Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fingerprint for MariaDB Xenial #154

Closed
ecastellanos-r7 opened this issue Sep 7, 2017 · 1 comment
Closed

Fingerprint for MariaDB Xenial #154

ecastellanos-r7 opened this issue Sep 7, 2017 · 1 comment
Assignees

Comments

@ecastellanos-r7
Copy link

ecastellanos-r7 commented Sep 7, 2017

Hello,

I'm looking to see how we can add coverage for MariaDB Xenial. I did find a fingerprint for a version of MariaDB that are very similar but I'm not familiar with the process of creating it. From the scan log, we received the following version from the banner request.

Any help would be greatly appreciated! Thank you!

Scan log:

No matching fingerprint found for banner: 5.5.5-10.1.23-MariaDB-1~xenial
Installed software (from Administrative credentials): 
SoftwareFingerprint [[certainty=1.0][description=Ubuntu libmysqlclient18 10.1.23+maria-1~xenial][family=null][product=libmysqlclient18][softwareClass=null][vendor=Ubuntu][version=10.1.23+maria-1~xenial]]
package libmysqlclient20 has source: mysql-5.7
deb:libmysqlclient20 version:5.7.19-0ubuntu0.16.04.1

From looking mysql_banner xml file: https://github.com/rapid7/recog/blob/master/xml/mysql_banners.xml

<fingerprint pattern="^(?:\d{1,2}\.\d{1,3}\.[a-f\d]{1,3}-)?(\d{1,2}\.\d{1,3}\.[a-f\d]{1,4})-MariaDB.+~wheezy(?:-log)?$" flags="REG_ICASE">
    <description>MariaDB MariaDB on Debian 7.0 (wheezy)</description>
    <example service.version="5.5.37">5.5.37-MariaDB-1~wheezy-log</example>
    <example service.version="10.0.11">10.0.11-MariaDB-1~wheezy-log</example>
    <example service.version="10.0.14">5.5.5-10.0.14-MariaDB-1~wheezy-log</example>
    <param pos="1" name="service.version"/>
    <param pos="0" name="service.vendor" value="MariaDB"/>
    <param pos="0" name="service.family" value="MySQL"/>
    <param pos="0" name="service.product" value="MariaDB"/>
    <param pos="0" name="os.vendor" value="Debian"/>
    <param pos="0" name="os.family" value="Linux"/>
    <param pos="0" name="os.product" value="Linux"/>
    <param pos="0" name="os.version" value="7.0"/>
  </fingerprint>

Thank you!

Erik Castellanos

@jhart-r7 jhart-r7 self-assigned this Sep 7, 2017
jhart-r7 added a commit to jhart-r7/recog that referenced this issue Sep 7, 2017
@jhart-r7
Copy link
Contributor

jhart-r7 commented Sep 7, 2017

@ecastellanos-r7, as far as the process for adding this, CONTRIBUTING.md explains some of it, but you were absolutely on the right track! As you can see in #155, this is just a matter of copying that XML snippet you found and modifying the regex and the fingerprint to work with this slightly newer and different banner.

Let me know if you have any additional questions.

jhart-r7 added a commit that referenced this issue Sep 7, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants