"Fossies" - the Fresh Open Source Software Archive

Member "ettercap-0.8.3.1/CHANGELOG" (1 Aug 2020, 35353 Bytes) of package /linux/privat/ettercap-0.8.3.1.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "CHANGELOG": 0.8.3_vs_0.8.3.1.

    1 
    2 Legend:
    3          + new feature
    4          - old feature removed
    5          !! bug fixed
    6 =========================================
    7 0.8.3.1-Bertillon    20200801
    8    !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.0)
    9    !! Fix blackholing SSL packets when specific redirection is used
   10    !! Fix TLS 1.3 interception issues (replace fake certificate with proper key length)
   11    !! Fix segmentation fault when parsing HTTP NTLM handshake (fixes #922)
   12    !! Fix crash if one redirect command is not enabled
   13    !! Fix build on MacOSX detecting new dependency HarfBuzz
   14    !! Fix warnings when parsing etter.(m)dns file when built w/o IPv6 support
   15    !! Fix capture delay with libpcap v1.9.1 (fixes #974)
   16    !! Fix segmentation fault when etterlog concatinate files
   17    !! Fix compiling with GCC version / defaulting to -fno-common
   18    !! Fix bad UDP length for packets changed with replace()
   19    !! Fix passing --lua-args arguments to LUA scripts
   20    !! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used
   21    !! Fix references to old sourceforce.org website in the code and documentation
   22    !! Fix fingerprint_submit (still missing its server counterpart)
   23     + Take over client-side SNI extension in ClientHello in SSL interception (req. OpenSSL 1.1.1)
   24     + Take over SAN certificate extension from server certificate in SSL interception
   25     + Use server certificate sign algorithm to sign fake certificate defaulting to SHA256
   26     + CLI provided plugins are now also autostarted in graphical UI
   27     + Added --plugin-list CLI parameter
   28     + New execreplace etterfilter command
   29     + Update bundled OUI mac addresses
   30     + Update LuaJIT from 2.0.4 to 2.0.5
   31     + Update libnet from 1.1.6 to 1.2
   32     + Update check from 0.10.0 to 0.15.0
   33     + Update curl from 7.44.0 to 7.71.1
   34     - Separate etter.dns and etter.mdns examples in dedicated examples file
   35     - Remove source IP specification from customizable SSL redirects
   36     - Remove of deprecated redirect commands from etter.conf
   37     - Remove Easter Egg (Sorry ALoR and NaGA)
   38 
   39 0.8.3-Bertillon    20190701
   40    !! Fix binary comparison and assignment in etterfilter
   41    !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long)
   42    !! Non-aligned filters are no longer supported (recompilation with etterfilter required)
   43    !! Fixed sslstrip plugin startup issue due to regex compilation error
   44    !! Fixed lots of build warnings
   45    !! Proper separation of library and executable code
   46    !! Fixed heap-buffer-overflow in write_output in etterfilter
   47    !! ip_addr sanity check when etterlog processes info logfile
   48    !! CVE-2017-8366 (Lots of buffer under-/overflow conditions fixed)
   49    !! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter)
   50    !! fix dns_spoof plugin when used in bridge mode
   51     + SSL redirects are now customizable at runtime
   52     + GeoIP detection / support using CMake
   53     + Rework of GTK3 UI - modern GNOME3 look
   54     + New Kerberos 5 downgrade plugin
   55     + GTK3 is the new default GTK_BUILD_TYPE
   56     + OSPF dissector supports more authentication methods in hash-cracker friendly format
   57     + Rework of Oracle O5LOGON dissector
   58     + Multi-threaded name resolution
   59     + Updated etter.finger.mac
   60     - GTK2 phase out initialized
   61     - Usage of deprecated inet_aton replaced with current successor functions
   62 
   63 0.8.2-Ferri   20150314
   64    !! Fixed some openssl deprecated functions usage
   65    !! Fixed log file ownership
   66    !! Fixed mixed output print
   67    !! Fixed drop_privs function usage
   68    !! Fixed nopromisc option usage
   69    !! Fixed missing break in parser code
   70    !! Improved redirect commands
   71    !! Fix truncated VLAN packet headers
   72    !! Fix ettercap.rc file (windows only)
   73    !! Various cmake fixes
   74    !! A ton of BSD bug fixes
   75    !! Simplify macosx cmake files
   76    !! Fix incorrect sequence number after TCP injection
   77    !! Fix pcap length, and alignment problems with libpcap
   78    !! Bug fixes and gtk code refactor (gtk box wrapper)
   79    !! Fix some ipv6 send issues
   80    !! Fixed sleep time on Windows (high CPU usage)
   81    !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1)
   82     - CVE-2014-6395 (Length Parameter Inconsistency)
   83     - CVE-2014-6396 (Arbitrary write)
   84     - CVE-2014-9376 (Negative index/underflow)
   85     - CVE-2014-9377 (Heap overflow)
   86     - CVE-2014-9378 (Unchecked return value)
   87     - CVE-2014-9379 (Incorrect cast)
   88     - CVE-2014-9380 (Buffer over-read)
   89     - CVE-2014-9381 (Signedness error)
   90     + Updated etter.finger.mac
   91     + Add TXT and ANY query support on dns_spoof
   92     + New macosx travis-ci build!
