2021-05-30 13:14:15 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.3.20
2.3.20 (2021-05-13)
Highlights:
* BUG: Fix for a regex performance bug in http_servers when matching
IPs. This was brought to our attention by @hudclark (#353)
* BUG: Fix for a CPE generation bug in which we were using deprecated
CPEs. This was brought to our attention by @p0lr (#361)
* CPE: Remapping logic was refactored so that remaps are specific record
type (a,h,o) which provides much greater flexibility. (#361)
* CPE: Focused improvements in coverage (#349)
* Fingerprints: Misc improvements (Thanks @cblack-r7, @dabdine, @sdynes-r7)
(#341, #344, #345, #351, #354, #355)
* Fingerprints: HTTP - focused work on HTTP related (http_servers,
html_title, etc) fingerprints (#352, #357, #358, #359)
* Tooling: Adding field names (os.vendor, service.product, etc) to our
standard identifier checks (#350)
|
2021-02-05 15:58:26 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.3.19
2.3.19 (2021.02.04)
Highlights:
* JARM: New JARM database thanks to Julien Voisin @jvoisin (#331)
* Many contributions from Rumble Discovery (@hdm) thanks to Julien Voisin
@jvoisin for the backport (#334)
* Testing: New testing via Github actions thanks to Gavin Schneider
@gschneider-r7 (#328)
* SIP: Improved coverage for Server and User Agent (#339)
* CPE: Various improvements (#330)
* SMB: Focused improvements and added product coverage (#307)
* Misc fingerprint improvements (Thanks @jvoisin and @scopedsecurity)
(#308, #327, #331)
|
2021-01-11 15:42:32 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.3.18
2.3.18 (2020-12-17)
* DCA-22255 Add low certainty to IIS 10 fingerprint to prevent trumping
better system fingerprints
2.3.17 (2020-12-08)
Highlights:
* DNS: Fingerprint for Windows 2003 (#298)
* CPE: Improved generation, standardization, and updates (#301, #303)
* BUG: Fix issue preventing recog_standardize from working (#302)
Changes of note:
* All values for hw.device and os.device have been converted to Title Case
* All hw.device and os.device instances of Web cam and Web Cam are now IP
Camera
* All hw.device and os.device instances of POS are now Point of Sale
2.3.16 (2020-11-06)
Highlights:
* DNS: Extract Microsoft DNS build (#297)
2.3.15 (2020-10-22)
Highlights:
* SNMP: Siemens fingerprint corrections (#286, #291)
* SNMP: SonicWall fingerprint addition (#293)
|
2020-12-04 21:45:51 by Nia Alarie | Files touched by this commit (456) |
Log message:
Revbump packages with a runtime Python dep but no version prefix.
For the Python 3.8 default switch.
|
2020-09-14 15:43:10 by Takahiro Kambe | Files touched by this commit (4) | |
Log message:
net/ruby-recog: update to 2.3.14
Update ruby-recog package to 2.3.14.
2.3.14 - 2020.08.07
Highlights:
* HTTP: Improved coverage of VNC related web services (#282)
* HTTP: Improved coverage and CPEs of SonicWall and Cisco Expressway (#283)
2.3.13 - 2020.08.03
Highlights:
* Improving coverage of Moxa devices (#280)
* Adding fingerprints for certain high volume services as observed by
Project Sonar (#280, #281)
* CPE: Improving the number of fingerprints and Project Sonar matches that
returned CPEs (#281)
2.3.12 - 2020.07.23
Highlights:
* HTTP: Additional SAP NetWeaver and Glassfish coverage and fixes (#279)
* FTP: Serv-U and Filezilla improvements (#279)
* CPE: Tweaks to vendor, service, and cpe-remap.yaml which resulted in much
better coverage for services frequently seen on the Internet. See PR for
stats. (#279)
2.3.11 - 2020.07.16
Highlights:
* HTTP: Adjust banner for $ProjectRevision (Treck TCP/IP) by Anderson Luan
(#272)
* HTTP: SAP Internet Graphics Server and Message Server fingerprints (#275)
* DNS: Windows Server 2008 SP2, performance and other coverage tweaks (#276)
* DNS: Avoid spoofed Microsoft DNS Server, add Debian Buster (#277)
* CPE: Correct CPE generating automation (#278)
2.3.10 - 2020.07.14
Highlights:
* SAP NetWeaver: Telnet and HTTP tweaks (#274)
2.3.9 - 2020.07.14
Highlights:
* Upgrade lxml, improve fingerprint readability (#268)
* New fingerprints and completed normalization by HD Moore (#269)
* New Database: favicons.xml (MD5 fingerprints for favicon.ico files) by HD
Moore (#270)
* HTTP: Project Sonar HTTP updates (including SAP Netweaver / Oracle) (#273)
|
2020-06-07 16:21:52 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.3.8
Update ruby-recog to 2.3.8.
