"Fossies" - the Fresh Open Source Software Archive 
Member "ettercap-0.8.3.1/CHANGELOG" (1 Aug 2020, 35353 Bytes) of package /linux/privat/ettercap-0.8.3.1.tar.gz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
See also the latest
Fossies "Diffs" side-by-side code changes report for "CHANGELOG":
0.8.3_vs_0.8.3.1.
1
2 Legend:
3 + new feature
4 - old feature removed
5 !! bug fixed
6 =========================================
7 0.8.3.1-Bertillon 20200801
8 !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.0)
9 !! Fix blackholing SSL packets when specific redirection is used
10 !! Fix TLS 1.3 interception issues (replace fake certificate with proper key length)
11 !! Fix segmentation fault when parsing HTTP NTLM handshake (fixes #922)
12 !! Fix crash if one redirect command is not enabled
13 !! Fix build on MacOSX detecting new dependency HarfBuzz
14 !! Fix warnings when parsing etter.(m)dns file when built w/o IPv6 support
15 !! Fix capture delay with libpcap v1.9.1 (fixes #974)
16 !! Fix segmentation fault when etterlog concatinate files
17 !! Fix compiling with GCC version / defaulting to -fno-common
18 !! Fix bad UDP length for packets changed with replace()
19 !! Fix passing --lua-args arguments to LUA scripts
20 !! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used
21 !! Fix references to old sourceforce.org website in the code and documentation
22 !! Fix fingerprint_submit (still missing its server counterpart)
23 + Take over client-side SNI extension in ClientHello in SSL interception (req. OpenSSL 1.1.1)
24 + Take over SAN certificate extension from server certificate in SSL interception
25 + Use server certificate sign algorithm to sign fake certificate defaulting to SHA256
26 + CLI provided plugins are now also autostarted in graphical UI
27 + Added --plugin-list CLI parameter
28 + New execreplace etterfilter command
29 + Update bundled OUI mac addresses
30 + Update LuaJIT from 2.0.4 to 2.0.5
31 + Update libnet from 1.1.6 to 1.2
32 + Update check from 0.10.0 to 0.15.0
33 + Update curl from 7.44.0 to 7.71.1
34 - Separate etter.dns and etter.mdns examples in dedicated examples file
35 - Remove source IP specification from customizable SSL redirects
36 - Remove of deprecated redirect commands from etter.conf
37 - Remove Easter Egg (Sorry ALoR and NaGA)
38
39 0.8.3-Bertillon 20190701
40 !! Fix binary comparison and assignment in etterfilter
41 !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long)
42 !! Non-aligned filters are no longer supported (recompilation with etterfilter required)
43 !! Fixed sslstrip plugin startup issue due to regex compilation error
44 !! Fixed lots of build warnings
45 !! Proper separation of library and executable code
46 !! Fixed heap-buffer-overflow in write_output in etterfilter
47 !! ip_addr sanity check when etterlog processes info logfile
48 !! CVE-2017-8366 (Lots of buffer under-/overflow conditions fixed)
49 !! CVE-2017-6430 (Fix invalid read on crafted file in etterfilter)
50 !! fix dns_spoof plugin when used in bridge mode
51 + SSL redirects are now customizable at runtime
52 + GeoIP detection / support using CMake
53 + Rework of GTK3 UI - modern GNOME3 look
54 + New Kerberos 5 downgrade plugin
55 + GTK3 is the new default GTK_BUILD_TYPE
56 + OSPF dissector supports more authentication methods in hash-cracker friendly format
57 + Rework of Oracle O5LOGON dissector
58 + Multi-threaded name resolution
59 + Updated etter.finger.mac
60 - GTK2 phase out initialized
61 - Usage of deprecated inet_aton replaced with current successor functions
62
63 0.8.2-Ferri 20150314
64 !! Fixed some openssl deprecated functions usage
65 !! Fixed log file ownership
66 !! Fixed mixed output print
67 !! Fixed drop_privs function usage
68 !! Fixed nopromisc option usage
69 !! Fixed missing break in parser code
70 !! Improved redirect commands
71 !! Fix truncated VLAN packet headers
72 !! Fix ettercap.rc file (windows only)
73 !! Various cmake fixes
74 !! A ton of BSD bug fixes
75 !! Simplify macosx cmake files
76 !! Fix incorrect sequence number after TCP injection
77 !! Fix pcap length, and alignment problems with libpcap
78 !! Bug fixes and gtk code refactor (gtk box wrapper)
79 !! Fix some ipv6 send issues
80 !! Fixed sleep time on Windows (high CPU usage)
81 !! Fixed many CVE vulnerabilities (some of them already fixed in 0.8.1)
82 - CVE-2014-6395 (Length Parameter Inconsistency)
83 - CVE-2014-6396 (Arbitrary write)
84 - CVE-2014-9376 (Negative index/underflow)
85 - CVE-2014-9377 (Heap overflow)
86 - CVE-2014-9378 (Unchecked return value)
87 - CVE-2014-9379 (Incorrect cast)
88 - CVE-2014-9380 (Buffer over-read)
89 - CVE-2014-9381 (Signedness error)
90 + Updated etter.finger.mac
91 + Add TXT and ANY query support on dns_spoof
92 + New macosx travis-ci build!