   93     + Enable again PDF generation
   94     - Remove gprof support
   95 
   96 0.8.1-Lombroso 20141016
   97    !! Fixed incorrect checksum computation on 64-bit systems
   98    !! Fixed DNS resolution problems
   99    !! Fixed hurd build failure (not specific to hurd but hurd seems the first OS defining ESUCCESS in glibc)
  100    !! Fixed rpath handling
  101    !! Fixed scan host crash with recent kernels
  102    !! Fixed etter{log,filter} library path
  103    !! O5LOGON dissector fixes for stealth mode scans
  104    !! Fix constants to allow full hexadecimal characterset. Useful for filtering on ESP SPIs
  105    !! Fixed some incoherencies in gbls pointers in utils and core
  106    !! Fixed dhcp spoofing automatically start in text ui
  107    !! Many fixes in filter compiler
  108    !! Fixed lua installation path
  109    !! Many ipv6 fixes and improvements
  110    !! Fixed tests build failures
  111    !! Fixed many iconv detection problems
  112    !! Fixed many ctime problems
  113    !! Fixed many dissector ports
  114    !! Fixed timers incoherences
  115    !! Fixed powerpc build failure
  116    !! Fixed uniqueness of our include guards
  117    !! Fixed cmake warnings, by correctly linking our libraries
  118    !! Fixed clean target
  119    !! Fixed COOKIE_PATTERN string
  120    !! A ton of kfreebsd, freebsd, and MacOS fixes and build fixes
  121    !! Fixed with a new "regain_privs" the ip forwarding restore
  122    !! Fixed another scan crash
  123    !! Fixed host list updated (delegated to the main thread)
  124    !! Fixed etter.conf.v6 and etter.conf.v4 installation
  125    !! Fixed (removed) some old code
  126    !! Fixed (removed) some dbus interfaces listed in ettercap
  127    !! Fixed some libraries link issues
  128    !! Fixed various polkit installation directory issues
  129    !! Fixed plugin path issues
  130    !! Fixed bundled libs building order
  131    !! Fixed undefined ips added to the host list (e.g. 0.0.0.0 in dhcp discover)
  132    !! Fixed macosx builds
  133    !! Moved check framework in bundled_libs directory
  134    !! Fixed crash on scan for hosts, by adding a mutex
  135    !! Fixed libettercap.so linking, by removing curses and gtk stuff
  136    !! Fixed ip_add_to_int32 macro
  137    !! Fixed a ton of warnings in gtk, curses and core
  138    !! Fixed some documentation
  139    !! Fixed tests with eglibc >= 2.17
  140    !! Fixed check framework find, with fallback in the bundled
  141       one if not available
  142    !! Fixed bug in etter.finger.mac parsing
  143    !! Fixed ssl checks on cmake, now it is mandatory
  144    !! Fixed scan for hosts progress bar
  145    !! Fixed linux.org ip address on etter.dns conf file
  146    !! Fixed some memory leakages
  147    !! Fixed missing RelWithDebInfo on Cmake
  148    !! Fixed typos
  149    !! Fixed some performance issues in scan for hosts function
  150    !! Fixed race condition when scan progress was canceled
  151    !! Fixed cmake flags passing
  152    !! Fixed IPv6 build
  153    !! Fixed debug messages
  154     + experimental ESP detection/filtering
  155     + make etter{log,filter} ipv6 compatible
  156     + Enabled multithread scan for Curses interface
  157     + New appdata xml file
  158     + New experimental GTK3 support!
  159     + New threaded host resolution!
  160     + Many build and runtime performances improvements
  161     + Ettercap builds on windows (MingW) again!
  162     + New arp "smart" poisoning!
  163     + New base64 encode and decode functions
  164     + New execinject etterfilter command
  165     + New ipv6 hidden scan mode
  166     + New support for multiple plugins in UI mode
  167     + New uninstall target
  168     + Gnu/Hurd support!
  169     + Automatically refresh plugin list
  170     + Threading some plugins
  171     + A new function for self-destruct plugins
  172     + New INSTALL_EXEDIR cmake option, now you can have "ettercap" and
  173       the other binaries in two different directories!
  174     + New Null/Loopback decoder!
  175     + Added automatic irc notifications!
  176     + Added some debug and fortify-source flags
  177     + Added some travis builds!
  178     + Updated etter.finger.mac
  179     + Added support for parsing RIPv2 and OSPF MD5 authentication packets
  180     + Updated curl and check bundled libraries
  181     + updated etter.filter.examples file
  182     + updated TODO list
  183     + etterfilter now is IPv6 ready!
  184     + Documentation updated
  185     + Man pages updated
  186     + New nd-poisoning!
