./net/ruby-recog, Framework to send network probes for identification

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.3.18, Package name: ruby26-recog-2.3.18, Maintainer: minskim

Recog is a framework for identifying products, services, operating
systems, and hardware by matching fingerprints against data returned
from various network probes. Recog makes it simply to extract useful
information from web server banners, snmp system description fields,
and a whole lot more.


Required to run:
[textproc/py-yaml] [textproc/ruby-nokogiri] [lang/python37] [lang/ruby26-base]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 495ff9873381f928ee3d2dd089511b5ba317d0e9
RMD160: ab5a9a09e5d7f5f7a591c01df985acebd8365769
Filesize: 324 KB

Version history: (Expand)


CVS history: (Expand)


   2021-01-11 15:42:32 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/ruby-recog: update to 2.3.18

2.3.18 (2020-12-17)

* DCA-22255 Add low certainty to IIS 10 fingerprint to prevent trumping
  better system fingerprints

2.3.17 (2020-12-08)

Highlights:

* DNS: Fingerprint for Windows 2003 (#298)
* CPE: Improved generation, standardization, and updates (#301, #303)
* BUG: Fix issue preventing recog_standardize from working (#302)

Changes of note:

* All values for hw.device and os.device have been converted to Title Case
* All hw.device and os.device instances of Web cam and Web Cam are now IP
  Camera
* All hw.device and os.device instances of POS are now Point of Sale

2.3.16 (2020-11-06)

Highlights:

* DNS: Extract Microsoft DNS build (#297)

2.3.15 (2020-10-22)

Highlights:

* SNMP: Siemens fingerprint corrections (#286, #291)
* SNMP: SonicWall fingerprint addition (#293)
   2020-12-04 21:45:51 by Nia Alarie | Files touched by this commit (456)
Log message:
Revbump packages with a runtime Python dep but no version prefix.

For the Python 3.8 default switch.
   2020-09-14 15:43:10 by Takahiro Kambe | Files touched by this commit (4) | Package updated
Log message:
net/ruby-recog: update to 2.3.14

Update ruby-recog package to 2.3.14.

2.3.14 - 2020.08.07

Highlights:

* HTTP: Improved coverage of VNC related web services (#282)
* HTTP: Improved coverage and CPEs of SonicWall and Cisco Expressway (#283)

2.3.13 - 2020.08.03

Highlights:

* Improving coverage of Moxa devices (#280)
* Adding fingerprints for certain high volume services as observed by
  Project Sonar (#280, #281)
* CPE: Improving the number of fingerprints and Project Sonar matches that
  returned CPEs (#281)

2.3.12 - 2020.07.23

Highlights:

* HTTP: Additional SAP NetWeaver and Glassfish coverage and fixes (#279)
* FTP: Serv-U and Filezilla improvements (#279)
* CPE: Tweaks to vendor, service, and cpe-remap.yaml which resulted in much
  better coverage for services frequently seen on the Internet. See PR for
  stats. (#279)

2.3.11 - 2020.07.16

Highlights:

* HTTP: Adjust banner for $ProjectRevision (Treck TCP/IP) by Anderson Luan
  (#272)
* HTTP: SAP Internet Graphics Server and Message Server fingerprints (#275)
* DNS: Windows Server 2008 SP2, performance and other coverage tweaks (#276)
* DNS: Avoid spoofed Microsoft DNS Server, add Debian Buster (#277)
* CPE: Correct CPE generating automation (#278)

2.3.10 - 2020.07.14

Highlights:

* SAP NetWeaver: Telnet and HTTP tweaks (#274)

2.3.9 - 2020.07.14

Highlights:

* Upgrade lxml, improve fingerprint readability (#268)
* New fingerprints and completed normalization by HD Moore (#269)
* New Database: favicons.xml (MD5 fingerprints for favicon.ico files) by HD
  Moore (#270)
* HTTP: Project Sonar HTTP updates (including SAP Netweaver / Oracle) (#273)
   2020-06-07 16:21:52 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/ruby-recog: update to 2.3.8

Update ruby-recog to 2.3.8.

2.3.8 (2020-06-03)

Highlights:

* MariaDB and MySQL fingerprint improvements (#264, #267)
* Multiple fingerprint and consistency improvements by HD Moore (#260, #266)
* Kyocera Printer fingerprint improvements (#262)
   2020-03-24 16:23:40 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/ruby-recog: update to 2.3.7

Update ruby-recog to 2.3.7.
pkgsrc changes:
* add "USE_LANGUAGES=	# none".
* cosmetic change.

