Merge pull request #87 from intrigueio/multi_match_and_cleanup

Multi-Matchers (and a lot of syntax cleanup)
intrigueio · Feb 27, 2021 · 7a61708 · 7a61708
2 parents 8ecae4d + 8443b67
commit 7a61708
Show file tree

Hide file tree

Showing 396 changed files with 10,991 additions and 11,110 deletions.
diff --git a/checks/dns/base.rb b/checks/dns/base.rb
@@ -1,14 +1,13 @@
 module Intrigue
-  module Ident
-  module DnsCheck
-  class Base
-
-    def self.inherited(base)
-      Intrigue::Ident::Dns::CheckFactory.register(base)
-    end
+module Ident
+module DnsCheck
+class Base
 
-  end
-  end
-  end
-  end
-
+  def self.inherited(base)
+    Intrigue::Ident::Dns::CheckFactory.register(base)
+  end
+
+end
+end
+end
+end
diff --git a/checks/dns/google.rb b/checks/dns/google.rb
@@ -6,15 +6,15 @@ class Google < Intrigue::Ident::DnsCheck::Base
     def generate_checks
       [
         {
-          :type => "fingerprint",
-          :category => "operating_system",
-          :tags => ["DNSServer"],
-          :vendor => "Google",
-          :product => "Eero",
-          :website => "https://eero.com/",
-          :references => [],
-          :match_type => :hostname,
-          :match_content => /^eero$/i,
+          type: "fingerprint",
+          category: "operating_system",
+          tags: ["DNSServer"],
+          vendor: "Google",
+          product: "Eero",
+          website: "https://eero.com/",
+          references: [],
+          match_type: :hostname,
+          match_content: /^eero$/i,
         }
       ]
     end

diff --git a/checks/dns/liquidnet_ltd_hosting.rb b/checks/dns/liquidnet_ltd_hosting.rb
@@ -6,15 +6,15 @@ class LiquidnetLtdHosting < Intrigue::Ident::DnsCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "service",
-        :tags => ["DNSServer"],
-        :vendor => "LiquidNet Ltd Hosting",
-        :product => "LiquidNet DNS",
-        :website => "https://www.liquidnetlimited.com/services.html",
-        :references => [],
-        :match_type => :version,
-        :match_content => /^LiquidNet DNS$/i,
+        type: "fingerprint",
+        category: "service",
+        tags: ["DNSServer"],
+        vendor: "LiquidNet Ltd Hosting",
+        product: "LiquidNet DNS",
+        website: "https://www.liquidnetlimited.com/services.html",
+        references: [],
+        match_type: :version,
+        match_content: /^LiquidNet DNS$/i,
       }
     ]
   end

diff --git a/checks/dns/microsoft.rb b/checks/dns/microsoft.rb
@@ -6,14 +6,14 @@ class Microsoft < Intrigue::Ident::DnsCheck::Base
     def generate_checks
       [
         {
-          :type => "fingerprint",
-          :category => "application",
-          :tags => ["DNSServer"],
-          :vendor => "Microsoft",
-          :product => "DNS Server",
-          :references => [],
-          :match_type => :version,
-          :match_content => /Microsoft/i,
+          type: "fingerprint",
+          category: "application",
+          tags: ["DNSServer"],
+          vendor: "Microsoft",
+          product: "DNS Server",
+          references: [],
+          match_type: :version,
+          match_content: /Microsoft/i,
         }
       ]
     end

diff --git a/checks/ftp/acronis.rb b/checks/ftp/acronis.rb
@@ -6,18 +6,18 @@ class Acronis < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "Acronis",
-        :product => "MassTransit",
-        :references => [""],
-        :website => "https://www.acronis.com/",
-        :match_type => :content_banner,
-        :match_content => /220 MassTransit FTP server \(version [\d\.]+\) ready.\r\n/i,
-        :dynamic_version => lambda { |x| _first_banner_capture(x, /220 MassTransit FTP server \(version ([\d\.]+)\) ready.\r\n/i)},
-        :match_details => "banner",
-        :inference => true
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "Acronis",
+        product: "MassTransit",
+        references: [""],
+        website: "https://www.acronis.com/",
+        match_type: :content_banner,
+        match_content: /220 MassTransit FTP server \(version [\d\.]+\) ready.\r\n/i,
+        dynamic_version: lambda { |x| _first_banner_capture(x, /220 MassTransit FTP server \(version ([\d\.]+)\) ready.\r\n/i)},
+        description: "banner",
+        inference: true
       }
     ]
   end

diff --git a/checks/ftp/filezilla.rb b/checks/ftp/filezilla.rb
@@ -6,19 +6,19 @@ class Filezilla < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "Filezilla",
-        :product => "Server",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /FileZilla Server/i,
-        :dynamic_version => lambda { |x| _first_banner_capture(x, /FileZilla Server version ([\d\.]+)/i)},
-        :match_details => "banner",
-        :hide => false,
-        :inference => true
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "Filezilla",
+        product: "Server",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /FileZilla Server/i,
+        dynamic_version: lambda { |x| _first_banner_capture(x, /FileZilla Server version ([\d\.]+)/i)},
+        description: "banner",
+        hide: false,
+        inference: true
       }
     ]
   end