  187     + Increased IPv6 probe delay from 2 seconds to 3
  188     - Removed hex_encode stuff
  189     - Removed ec_pap.c since it was already implemented in ec_ppp.c
  190     - Removed duplicate code, in favour of libettercap usage
  191 
  192 0.8.0-Lacassagne 20130921
  193    !! Fixed some problems in fork and execve usage in case of command failure (sslstrip)
  194    !! Fixed dropping privileges for remote_browser plugin ran as root
  195    !! Fixed infinite loop when a http GET was issued on the attacker browser, while remote_browser was active
  196    !! Fixed some "atexit" bad references
  197    !! Fixed plugin load on text interface, if no number were entered
  198    !! Fixed problem spotted when ethtool wasn't installed on the machine
  199    !! Fixed old "ethereal" references
  200    !! Fixed missing newlines in printf
  201    !! Switching to ps2pdf as default (from ps2pdf13), it should point to ps2pdf14 on all distros
  202    !! Fix cmake file, dropped MACPORTS_BASE_DIRECTORY
  203    !! Fix problem in "stopping attacks" window not properly shown in gtk
  204    !! Fix problem in wrong pcap file saving
  205    !! Fix issue in send_udp function
  206    !! Fix problem in libnet rc detection
  207    !! Fix restore ip_forward by retrying up to 5 times
  208    !! Fix socket issues
  209    !! Fix for hex format display
  210    !! New send_tcp function, taking payload and length
  211    !! Fixed memory leak in remote browser plugin
  212    !! Fixed comparison bug in ec_decode
  213    !! Fixed UI input for GTK
  214    !! Fixed some memory leaks
  215    !! Fixed man pages and AUTHORS file
  216    !! Fixes in sslstrip plugin
  217    !! Many etter.dns fixes
  218    !! Many documentation fixes
  219    !! A ton of refactors/fixes in Cmake scripts
  220    !! Fix GTK crash when scanning hosts
  221    !! Fix build failure on Mac OS X 10.6
  222    !! Crash fix in target selection
  223    !! Disabled UID change for remote browser plugin
  224    !! Fixed remote browser plugin
  225    !! A ton of fixes in protocols and dissectors (dhcp, http, ppp, mpls)
  226     + New ettercap logo
  227     + Renamed help menu to "?", to avoid double "H" shortcut
  228     + New WARN_MSG warning message
  229     + Added message in DHCP spoofing when no mitm has started
  230     + New horizontal scrollbar for messages in gtk view
  231     + Disabled offload warning messages (only in Release mode)
  232     + New ettercap-pkexec, policy and ettercap.desktop files for launching ettercap -G as a normal user with sudo privileges
  233     + Automatic host list refresh in GTK GUI after scanning
  234     + New fraggle plugin attack
  235     + New fields in etter.fields file
  236     + Cherry picked debian patches (svg icon)
  237     + Added content print on http dissector
  238     + Added support for negative dns replies
  239     + Creation of (experimental) unit tests
  240     + Creation of (experimental) libettercap
  241     + Now you can build just the ettercap library (libettercap) without any GUIs
  242     + Added travis-ci support
  243     + DNS spoofing for IPv6 addresses
  244     + PDF Docs generation is not optional
  245     + Added SRV query handling to DNS spoof
  246     + New mDNS spoof plugin
  247     + New low level decoders
  248     + New decoder for ip over pppoe
  249     + Added PPP DLT to interfaces
  250     + Add experimental Lua support to Ettercap
  251     + New Bundle libnet and curl
  252     + Full support for wifi decrypting (wep and wpa)
  253     - Disabled update feature (not working anymore and not secure)
  254     - Deprecated napster dissector
  255 
  256 0.7.6-Locard 20130327
  257    !! Fixed some parsing errors
  258    !! Fixes to TN3270 dissector and SSL Strip
  259    !! PostgreSQL dissector: Update output format to reflect release syntax
  260       for John the Ripper 1.7.9-Jumbo-8. The old format is still supported,
  261       but deprecated.
  262    !! Fixed memory leak in SSL Strip plugin
  263    !! Fixed check in invalid ip header
  264    !! Fixed QoS packets handling (they aren't dropped anymore)
  265    !! Fix in o5logon Heap Corruption
  266    !! New and updated OUI file
  267    !! Some memory leaks fixed
  268    !! Fixed some bugs in return values and fstat failures handling
  269    !! Fixed a bug in some password display (didn't get null terminated)
  270    !! Many fixes in gcc warnings when building
  271    !! Better cmake module to find curl and libnet
  272    !! Fixed bug in filters load
  273    !! Fixes in HTTP and HTTPs protocols
  274    !! Fixed UI deadlock
  275    !! Fixes in tcp and http handling (infinite loop and crash)
  276    !! Better reads in BGP to avoid invalid reads
  277     + New logo
  278     + Added ascii FQDN support to DHCP ACK
  279     + Added UA parsing to http packets
  280     + Added support for IPv4 and IPv6 Tunnels
  281     + New mDNS dissector
  282     + Added PPI support (per packet information) for wireless captures
  283     + Ensure that we find required packages with cmake
  284     + New clean-all cmake target
  285     + Print a message when done reading PCAP file
  286     - Removed 'u' and 'p' fields  from etter.fields
  287 
  288 0.7.5.3-Assimilation 20130201
  289    !! Fixed ncurses host scan crash (already fixed in 0.7.5.2)
  290    !! Fixed ppp connection crash (already fixed in 0.7.5.2)
  291    !! Fixed only MiTM mode selecting text interface
  292     + Changed to version 0.7.5.3 to help distributions.