2.3.8 (2020-06-03)
Highlights:
* MariaDB and MySQL fingerprint improvements (#264, #267)
* Multiple fingerprint and consistency improvements by HD Moore (#260, #266)
* Kyocera Printer fingerprint improvements (#262)
|
2020-03-24 16:23:40 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.3.7
Update ruby-recog to 2.3.7.
pkgsrc changes:
* add "USE_LANGUAGES= # none".
* cosmetic change.
Changes are too many to write here, plase refer
<https://github.com/rapid7/recog/releases> in detail.
|
2019-04-25 09:33:32 by Maya Rashish | Files touched by this commit (620) |
Log message:
PKGREVISION bump for anything using python without a PYPKGPREFIX.
This is a semi-manual PKGREVISION bump.
|
2018-09-23 17:57:32 by Takahiro Kambe | Files touched by this commit (3) | |
Log message:
net/ruby-recog: update to 2.1.23
v2.1.23 (2018/09/20)
* use yaml for remapping; remove json transpose code (#177)
- use yaml for remapping; remove json transpose code
- temporarily revert cpe change on win2k3
* TELNET: Initial commit (#178)
* Add better support for Array networks/ArrayOS
v.2.1.22 - 2018.09.04
* New fingerprint coverage: apache_modules.xml #174
- Adds support for performing version detection of Apache modules in HTTP
Server headers.
- Client software calling Recog is expected to split an Apache banner based
on spaces and toss the individual values at Recog.
- This is a first pass, more work will be required to fully flesh this out.
* Improved coverage: http_servers.xml #175
- Leveraging Project Sonar data from 2018.08.13 has resulted in significant
(multiple millions) improvement of fingerprinting against that data set.
- hw.* values added where possible
* Minor FTP tweaks
v.2.1.22 - 2018.08.29
* New capability: CPE 2.3 data #172
- Added preliminary support for returning CPE 2.3 information via a new
fingerprint param named service.cpe23 which can be literal strings or
interpolated values.
Example:
<param pos="0" name="service.cpe23" \
value="cpe:/a:vmware:zimbra_desktop:1"/>
or
<param pos="0" name="service.cpe23" \
value="cpe:/a:vmware:zimbra_desktop:{service.version}"/>
- Software, other than Ruby Recog, that leverage the XML directly will need
to support interpolating the values in order to fully utilize this
capability.
- Future changes to enhance this capability and make creating interpolated
results easier are expected in the near future.
- See PR #172 for more details
* Misc fingerprint updates and changes, some of which were to support CPE
changes.
- Changed the use of 'F5 Labs' to 'F5' in multiple files #171
- Change certain Cisco PIX fingerprints from 'service.' to 'os.' #170
v.2.1.20 - 2018.06.27
* Compatibility: Adjustments to the regex of multiple fingerprints to remove
negative lookaheads and other contructs that Golang doesn't support. #162
v.2.1.19 - 2018.04.16
* Improved coverage: xml/smtp_banners.xml #160
- Note: Due to effort to cleanup description lines (remove duplicates,
remove multilines, provide context, standardize format) almost every value
for <description> has changed. This will impact the value returned as
matched with tools such as DAP.
- Project Sonar SMTP survey data was used to enhance and improve the
coverage. Full details and metrics can be found in #160
- Improved the accuracy and/or flexibility of multiple fingerprints.
- Changed ALL instances of flags="REG_ICASE" to an inline flag (?i:) in
order to make the regex compatible with more languages.
- Implemented fingerprint examples for those fingerprints where examples
could be found.
- This sometimes resulted in removing fingerprints that were actually
duplicates or trivially different.
- Reworked description values so as to remove examples and ensure that this
field is unique within the file as the value of description serves as an
identifier when processing fingerprints. Multiline descriptions were
reduced to single line where possible. Many descriptions were modified.
- Fixed multiple instances where captures where under/over capturing. For
example, some fingerprints would have captured the examples but the
examples were missing leading or ending spaces. Other fingerprints were
over-broad in what they would capture leading to fall positives or
misidentification.
- Fixed multiple instances where the portion of the version banner that was
captured was different between two products in the same family.
- Removed various real and example hostnames from examples and standardized
on 'foo.bar'
- Corrected system.time.format so as to match timestamp provided by service
- Reworked date regex for multiple matches to remove inadvertent requirement
for two digit day value when the banner included a single digit day.
|
2018-03-21 12:40:16 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
net/ruby-recog: update to 2.1.18
2.1.16 2017/10/26
* Improve MariaDB on Ubunto - Issue #156
2.1.17 2017/11/28
* Improve Exim coverage, add examples
2.1.18 2018/02/23
* ssh update - data from 2017.11.30
* Removed honeypot fingerprint
* Add Debian 8.0 (jessie) MariaDB fingerprint
|