Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update LDAP fingerprints for Windows #630

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update LDAP fingerprints for Windows #630

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 48 additions & 12 deletions xml/ldap_searchresult.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,12 +45,15 @@

<!-- Windows 2016 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x017)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x017)|(?:domainControllerFunctionality1.{1,5}\x04\x017.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2016</description>
<example _encoding="base64">
dGllczGEAAAAlQQWMS4yLjg0MC4xMTM1NTYuMS40LjgwMAQuZGF0YS5yZW1vdmVkLjCEAAAAK
AQdZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATc=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNzAYBA5pc3N1cHBvcnRlZENhcGFiaWxpdGllczGBlQQWMS4yLjg0MC4xMTM1NTYuMS40LjgwMAQXMS4=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -60,12 +63,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2016:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x017)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x017)|(?:domainControllerFunctionality1.{1,5}\x04\x017.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server Server 2016</description>
<example _encoding="base64">
aWVzMYQAAACvBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQuZGF0YS5yZW1vdmVkLjCEAAAAK
AQdZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATc=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNzAYBA5pc3N1cHBvcnRlZENhcGFiaWxpdGllczGBrwQXMS4yLjg0MC4xMTM1NTYuMS40LjE4NTEEFzE=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand All @@ -88,12 +94,15 @@

<!-- Windows 2012 R2 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x016)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x016)|(?:domainControllerFunctionality1.{1,5}\x04\x016.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2012 R2</description>
<example _encoding="base64">
ZXMxhAAAAJUEFjEuMi44NDAuMTEzNTU2LjEuNC44MDAELmRhdGEucmVtb3ZlZC6EAAAAKAQdZ
G9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATYw
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNjAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczGBlQQWMS4yLjg0MC4xMTM1NTYuMS40LjgwMAQXMS4=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -103,12 +112,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x016)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x016)|(?:domainControllerFunctionality1.{1,5}\x04\x016.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server Server 2012 R2</description>
<example _encoding="base64">
aWVzMYQAAACvBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQuZGF0YS5yZW1vdmVkLoQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBNjA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNjAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczGBrwQXMS4yLjg0MC4xMTM1NTYuMS40LjE4NTEEFzE=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand All @@ -131,12 +143,15 @@

<!-- Windows 2012 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x015)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x015)|(?:domainControllerFunctionality1.{1,5}\x04\x015.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2012</description>
<example _encoding="base64">
aWVzMYQAAACVBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBC5kYXRhLnJlbW92ZWQwhAAAACgEH
WRvbWFpbkNvbnRyb2xsZXJGdW5jdGlvbmFsaXR5MYQAAAADBAE1MA==
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNTAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczGBlQQWMS4yLjg0MC4xMTM1NTYuMS40LjgwMAQXMS4=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -146,12 +161,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2012:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x015)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x015)|(?:domainControllerFunctionality1.{1,5}\x04\x015.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server 2012 R2</description>
<example _encoding="base64">
ZXMxhAAAAK8EFzEuMi44NDAuMTEzNTU2LjEuNC4xODUxBC5kYXRhLnJlbW92ZWQuMIQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBNTA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNTAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczGBrwQXMS4yLjg0MC4xMTM1NTYuMS40LjE4NTEEFzE=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand All @@ -174,12 +192,15 @@

<!-- Windows 2008 R2 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x014)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x014)|(?:domainControllerFunctionality1.{1,5}\x04\x014.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2008 R2</description>
<example _encoding="base64">
aWVzMYQAAACVBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBC5kYXRhLnJlbW92ZWQuMIQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBNDA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNDAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczF8BBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBBcxLjI=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -189,12 +210,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x014)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x014)|(?:domainControllerFunctionality1.{1,5}\x04\x014.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server Server 2008 R2</description>
<example _encoding="base64">
aWVzMYQAAACvBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQuZGF0YS5yZW1vdmVkLoQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBNDA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBNDAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczGBlgQXMS4yLjg0MC4xMTM1NTYuMS40LjE4NTEEFzE=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand Down Expand Up @@ -222,12 +246,15 @@

<!-- Windows 2008 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x013)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x013)|(?:domainControllerFunctionality1.{1,5}\x04\x013.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2008</description>
<example _encoding="base64">
aWVzMYQAAACVBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBC5kYXRhLnJlbW92ZWQuMIQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBMzA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBMzAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczFjBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBBcxLjI=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -237,12 +264,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2008:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x013)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x013)|(?:domainControllerFunctionality1.{1,5}\x04\x013.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server 2008</description>
<example _encoding="base64">
aWVzMYQAAACvBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQuZGF0YS5yZW1vdmVkLjCEAAAAK
AQdZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATMw
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBMzAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczF9BBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQXMS4=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand All @@ -265,12 +295,15 @@

<!-- Windows 2003 -->

<fingerprint pattern="(?im:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x012)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.800.*domainControllerFunctionality1.{1,5}\x04\x012)|(?:domainControllerFunctionality1.{1,5}\x04\x012.*1.2.840.113556.1.4.800))">
<description>Active Directory Controller on Windows Server 2003</description>
<example _encoding="base64">
aWVzMYQAAACVBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBC5kYXRhLnJlbW92ZWQuMIQAAAAoB
B1kb21haW5Db250cm9sbGVyRnVuY3Rpb25hbGl0eTGEAAAAAwQBMjA=
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBMjAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczFKBBYxLjIuODQwLjExMzU1Ni4xLjQuODAwBBcxLjI=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Active Directory Controller"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory:-"/>
Expand All @@ -280,12 +313,15 @@
<param pos="0" name="os.cpe23" value="cpe:/o:microsoft:windows_server_2003:-"/>
</fingerprint>

<fingerprint pattern="(?im:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x012)">
<fingerprint pattern="(?ims:(?:1.2.840.113556.1.4.1851.*domainControllerFunctionality1.{1,5}\x04\x012)|(?:domainControllerFunctionality1.{1,5}\x04\x012.*1.2.840.113556.1.4.1851))">
<description>Microsoft LDS on Windows Server 2003</description>
<example _encoding="base64">
aWVzMYQAAACvBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQuZGF0YS5yZW1vdmVkLjCEAAAAK
AQdZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxhAAAAAMEATIw
</example>
<example _encoding="base64">
ZG9tYWluQ29udHJvbGxlckZ1bmN0aW9uYWxpdHkxAwQBMjAMAgEDZXN1cHBvcnRlZENhcGFiaWxpdGllczFLBBcxLjIuODQwLjExMzU1Ni4xLjQuMTg1MQQXMS4=
</example>
<param pos="0" name="service.vendor" value="Microsoft"/>
<param pos="0" name="service.product" value="Lightweight Directory Server"/>
<param pos="0" name="service.cpe23" value="cpe:/a:microsoft:active_directory_lightweight_directory_service:-"/>
Expand Down
Loading