  293 
  294 0.7.5.2-Assimilation 20130129
  295    !! applied patch to fix CVE-2012-0722
  296    !! fixed username detection in TN3270 dissector
  297     + Added new private-key and certificate-file options for SSL MiTM
  298     + Fix for crash in ncurses multiple scan for host mode
  299     + Fix for crash in ppp0 connections
  300 
  301 0.7.5.1-Assimilation 20130103
  302    !! fixed set_blocking() method preventing SSL MiTM from working
  303    !! changed SSLStrip plugin to use PCRE
  304    !! more improvements to SSLStrip plugin
  305     + Added MySQL 5.x dissector
  306     + Added O5Logon dissector
  307     + Added iSCSI CHAP dissector
  308     + Added TN3270 dissector
  309     + Added MongoDB dissector
  310 
  311 0.7.5-Assimilation 20121015
  312    !! fixed more memory leaks
  313    !! improved GTK GUI
  314    !! changed build system to CMake.
  315     + Added IPv6 poisoning and capture.
  316     + Added NBNS spoof plugin.
  317     + Added SSLStrip Plugin (EXPERIMENTAL)
  318 
  319 0.7.4-Lazarus	20111202
  320    !! fixed resource depletion issue
  321    !! buffer access out-of-bounds issues
  322    !! fixed DNS dissector not working on 64bit systems
  323    !! multiple buffer overflows
  324    !! multiple memory leaks
  325    !! multiple files with obsolete code
  326    !! fixed SEND L3 errors experienced by some users
  327    !! fixed a compilation error under Mac OS X Lion
  328    !! updated build system
  329    (Please see bug track for issue specifics)
  330 
  331 NG-0.7.4         2005
  332 
  333    + added the radius dissector
  334    + go into unoffensive mode if libnet initialization fails
  335    !! etterfilter now accepts empty blocks
  336    !! the log files are closed on SIGTERM
  337    !! fixed a compilation error under Mac OS X Tiger
  338    !! fixed an improper handling of wdg_dynlist callback
  339    !! fixed bound checking in some dissectors
  340 
  341 
  342 NG-0.7.3         20050528
  343 
  344    + added the INC (+=) and DEC (-=) operators to the filter engine
  345    !! fixed the compilation of some plugins
  346    !! fixed a segfault in the isolate plugin
  347    !! fixed a bug in the dhcp spoofing module
  348    !! fixed a serious security bug (a format bug in the curses gui)
  349 
  350 
  351 NG-0.7.2         20041221
  352 
  353    + the hosts scan can now be canceled by the user (ctrl+q)
  354    + the netmask for the scan can now be specified within the GUI
  355    + checksum_check was renamed to checksum_warning
  356      and a new option to prevent the check was introduced
  357      (see the man page etter.conf(5) for details)
  358    + added the help menu (inline man pages)
  359    + wins support for the dns_spoof plugin
  360    + new plugin: repoison_arp
  361    !! do not drop privs under windows (useless) 
  362    !! fixed the mmap problem under windows
  363    !! fixed file operation under windows (O_BINARY related)
  364    !! fixed the IRC password collector (\r \n related)
  365    !! fixes the dumping of the profiles to a file (fingerprint not recorded)
  366    !! the remote flag is now reset when the arp poisoning is stopped
  367    !! fixed the ebcdic visualization
  368    !! fixed the autoadd plugin when a target is ANY
  369 
  370 
  371 NG-0.7.1         20040920
  372 
  373    + added the -s options to issue commands to the gui (useful in scripts)
  374    + added the -I options to show the list of NICs
  375    + ported to windows (mingw)
  376    + added a new plugin: isolate
  377    + updated os and mac fingerprints
  378    !! fixed compilation of strtok_r under solaris
  379    !! fixed a pthread problem under mac os X
  380    !! fixed the compilation with gcc 3.5.x
  381    !! fixed message box character wrapping (gtk)
  382 
  383 
  384 NG-0.7.0         20040705
  385 
  386    + implemented a thread safe strtok
  387    + prepared the source for a smooth mingw porting
  388    !! fixed numeric sorting in gtk interface
  389    !! autoadd plugin does not add the local address
  390    !! dump profiles to file now dumps even host without any open port
  391    !! fixed compilation under freebsd 4.9
  392 
  393 
  394 NG-0.7.0_rc1     20040614
  395 
  396    + WEP decryption for WiFi packets
  397    + support for prism2 headers
  398    + added the -I search option in etterlog
  399    + you can now apply filters on pcapfiles and dump the results
  400    + you can now specify an alternative config file with -a
  401    !! log to file works again
  402    !! fixed a segfault dumping profiles to file
  403    !! fixed a segfault when opening not-readable dirs from the curses GUI
  404    !! fixed uninitialized data that caused segfault in the dhcp dissector
  405    !! etterlog -c respect the -f specification
  406    !! fixed some problems with non blocking ssl sockets
  407    !! "should be checksum" is now correct
  408    
  409 
  410 NG-0.7.0_pre2    20040517
  411 
  412    + added support for UTF-8 strings
  413    + telnet collector enhancements (catches cisco login)
  414    + added new plugins:
  415       + find_ettercap
  416       + autoadd
