recog 2.1.45 → 2.1.46

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 75e919260aa564c2147c9f438ba54d28813ef5e8
-  data.tar.gz: 0f89b8dc3a5cf719bcefdba8b39225b3b28647b2
+  metadata.gz: 7d5ed3f1174d68e401874f713a6f830e05f6f8a3
+  data.tar.gz: fe5277bdaa29a135475eac47be2e4e9faf268f12
 SHA512:
-  metadata.gz: 4caecab69c1f155dbe91c286fc8037b05a4181cf428200c1068e48dbe54f95b57c855b279a07bfe05ca9380f047bcc200d2603d8878ce737a6c48563fb9fd8a9
-  data.tar.gz: 4076425e8a01cace2ccfff32eb8b078b8878bb70ac5cab3d52fc9e78f5c4477fb6ea50baf84e3f4d1622bc367a32c313a3b4cb92449f8fbfb23db4ce67d42048
+  metadata.gz: 972feaa2f36aa734c61798f5064ef6a14c8f523c71db1aeb3a3374c168f4e018898f691946635df9dac4feebba2c79b278f664ef86df38bde49f8794f2f68aee
+  data.tar.gz: 9724d33f5068e3041df4fe0123dadd0c617ecb1dc29a6b1d9ab207d8a71f8498d5e639899923a2d867b5fdb1c1f177cc8f1c035b050ba2efd74445d269f20593

data/lib/recog/version.rb

@@ -1,3 +1,3 @@
 module Recog
-  VERSION = '2.1.45'
+  VERSION = '2.1.46'
 end

data/xml/ftp_banners.xml

@@ -1233,7 +1233,6 @@ more text</example>
     <param pos="0" name="service.cpe23" value="cpe:/a:bftpd_project:bftpd:{service.version}"/>
     <param pos="2" name="host.ip"/>
   </fingerprint>
-
   <fingerprint pattern="^NASFTPD Turbo station (?:2.x )?([\w.]+) Server \(ProFTPD\)(?: \[([a-f\d.:]+)\])?$">
     <description>ProFTPD on QNAP Turbo Station NAS</description>
     <example service.version="1.3.5a" host.ip="192.168.1.100">NASFTPD Turbo station 1.3.5a Server (ProFTPD) [192.168.1.100]</example>

data/xml/html_title.xml

@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<fingerprints matches="html_title" database_type="service" preference="0.90">
+  <!-- HTML Title elements found in HTTP response bodies are matched against these patterns to fingerprint HTTP servers. -->
+  <fingerprint pattern="^(.*)&amp;nbsp;-&amp;nbsp;Synology&amp;nbsp;DiskStation$">
+    <description>Synology DiskStation</description>
+    <example host.name="DiskStation">DiskStation&amp;nbsp;-&amp;nbsp;Synology&amp;nbsp;DiskStation</example>
+    <example host.name="DS218">DS218&amp;nbsp;-&amp;nbsp;Synology&amp;nbsp;DiskStation</example>
+    <param pos="0" name="hw.vendor" value="Synology"/>
+    <param pos="0" name="hw.family" value="DiskStation"/>
+    <param pos="0" name="hw.device" value="NAS"/>
+    <param pos="0" name="os.device" value="NAS"/>
+    <param pos="0" name="os.family" value="Linux"/>
+    <param pos="0" name="os.product" value="DSM"/>
+    <param pos="0" name="os.vendor" value="Synology"/>
+    <param pos="1" name="host.name"/>
+  </fingerprint>
+  <fingerprint pattern="^Web Filter Block Override$">
+    <description>Fortinet FortiGate/Fortiguard Web Filter</description>
+    <example>Web Filter Block Override</example>
+    <param pos="0" name="os.vendor" value="Fortinet"/>
+    <param pos="0" name="os.family" value="FortiOS"/>
+    <param pos="0" name="os.product" value="FortiOS"/>
+    <param pos="0" name="os.device" value="Firewall"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:fortinet:fortios:-"/>
+    <param pos="0" name="hw.vendor" value="Fortinet"/>
+    <param pos="0" name="hw.family" value="FortiGate"/>
+    <param pos="0" name="hw.device" value="Firewall"/>
+  </fingerprint>
+  <!-- Various products by Ubiquiti networks -->
+  <fingerprint pattern="^Ubiquiti Networks$">
+    <description>Generic products by Ubiquiti Networks</description>
+    <example>Ubiquiti Networks</example>
+    <param pos="0" name="hw.vendor" value="Ubiquiti"/>
+  </fingerprint>
+  <fingerprint pattern="^EdgeOS$">
+    <description>Ubiquiti EdgeRouter/EdgeSwitch/etc</description>
+    <example>EdgeOS</example>
+    <param pos="0" name="hw.vendor" value="Ubiquiti"/>
+  </fingerprint>
+  <fingerprint pattern="^UniFi Video$">
+    <description>Various UniFi Video products by Ubiquiti Networks</description>
+    <example>UniFi Video</example>
+    <param pos="0" name="hw.vendor" value="Ubiquiti"/>
+    <param pos="0" name="hw.family" value="UniFi"/>
+    <param pos="0" name="hw.device" value="Web cam"/>
+  </fingerprint>
+  <fingerprint pattern="^RouterOS router configuration page$">
+    <description>MikroTik RouterOS router configuration page</description>
+    <example>RouterOS router configuration page</example>
+    <param pos="0" name="os.vendor" value="MikroTik"/>
+    <param pos="0" name="os.device" value="Router"/>
+    <param pos="0" name="os.product" value="RouterOS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
+    <param pos="0" name="hw.vendor" value="MikroTik"/>
+    <param pos="0" name="hw.device" value="Router"/>
+  </fingerprint>
+  <fingerprint pattern="^Welcome to nginx!$">
+    <description>Default OS-agnostic nginx</description>
+    <example>Welcome to nginx!</example>
+    <param pos="0" name="service.product" value="nginx"/>
+    <param pos="0" name="service.family" value="nginx"/>
+    <param pos="0" name="service.vendor" value="nginx"/>
+    <param pos="0" name="service.cpe23" value="cpe:/a:nginx:nginx:-"/>
+  </fingerprint>
+</fingerprints>

data/xml/http_servers.xml

@@ -25,6 +25,7 @@
     <param pos="0" name="os.vendor" value="CentOS"/>
     <param pos="0" name="os.family" value="Linux"/>
     <param pos="0" name="os.product" value="Linux"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:centos:centos:-"/>
   </fingerprint>
   <fingerprint pattern="^Stronghold/(\d\.\d) Apache/([012][\d.]*)\s*(.*)$">
     <description>Red Hat Stronghold Enterprise Apache</description>

data/xml/sip_user_agents.xml

@@ -73,13 +73,13 @@
     <param pos="1" name="os.product"/>
     <param pos="2" name="os.version"/>
   </fingerprint>
-   <!-- Huawei devices -->
-   <fingerprint pattern="(?i)^Huawei$">
+  <!-- Huawei devices -->
+  <fingerprint pattern="(?i)^Huawei$">
     <description>Huawei generic</description>
     <example>Huawei</example>
     <param pos="0" name="hw.vendor" value="Huawei"/>
   </fingerprint>
-   <fingerprint pattern="(?i)^Huawei-HomeGateway/V(?:\d.*)$">
+  <fingerprint pattern="(?i)^Huawei-HomeGateway/V(?:\d.*)$">
     <description>Huawei Home Gateway</description>
     <example>Huawei-HomeGateway/V100R001</example>
     <param pos="0" name="hw.vendor" value="Huawei"/>

data/xml/smb_native_lm.xml

@@ -57,5 +57,6 @@
     <param pos="0" name="os.device" value="Router"/>
     <param pos="0" name="os.family" value="RouterOS"/>
     <param pos="0" name="os.product" value="RouterOS"/>
+    <param pos="0" name="os.cpe23" value="cpe:/o:mikrotik:routeros:-"/>
   </fingerprint>
 </fingerprints>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: recog
 version: !ruby/object:Gem::Version
-  version: 2.1.45
+  version: 2.1.46
 platform: ruby
 authors:
 - Rapid7 Research
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-01-10 00:00:00.000000000 Z
+date: 2019-02-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -193,6 +193,7 @@ files:
 - xml/ftp_banners.xml
 - xml/h323_callresp.xml
 - xml/hp_pjl_id.xml
+- xml/html_title.xml
 - xml/http_cookies.xml
 - xml/http_servers.xml
 - xml/http_wwwauth.xml
@@ -248,7 +249,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2
+rubygems_version: 2.6.11
 signing_key: 
 specification_version: 4
 summary: Network service fingerprint database, classes, and utilities