diff --git a/checks/ftp/generic.rb b/checks/ftp/generic.rb
@@ -7,18 +7,18 @@ class Generic < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "Generic",
-        :product => "FTP",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /FTP/i,
-        :match_details => "banner",
-        :hide => false,
-        :inference => true
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "Generic",
+        product: "FTP",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /FTP/i,
+        description: "banner",
+        hide: false,
+        inference: true
       }
     ]
   end

diff --git a/checks/ftp/microsoft.rb b/checks/ftp/microsoft.rb
@@ -6,18 +6,18 @@ class Microsoft < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "Microsoft",
-        :product => "FTP Service",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /Microsoft FTP Service/i,
-        :match_details => "banner",
-        :hide => false,
-        :inference => false
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "Microsoft",
+        product: "FTP Service",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /Microsoft FTP Service/i,
+        description: "banner",
+        hide: false,
+        inference: false
       }
     ]
   end

diff --git a/checks/ftp/proftp.rb b/checks/ftp/proftp.rb
@@ -6,33 +6,33 @@ class ProFtp < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "ProFTP",
-        :product => "ProFTPd",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /ProFTPD [\d\w\.]+ Server/i,
-        :dynamic_version => lambda { |x| _first_banner_capture(x, /ProFTPD ([\d\w\.]+) Server/i)},
-        :match_details => "banner",
-        :hide => false,
-        :inference => true
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "ProFTP",
+        product: "ProFTPd",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /ProFTPD [\d\w\.]+ Server/i,
+        dynamic_version: lambda { |x| _first_banner_capture(x, /ProFTPD ([\d\w\.]+) Server/i)},
+        description: "banner",
+        hide: false,
+        inference: true
       }, 
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "ProFTP",
-        :product => "ProFTPd",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /ProFTPD Server/i,
-        :match_details => "banner, no version",
-        :hide => false,
-        :inference => false
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "ProFTP",
+        product: "ProFTPd",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /ProFTPD Server/i,
+        description: "banner, no version",
+        hide: false,
+        inference: false
       }
     ]
   end

diff --git a/checks/ftp/pureftpd.rb b/checks/ftp/pureftpd.rb
@@ -6,18 +6,18 @@ class PureFtpd < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "PureFtpd",
-        :product => "PureFtpd",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /Welcome to Pure-FTPd/i,
-        :match_details => "banner",
-        :hide => false,
-        :inference => false
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "PureFtpd",
+        product: "PureFtpd",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /Welcome to Pure-FTPd/i,
+        description: "banner",
+        hide: false,
+        inference: false
       }
     ]
   end

diff --git a/checks/ftp/vsftp.rb b/checks/ftp/vsftp.rb
@@ -6,19 +6,19 @@ class Vsftp < Intrigue::Ident::FtpCheck::Base
   def generate_checks
     [
       {
-        :type => "fingerprint",
-        :category => "application",
-        :tags => ["FTPServer"],
-        :vendor => "vsFTPd",
-        :product => "vsFTPd",
-        :references => [],
-        :version => nil,
-        :match_type => :content_banner,
-        :match_content => /\(vsFTPd\s[\d\.]+\)/i,
-        :dynamic_version => lambda { |x| _first_banner_capture(x, /\(vsFTPd\s([\d\.]+)\)/i)},
-        :match_details => "banner",
-        :hide => false,
-        :inference => true
+        type: "fingerprint",
+        category: "application",
+        tags: ["FTPServer"],
+        vendor: "vsFTPd",
+        product: "vsFTPd",
+        references: [],
+        version: nil,
+        match_type: :content_banner,
+        match_content: /\(vsFTPd\s[\d\.]+\)/i,
+        dynamic_version: lambda { |x| _first_banner_capture(x, /\(vsFTPd\s([\d\.]+)\)/i)},
+        description: "banner",
+        hide: false,
+        inference: true
       }
     ]
   end

diff --git a/checks/http/123reg.rb b/checks/http/123reg.rb
@@ -6,19 +6,24 @@ class OneTwoThreeReg < Intrigue::Ident::Check::Base
     def generate_checks(url)
       [
         {
-          :type => "fingerprint",
-          :category => "service",
-          :tags => ["Parked"],
-          :vendor => "123Reg",
-          :product => "123Reg",
-          :website => "https://www.123-reg.co.uk/",
-          :references => [],
-          :match_type => :content_title,
-          :match_content => /Want your own website\? \| 123 Reg/i,
-          :match_details => "Want your own website\? \| 123 Reg",
-          :hide => false,
-          :paths => [ { :path  => "#{url}", :follow_redirects => true } ],
-          :inference => false
+          type: "fingerprint",
+          category: "service",
+          tags: ["Parked"],
+          vendor: "123Reg",
+          product: "123Reg",
+          website: "https://www.123-reg.co.uk/",
+          references: [],
+          match_logic: :all,
+          matches: [
+            {
+              match_type: :content_title,
+              match_content: /Want your own website\? \| 123 Reg/i
+            }  
+          ],
+          description: "Want your own website\? \| 123 Reg",
+          hide: false,
+          paths: [ { path: "#{url}", follow_redirects: true } ],
+          inference: false
         }
       ]
     end