  417    + the live connections list can be purged by the user
  418    + SSL support for the following dissector:
  419       + imaps
  420       + ircs
  421       + ldaps
  422       + nntps
  423       + pop3s
  424       + ssmtp
  425       + telnets
  426    + support for vlan tagging (802.1q header)
  427    + support for rawip file dumps
  428    + multiple selections in the GTK ui for targets and hosts
  429    + wifi enhancements
  430    !! fixed the $prefix issue in the configure
  431    !! fixed a linking problem against openssl
  432    !! some fixes in the man pages
  433    !! compiles against old openssl 0.9.6x
  434    !! better error handling on file creation failure
  435    !! fingerprint submissions works again
  436    !! fixed the configure checks for libpcap and libnet
  437    !! ec[ip] files are now platform independent
  438    !! fixed the "etter.ssl.crt not found" bug
  439    !! the arp_cop plugin now does not report the ettercap poisoning
  440    !! the filters are respected even logging to a eci file
  441    !! profiles in the eci file are not duplicated if arp poisoning
  442    
  443 
  444 NG-0.7.0_pre1    20040415
  445       
  446    + rewrite from scratch (the code is now cleaner and well commented)
  447    + it now requires libpcap and libnet
  448    + support for unconfigured network interfaces
  449    + automake and libtool are now used for the configuration process
  450    + etterlog utility for logfiles parsing
  451    + etterfilter utility to compile advanced content filters
  452    + root privs dropped after initialization
  453    + big endian arch support (sparc64)
  454    + layer 3 routing (forwarding packets)
  455    + new media support for:
  456       + wifi
  457       + token ring
  458       + fddi
  459       + ppp
  460       + linux cooked interfaces
  461    + unified sniffing (you can use external hijacker)
  462    + new MITM methods:
  463       + advanced ARP poisoning engine (with many-to-many support)
  464       + ICMP redirect
  465       + DCHP spoofing
  466       + port stealing
  467    + multiple target selection
  468    + pcap filter on capture
  469    + regex packet matching 
  470    + hook points per packet type (TCP, UDP... )
  471    + quiet mode (don't print packet content)
  472    + enhanced passive open port discoverer 
  473    + randomized ARP scan
  474    + cached dns resolution (increase speed and stealth)
  475    + enhanced statistics on ettercap performances
  476    + extended headers for every packet
  477    + passive DNS answer caching
  478    + global conf file always loaded to tweak internal variables
  479    + etter.conf supports dissectors on multiple ports
  480    + possibility to sniff on loopback
  481    + autoupdate from website for passive databases
  482    + non root users can use ettercap to read from files
  483    + unoffensive mode (doesn't forward packets)
  484    + user messages can be logged
  485    + dissector enhancements in: 
  486       + POP (APOP and AUTH LOGIN/PLAIN support)
  487       + X11 (banner discovery)
  488       + TELNET (collect even failed attempts)
  489       + SNMP fixes
  490       + MySQL fixes
  491       + HalfLife and Quake3 were unified
  492       + SMB
  493       + SSH (blowfish support)
  494       + SSL (totally reworked, runs on all platforms)
  495       + HTTP has gained performance overhaul
  496       + ...many others
  497    + new dissectors:
  498       + SMTP
  499       + CVS
  500       + OSPF, VRRP
  501    + plugins were unified, no more distinctions between standalone and hooking
  502    + new plugins:
  503       + finger (SYN+ACK fingerprinting on remote hosts)
  504       + smb_clear, smb_down (attacks against the SMB protocol)
  505    + curses interface improvements:
  506       + resizable under X11
  507       + mouse event are supported
  508       + customizable colors
  509       + completely new menu-driven interface
  510    + totally redesigned GTK+ interface
  511    + you can filter data with a visualization regexp
  512    + profiles can be dumped to a file
  513    + A lot of new bugs^H^H^H^H random features to be discovered ;)
  514    !! offline sniffing actually does not bind to any NICs
  515    - packet factory was removed
  516    - some plugins were not ported
  517 
  518    +++ too many other improvements to be listed here +++
  519 
  520 
  521 0.6.b       20030710
  522 
  523    + Plugins now works with GTK+ interface
  524    + Updated the passive OS fingerprint database (1279 records)
  525    !! Fixed internal refreshing (for huge traffic loads)
  526    !! Fixed wifi-dump support
  527    !! Fixed doppelganger re-arp
  528    !! Fixed a problem with signed char under mac G3
  529    !! Fixed some possible buffer overflows
  530 
  531 
  532 0.6.a       20030505
  533 
  534    + Buffered Data Connections (only for ncurses)
  535    + New Sniffing method (Port Stealing)
  536    + Updated the passive OS fingerprint database (1189 records)
  537    + enhanced smb dissector
  538    + enhanced troll plugin against request caching
  539    + NEW PLUGIN: Confusion,Hunter, SMB suite
