Class: Intrigue::Ident::Check::Cisco

Inherits:
Base
  • Object
show all
Defined in:
lib/checks/cisco.rb

Instance Method Summary collapse

Methods inherited from Base

inherited

Instance Method Details

#generate_checks(url) ⇒ Object 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
 
# File 'lib/checks/cisco.rb', line 6

def generate_checks(url)
  [
    {
      :type => "application",
      :vendor => "Cisco",
      :product => "Adaptive Security Device Manager",
      :match_details => "page title",
      :version => nil,
      :dynamic_version => lambda {|x| _first_body_capture(x,/<title>Cisco ASDM (.*?)<\/title>/)},
      :match_type => :content_body,
      :match_content =>  /<title>Cisco ASDM/,
      :hide => false,
      :examples => ["https://194.107.112.4:443"],
      :verify => ["aWJtI0ludHJpZ3VlOjpFbnRpdHk6OlVyaSNodHRwczovLzE5NC4xMDcuMTEyLjQ6NDQz"],
      :paths => ["#{url}"]
    },
    {
      :type => "hardware",
      :vendor => "Cisco",
      :product => "Email Security Appliance",
      :match_details => "page title",
      :version => nil,
      :dynamic_version => lambda {|x| _first_body_capture(x,/Email Security Appliance   (.*?) \(/)},
      :match_type => :content_body,
      :match_content =>  /<title>        Cisco         Email Security Appliance/,
      :hide => false,
      :examples => ["https://200.142.198.180:443"],
      :verify => ["aWJtI0ludHJpZ3VlOjpFbnRpdHk6OlVyaSNodHRwczovLzIwMC4xNDIuMTk4LjE4MDo0NDM="],
      :paths => ["#{url}"]
    },
    {
      :type => "hardware",
      :vendor => "Cisco",
      :product => "Meraki",
      :match_details => "Meraki logo on an on-prem box",
      :version => nil,
      :match_type => :content_body,
      :match_content =>  /<img id="header_logo" src="images\/meraki-logo.png"/,
      :hide => false,
      :examples => [],
      :paths => ["#{url}"]
    },
    {
      :type => "application",
      :vendor => "Cisco",
      :product =>"SSL VPN",
      :match_details =>"Cisco SSL VPN",
      :tags => ["tech:vpn"],
      :version => nil,
      :match_type => :content_cookies,
      :match_content =>  /webvpn/,
      :hide => false,
      :paths => ["#{url}"]
    },
    {
      :type => "application",
      :vendor => "Cisco",
      :product =>"SSL VPN",
      :match_details =>"Cisco SSL VPN",
      :tags => ["tech:vpn"],
      :version => nil,
      :match_type => :content_body,
      :match_content => /document.location.replace\(\"\/\+CSCOE\+\/logon.html\"\)/,
      :examples => [
        "https://12.237.144.250:443",
        "http://12.150.243.178:80"],
      :hide => false,
      :paths => ["#{url}"]
    },
    {
      :type => "application",
      :vendor => "Cisco",
      :product => "Router",
      :match_details => "Cisco Router",
      :version => nil,
      :match_type => :content_headers,
      :match_content =>  /server: cisco-IOS/,
      :hide => false,
      :paths => ["#{url}"]
    },
    {
      :type => "application",
      :vendor => "Cisco",
      :product =>"vManage",
      :match_details => "page title",
      :tags => [],
      :version => nil,
      :match_type => :content_body,
      :match_content => /<title>Cisco vManage/,
      :examples => ["http://129.41.171.244:80"],
      :verify => ["aWJtI0ludHJpZ3VlOjpFbnRpdHk6OlVyaSNodHRwOi8vMTI5LjQxLjE3MS4yNDQ6ODA="],
      :hide => false,
      :paths => ["#{url}"]
    },
  ]
end