_MULTILINE">
|
|
597
597
|
<description>Cisco Catalyst 1900</description>
|
|
598
598
|
<!-- Catalyst 1900, unlike other Catalyst models, didn't run CatOS or IOS -->
|
|
599
599
|
<!-- Catalyst 1900 Management Console\r\nCopyright (c) Cisco Systems, Inc. 1993-1998\r\nAll rights reserved.\r\nEnterprise Edition Software\r\nEthernet Address: 00-AA-19-38-AA-00\r\n\r\nPCA Number: 73-31AA-AA\r\nPCA Serial Number: FAB033AAAAA\r\nModel Number: WS-C1924-EN\r\nSystem Serial Number: FAB0341AAAA\r\nPower Supply S/N: -->
|
|
@@ -708,7 +708,7 @@
|
|
|
708
708
|
<param pos="0" name="hw.device" value="Router"/>
|
|
709
709
|
<param pos="1" name="hw.product"/>
|
|
710
710
|
</fingerprint>
|
|
711
|
-
<fingerprint pattern="^(?m)(BCM\d+) Broadband Router\r\n.*Please input the verification code:$">
|
|
711
|
+
<fingerprint pattern="^(?m)(BCM\d+) Broadband Router\r\n.*Please input the verification code:$" flags="REG_MULTILINE">
|
|
712
712
|
<description>OEM'd Broadcom Router - input validation code</description>
|
|
713
713
|
<!-- BCM96318 Broadband Router\r\n====================================================\r\n * * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * \r\n * * * * * \r\n * * * * * \r\n * * * * * * * * * * * * * * * * \r\n====================================================\r\nPlease input the verification code: -->
|
|
714
714
|
<example _encoding="base64" hw.product="BCM96318">
|
|
@@ -842,7 +842,7 @@
|
|
|
842
842
|
<param pos="0" name="os.device" value="Linux"/>
|
|
843
843
|
<param pos="1" name="os.version"/>
|
|
844
844
|
</fingerprint>
|
|
845
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux ES release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)">
|
|
845
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux ES release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
|
846
846
|
<description>RedHat Enterprise Linux ES</description>
|
|
847
847
|
<!-- Red Hat Enterprise Linux ES release 3 (Taroon Update 9\nKernel 2.4.21-47.EL on an x86_64\nlogin: -->
|
|
848
848
|
<example _encoding="base64" os.version="3" linux.kernel.version="2.4.21-47.EL" os.arch="x86_64">
|
|
@@ -857,7 +857,7 @@
|
|
|
857
857
|
<param pos="3" name="os.arch"/>
|
|
858
858
|
<param pos="0" name="os.cpe23" value="cpe:/o:redhat:linux:{os.version}"/>
|
|
859
859
|
</fingerprint>
|
|
860
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux AS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)">
|
|
860
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux AS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d)" flags="REG_MULTILINE">
|
|
861
861
|
<description>RedHat Enterprise Linux AS</description>
|
|
862
862
|
<!-- Red Hat Enterprise Linux AS release 5.8 (Tikanga)\nKernel 2.6.18-308.11.1.el5 on an x86_64\nlogin: -->
|
|
863
863
|
<example _encoding="base64" os.version="5.8" linux.kernel.version="2.6.18-308.11.1.el5" os.arch="x86_64">
|
|
@@ -871,7 +871,7 @@
|
|
|
871
871
|
<param pos="2" name="linux.kernel.version"/>
|
|
872
872
|
<param pos="3" name="os.arch"/>
|
|
873
873
|
</fingerprint>
|
|
874
|
-
<fingerprint pattern="^(?m)Red Hat Enterprise Linux WS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*)">
|
|
874
|
+
<fingerprint pattern="^(?m)Red Hat Enterprise Linux WS release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*)" flags="REG_MULTILINE">
|
|
875
875
|
<description>RedHat Enterprise Linux WS</description>
|
|
876
876
|
<!--Red Hat Enterprise Linux WS release 2.1 (Tampa) \nKernel 2.4.9-e.40smp on an i686 \nlogin: -->
|
|
877
877
|
<example _encoding="base64" os.version="2.1" linux.kernel.version="2.4.9-e.40smp" os.arch="i686">
|
|
@@ -885,7 +885,7 @@
|
|
|
885
885
|
<param pos="2" name="linux.kernel.version"/>
|
|
886
886
|
<param pos="3" name="os.arch"/>
|
|
887
887
|
</fingerprint>
|
|
888
|
-
<fingerprint pattern="^(?m)Fedora Core.release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d).*$">
|
|
888
|
+
<fingerprint pattern="^(?m)Fedora Core.release (.*) \(.*\).*Kernel (.*) on a[^ ]* ([^ ]*\d).*$" flags="REG_MULTILINE">
|
|
889
889
|
<description>Fedora Core Release</description>
|
|
890
890
|
<!-- Fedora Core release 1 (Yarrow)\nKernel 2.4.20-13.9ensim-3.5.0-13 on an i686\nlogin:-->
|
|
891
891
|
<example _encoding="base64" os.version="1" linux.kernel.version="2.4.20-13.9ensim-3.5.0-13" os.arch="i686">
|
|
@@ -1322,7 +1322,7 @@
|
|
|
1322
1322
|
<param pos="0" name="os.cpe23" value="cpe:/o:sgi:irix:-"/>
|
|
1323
1323
|
<param pos="1" name="host.name"/>
|
|
1324
1324
|
</fingerprint>
|
|
1325
|
-
<fingerprint pattern="(?m)(ES|RS)\s([^\s]+) System Software, Version ([^\s]+).*Riverstone Networks">
|
|
1325
|
+
<fingerprint pattern="(?m)(ES|RS)\s([^\s]+) System Software, Version ([^\s]+).*Riverstone Networks" flags="REG_MULTILINE">
|
|
1326
1326
|
<description>a Riverstone router</description>
|
|
1327
1327
|
<!-- Using '+' instead of '-' due to xml issue -->
|
|
1328
1328
|
<!-- ++++++++++++++++++++++++++++++++++\nES 10170 System Software, Version 9.3.0.4\n
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: recog
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.1.
|
|
4
|
+
version: 2.1.44
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Rapid7 Research
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-01-
|
|
11
|
+
date: 2019-01-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|