  540    + partial wifi-dump support (experimental)
  541    !! Fixed demonization problem
  542    !! Fixed StateMachine problem
  543    !! a bouch of bug fix
  544 
  545 
  546 0.6.9       20030125
  547 
  548       + GTK+ 2.0 interface (experimental) (--enable-devel)
  549       + Windows Plugins porting
  550 		+ Updated the passive OS fingerprint database (1093 records)
  551       + Dissector Proxy 8080
  552       + NTLM auth
  553       + Enhanced poisoning method (solaris issue)
  554       + NEW PLUGIN: troll, PPTP suite
  555       + text and ebcdic view from command line
  556       + lc-convert utility (share dir)
  557       !! Fixed a LIBS problem under MacOSX (-lpoll)
  558       !! Fixed the VNC dissector
  559       !! A bouch of bug fix (too many to list here)
  560       
  561       
  562 0.6.7       20020702    
  563    
  564       + Updated the passive OS fingerprint database (853 records)
  565       !! Fixed the strlcpy bug in the the telnet dissector (oops alor mistake)
  566       !! Fixed a possible sigfault in the rlogin dissector
  567       !! Fixed the exit_func for Mac OS X
  568       
  569       
  570 0.6.6.6     20020603
  571 
  572       + Solaris porting
  573       + Sparc architecture support even for all other OSes
  574       + Windows 9X porting
  575       + Increased the speed of arp storm under windows
  576       + Added the ability to bind a port on which ettercap forwards the sniffed traffic
  577       + The -H option now supports range ip
  578       + NEW PLUGIN: lamia (become root of a switches spanning tree)
  579       + Updated the passive OS fingerprint database (825 records)
  580       !! Fixed the pthread_join problem under MacOSX
  581       !! Fixed the -w options (openssl path related bug)
  582       !! Fixed the conflicting options -Y and -a
  583       !! Fixed the FindIface function under BSD
  584 
  585 
  586 0.6.5       20020423
  587 
  588       + Windows (CYGWIN) porting
  589       + Dumping to and sniffing from tcpdump file format is now supported
  590       + Sniffing from command line now capture UDP+TCP packet by default
  591       + Logging engine doesn't log the same user/pass/ip twice
  592       + Under *BSD and MacOSX ettercap now uses only one bpf
  593       + Added the -J options (onlyposion) to allow multitarget arp sniffing
  594       + NEW PLUGIN :
  595          - roper   (Tries to stop ISAKMP for IPSEC traffic)
  596       + NEW password collector for: QUAKE 3, ICQ v7, MSN, YMSG
  597       + DISSECTORS enhanced: HTTPS - IMAP - NAPSTER (opennap) - IRC
  598       + PLUGIN enhanced:
  599          - leech (now it rearps the victim after isolation)
  600       + DOCUMENTATION translated in Polish and Dutch
  601       !! Better handling of CTRL+C
  602       !! Fixed a bug the the dlsym on OpenBSD 3.0 (plugin related)
  603       !! Fixed a bug in the handling of debug file
  604       !! Fixed the "not scrolling" JOINED visualization
  605 
  606 
  607 0.6.4       20020212
  608 
  609       + You can sniff traffic from a remote cisco router
  610         and make mitm attacks on it using GRE tunnels.
  611       + Added some bits for the passive OS fingerprint database.
  612         Now even the length of the packet make sense.
  613       + The sniffing interface now supports JOINED view
  614       + NEW PLUGIN :
  615          - thief   (dumps all files from HTTP)
  616          - zaratan (redirect GRE tunnels)
  617       + ICQ dissector now searches for passwords on all ports
  618       + Updated the passive OS fingerprint database (675 records)
  619       + Changed arg 2 of Plugin_HookPoint for PCK_RECEIVED_RAW
  620       !! Under OpenBSD the pflog interface is ignored
  621       !! Fixed the DATA_PATH issue in the phantom plugin
  622       !! Fixed an unsigned short in state_machine
  623       !! Fixed some plugins that don't recognize the 'yes' answer
  624       !! Fixed the plugins symbol problem on Mac OS X (strip -x)
  625       !! Fixed the possibility of remote exploitation on interface with MTU > 1500
  626 
  627 
  628 0.6.3.1     20011213
  629 
  630       !! Fixed the truncation of passwords in some dissectors
  631       !! Fixed the -undefined error problem for Mac OS X (darwin 1.4.x / 5.1)
  632 
  633 
  634 0.6.3       20011212
  635 
  636       + Grell dissector (HTTPS) now handles proxy auth
  637       + Grell dissector (HTTPS) now correctly handles SSL & TLS
  638       + Better connection status handling
  639       + Updated the passive OS fingerprint database (530 records)
  640       - Removed the --enable-suid option, so it is clear that ettercap is only for root
  641       !! Fixed a bug that implied to send on the net every packet sniffed from it (introduced in ettercap 0.6.2)
  642       !! Fixed the ENOBUFS error on BSD
  643       !! Fixed a bug for the compilation with --disable-plugins
  644       !! Fixed a bug for the compilation on Mac OS X without dlcompat libs
  645       !! Fixed the configure script to handle the -bundle_loader option under Mac OS X
  646       !! Fixed the command line format bug exploit (`ettercap %x%x%x%x%x`) !!