Changes are too many to write here, plase refer
<https://github.com/rapid7/recog/releases> in detail.
   2019-04-25 09:33:32 by Maya Rashish | Files touched by this commit (620)
Log message:
PKGREVISION bump for anything using python without a PYPKGPREFIX.

This is a semi-manual PKGREVISION bump.
   2018-09-23 17:57:32 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
net/ruby-recog: update to 2.1.23

v2.1.23 (2018/09/20)

* use yaml for remapping; remove json transpose code (#177)

  - use yaml for remapping; remove json transpose code
  - temporarily revert cpe change on win2k3

* TELNET: Initial commit (#178)

* Add better support for Array networks/ArrayOS

v.2.1.22 - 2018.09.04

* New fingerprint coverage: apache_modules.xml #174

  - Adds support for performing version detection of Apache modules in HTTP
    Server headers.
  - Client software calling Recog is expected to split an Apache banner based
    on spaces and toss the individual values at Recog.
  - This is a first pass, more work will be required to fully flesh this out.

* Improved coverage: http_servers.xml #175

  - Leveraging Project Sonar data from 2018.08.13 has resulted in significant
    (multiple millions) improvement of fingerprinting against that data set.
  - hw.* values added where possible

* Minor FTP tweaks

v.2.1.22 - 2018.08.29

* New capability: CPE 2.3 data #172

  - Added preliminary support for returning CPE 2.3 information via a new
    fingerprint param named service.cpe23 which can be literal strings or
    interpolated values.

    Example:

    <param pos="0" name="service.cpe23" \ 
value="cpe:/a:vmware:zimbra_desktop:1"/>

    or

    <param pos="0" name="service.cpe23" \ 
value="cpe:/a:vmware:zimbra_desktop:{service.version}"/>

  - Software, other than Ruby Recog, that leverage the XML directly will need
    to support interpolating the values in order to fully utilize this
    capability.
  - Future changes to enhance this capability and make creating interpolated
    results easier are expected in the near future.
  - See PR #172 for more details

* Misc fingerprint updates and changes, some of which were to support CPE
  changes.

  - Changed the use of 'F5 Labs' to 'F5' in multiple files #171
  - Change certain Cisco PIX fingerprints from 'service.' to 'os.' #170

v.2.1.20 - 2018.06.27

* Compatibility: Adjustments to the regex of multiple fingerprints to remove
  negative lookaheads and other contructs that Golang doesn't support. #162

v.2.1.19 - 2018.04.16

* Improved coverage: xml/smtp_banners.xml #160

  - Note: Due to effort to cleanup description lines (remove duplicates,
    remove multilines, provide context, standardize format) almost every value
    for <description> has changed. This will impact the value returned as
    matched with tools such as DAP.
  - Project Sonar SMTP survey data was used to enhance and improve the
    coverage. Full details and metrics can be found in #160
  - Improved the accuracy and/or flexibility of multiple fingerprints.
  - Changed ALL instances of flags="REG_ICASE" to an inline flag (?i:) in
    order to make the regex compatible with more languages.
  - Implemented fingerprint examples for those fingerprints where examples
    could be found.
  - This sometimes resulted in removing fingerprints that were actually
    duplicates or trivially different.
  - Reworked description values so as to remove examples and ensure that this
    field is unique within the file as the value of description serves as an
    identifier when processing fingerprints. Multiline descriptions were
    reduced to single line where possible. Many descriptions were modified.
  - Fixed multiple instances where captures where under/over capturing. For
    example, some fingerprints would have captured the examples but the
    examples were missing leading or ending spaces. Other fingerprints were
    over-broad in what they would capture leading to fall positives or
    misidentification.
  - Fixed multiple instances where the portion of the version banner that was
    captured was different between two products in the same family.
  - Removed various real and example hostnames from examples and standardized
    on 'foo.bar'
  - Corrected system.time.format so as to match timestamp provided by service
  - Reworked date regex for multiple matches to remove inadvertent requirement
    for two digit day value when the banner included a single digit day.
   2018-03-21 12:40:16 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
net/ruby-recog: update to 2.1.18

2.1.16				2017/10/26

* Improve MariaDB on Ubunto - Issue #156

2.1.17				2017/11/28

* Improve Exim coverage, add examples

2.1.18				2018/02/23

* ssh update - data from 2017.11.30
* Removed honeypot fingerprint
* Add Debian 8.0 (jessie) MariaDB fingerprint