  647       !! Fixed many security threats in the code
  648 
  649 
  650 0.6.2       20011112
  651 
  652       + Ettercap is now a multi-thread single process.
  653       + The connection handling engine was enhanced and sped up
  654       + Now filtered (replaced) data can exceed the MTU
  655       + Completely new plugin conception (hooking plugin)
  656       + Better handling for unknown passive fingerprints
  657       + Possibility to load/save the hosts list from/to a file (-j -k options)
  658       - the -k (newcert) options was renamed to -w
  659       + Updated the passive OS fingerprint database (501 records)
  660       + Updated the active OS fingerprint database (2001/10/14)
  661       + New 'TEXT only' view on sniffed data
  662       + NEW password collector for: HALF LIFE, NFS, SNMP, LDAP
  663       + ENHANCEMENT in the password collector for: MySQL
  664       + NEW PLUGIN : dwarf (logs all POP and SMTP activity)
  665       !! Fixed a bug when recognizing HUB or SWITCH
  666       !! Fixed a bug in the banshee plugin
  667       !! Fixed a bug in the filtering engine from command line
  668       !! Fixed a sigfault in the HTTP dissector
  669       !! Plugins are now installed in {prefix}/lib/ettercap, not in share/ettercap
  670       !! ettercap is now installed in the more appropriate {prefix}/sbin/
  671       !! now the configure script doesn't require root privileges to run
  672       !! configure now handles correctly the --datadir=DIR and --libdir=DIR directive.
  673 
  674 
  675 0.6.0       20010917
  676 
  677       + Passive scanning of the LAN
  678       + Plugins ported to Mac OS X (darwin)
  679       + Doppelganger now uses the new REQUEST ARP POISON (see readme)
  680       + Grell (HTTPS) now supports virtual hosts
  681       + The Logging engine for the simple mode was rewritten from scratch
  682       + Now MAC sniffing can have only one parameter
  683       + Updated the active OS fingerprint database
  684       + Updated the MAC fingerprint database
  685       + NEW PLUGIN : beholder and basilisk
  686       + PLUGIN enhanced: imp and triton
  687       !! configure script tuned up. now it compiles missing libs only if needed
  688       !! Fixed a bug preventing SSL sniffing
  689       !! Fixed a problem in illithid related to the smart arp sniffing
  690       !! Fixed a compilation problem for FreeBSD 4.0 (getifaddrs related)
  691       !! Fixed a compilation problem for MacOsX (termios related)
  692       !! Fixed a ioctl() problem in phantom plugin on *BSD and MacOsX
  693 
  694 0.5.4       20010726
  695 
  696       + Porting for Mac Os X (darwin 1.3.x)
  697       + Reverse IP matching (-R option)
  698       + Spoofing of the source ip on start up
  699       + Customizable delay between arp request on startup
  700       + Added the Inet_CloseRawSock API (for debugging purpose)
  701       + Better handling of SIGSEGV and SIGBUS (for debugging purpose)
  702       + Updated the OS fingerprint database
  703       + ENHANCEMENT in the password collector for: IRC
  704       + PLUGIN enhanced: triton
  705       + NEW PLUGIN : arpcop, phantom, imp
  706       !! Fixed the "make_label" compilation problem
  707       !! Fixed a sigfault on OS fingerprinting
  708       !! Fixed ip_forwarding restoring bug
  709       !! Fixed some ncurses visualization errors
  710 
  711 0.5.2       20010707
  712 
  713       + Plugins ported to OpenBSD
  714       + Porting for NetBSD 1.5
  715       + Added FreeBSD 4 support for source MAC address spoofing
  716       + Illithid (the sniffer engine) totally rewritten and tuned up
  717       + Doppelganger (the arp poisoner) totally rewritten and tuned up
  718       + New programmable filtering engine (see README for details)
  719       + Filter can be used in command line mode (-F option)
  720       + Possibility to scan only chosen IPs (-H option)
  721       + Possibility to select the delay between arp replies (-D option)
  722       + Checking for the latest ettercap version (-v option)
  723       + More accurate and faster start up host scanning
  724       + Connection killing method enhanced
  725       + New and more detailed man pages
  726       + ENHANCEMENT in the password collector for: HTTP (<form> parsing)
  727       + NEW PLUGIN : spectre, triton
  728       !! Fixed the interface shutdown bug... yeah !
  729       !! Fixed "can't find grell_ssl.crt" error message in the rpm version.
  730 
  731 
  732 0.5.0       20010611
  733 
  734       + Full-duplex HTTPS man-in-the-middle support
  735       + Support for HTTPS through a proxy
  736       + SSH sniffing even from command line
  737       + Enable/Disable dissectors via conf file
  738       + Public ARP in simple mode
  739       + Smart Public arp (all but the target)
  740       + Dump of the pass to a file from interactive mode
  741       + Packet Factory enhancement (now the payload can be loaded from a file)
  742       + The newest config.guess and config.sub are now included
  743       + Updated the OS fingerprint database (2001/06/04 09:40:50 fyodor)
  744       + NEW password collector for: HTTPS, PROXYHTTPS
  745       + ENHANCEMENT in the password collector for: SMB, HTTP, MySQL
  746       + FIXED password collector for: IRC
  747       + DOCUMENTATION translated in : French, Italian
  748       ! Fixed many many bug... but some still persist... ;)
  749 
  750 
  751 0.4.3       20010511
  752 
  753       + Added a Protocol State Machine for dissectors
  754       + Added the rule "Log" to the filtering form
  755       + Packet Factory (create and send packets on the fly)
  756       + Configuration file
  757       + Code cleanup !!
  758       + Plugins can be launched from connection list
  759       + NEW plugin : banshee
  760       + ENHANCEMENT in the password collector for: SOCKS 5, IMAP, VNC, SMB, MySQL
  761       + FIXED password collector for: SOCKS 5
  762 
  763 
  764 0.4.2       20010429
  765 
  766       + You can specify the IP "ANY"
  767       + Logging all data to specific file(s)
  768       + Added the "demonization" feature (--quiet)
  769       + Packet filtering/dropping/search/replace
  770       + Improved the user/password hunting in datadecode module
  771       + Tuning of Doppelganger poison/rearp
  772       + NEW plugin : lurker
  773       + NEW password collector for: NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC
  774       + ENHANCEMENT in the password collector for: POP, SMB, MySQL
  775       ! fixed a bug in the fingerprint for *BSD
  776       ! fixed the handling of eth aliases
  777       ! fixed the activation/deactivation of Active Dissectors
  778 
  779 
  780 0.4.0       20010409
  781 
  782       + Full duplex SSH man-in-the-middle support !!
  783       + new startup mode (--broadping -b).
  784       + new sniffing method (PublicARP)
  785       + Injector now supports escape sequences
  786       + netmask switch added
  787       + added support for getopt_long even on *BSD
  788       + NEW password collector for :  SSH1, SMB, RLOGIN, HTTP, ICQ, MySQL
  789       ! fixed the "sendto() 1518 byte" bug
  790 
  791 
  792 0.3.1       20010323
  793 
  794       ! fixed a nasty bug sniffing/sending big packets
  795       ! fixed telnet dissector
  796 
  797 
  798 0.3.0       20010319
  799 
  800       + Ported on OpenBSD 2.7
  801       + UDP support
  802       + OS Fingerprint
  803       + Network Adapter Fingerprint
  804       + Password collector for:  FTP, POP, TELNET
  805       + Injection interface redesigned
  806       + Possibility to check if you are in a switched lan or not.
  807       ! various bugfix
  808 
  809 
  810 0.2.4       20010309
  811 
  812       + Ported on FreeBSD 4.x
  813       + Plugin version control
  814       + Added -x option for hex mode in command line
  815       - Removed -1 and -2 options (better getopt parsing)
  816       + Ability to sniff in all direction (no more two hosts limit)
  817       + Silent mode (--silent or -z) (no arp storm on start up)
  818 
  819 
  820 0.2.1       20010223
  821 
  822       + Scrolling window for plugin output
  823       + detailed packets view in hex mode (SEQ, ACK and FLAGS)
  824       + identification of connections type (FTP, telnet, ecc)
  825       + ability to kill a connection from connection list
  826       ! sigfault when no plugin found and press return
  827 
  828 
  829 0.2.0       20010219
  830 
  831       + Plug-In support
  832       + Inet module totally rewritten and redesigned.
  833       + Downported to 2.0.x Linux Kernels (EXPERIMENTAL)
  834       + Added support for glibc 2.0.x  2.1.x  2.2.x
  835       + Scroll back in sniffing window (*very* *very* useful !!)
  836       ! after injection the connections are cleanly RSTted
  837 
  838 
  839 0.1.1       20010209
  840 
  841       + detect if there is another man-in-the-middle in the LAN
  842       + full telnet injection support
  843       ! ettercap defaults to the first up and running iface
  844       ! removed possible sigfault making host list
  845       ! now works with openwall
  846       ! various bugfixing
  847 
  848 
  849 0.1.0.beta  20010125
  850 
  851       * Initial public release...
  852 
  853       + Easy to use ncurses interface
  854       + Command line mode (without ncurses)
  855       + IP based sniffing (old style sniffing)
  856       + MAC based sniffing (for traffic between hosts and gateways)
  857       + ARP based sniffing (with arp poisoning for switched lan)
  858       + Characters injection in an established connection