93 + Enable again PDF generation
94 - Remove gprof support
95
96 0.8.1-Lombroso 20141016
97 !! Fixed incorrect checksum computation on 64-bit systems
98 !! Fixed DNS resolution problems
99 !! Fixed hurd build failure (not specific to hurd but hurd seems the first OS defining ESUCCESS in glibc)
100 !! Fixed rpath handling
101 !! Fixed scan host crash with recent kernels
102 !! Fixed etter{log,filter} library path
103 !! O5LOGON dissector fixes for stealth mode scans
104 !! Fix constants to allow full hexadecimal characterset. Useful for filtering on ESP SPIs
105 !! Fixed some incoherencies in gbls pointers in utils and core
106 !! Fixed dhcp spoofing automatically start in text ui
107 !! Many fixes in filter compiler
108 !! Fixed lua installation path
109 !! Many ipv6 fixes and improvements
110 !! Fixed tests build failures
111 !! Fixed many iconv detection problems
112 !! Fixed many ctime problems
113 !! Fixed many dissector ports
114 !! Fixed timers incoherences
115 !! Fixed powerpc build failure
116 !! Fixed uniqueness of our include guards
117 !! Fixed cmake warnings, by correctly linking our libraries
118 !! Fixed clean target
119 !! Fixed COOKIE_PATTERN string
120 !! A ton of kfreebsd, freebsd, and MacOS fixes and build fixes
121 !! Fixed with a new "regain_privs" the ip forwarding restore
122 !! Fixed another scan crash
123 !! Fixed host list updated (delegated to the main thread)
124 !! Fixed etter.conf.v6 and etter.conf.v4 installation
125 !! Fixed (removed) some old code
126 !! Fixed (removed) some dbus interfaces listed in ettercap
127 !! Fixed some libraries link issues
128 !! Fixed various polkit installation directory issues
129 !! Fixed plugin path issues
130 !! Fixed bundled libs building order
131 !! Fixed undefined ips added to the host list (e.g. 0.0.0.0 in dhcp discover)
132 !! Fixed macosx builds
133 !! Moved check framework in bundled_libs directory
134 !! Fixed crash on scan for hosts, by adding a mutex
135 !! Fixed libettercap.so linking, by removing curses and gtk stuff
136 !! Fixed ip_add_to_int32 macro
137 !! Fixed a ton of warnings in gtk, curses and core
138 !! Fixed some documentation
139 !! Fixed tests with eglibc >= 2.17
140 !! Fixed check framework find, with fallback in the bundled
141 one if not available
142 !! Fixed bug in etter.finger.mac parsing
143 !! Fixed ssl checks on cmake, now it is mandatory
144 !! Fixed scan for hosts progress bar
145 !! Fixed linux.org ip address on etter.dns conf file
146 !! Fixed some memory leakages
147 !! Fixed missing RelWithDebInfo on Cmake
148 !! Fixed typos
149 !! Fixed some performance issues in scan for hosts function
150 !! Fixed race condition when scan progress was canceled
151 !! Fixed cmake flags passing
152 !! Fixed IPv6 build
153 !! Fixed debug messages
154 + experimental ESP detection/filtering
155 + make etter{log,filter} ipv6 compatible
156 + Enabled multithread scan for Curses interface
157 + New appdata xml file
158 + New experimental GTK3 support!
159 + New threaded host resolution!
160 + Many build and runtime performances improvements
161 + Ettercap builds on windows (MingW) again!
162 + New arp "smart" poisoning!
163 + New base64 encode and decode functions
164 + New execinject etterfilter command
165 + New ipv6 hidden scan mode
166 + New support for multiple plugins in UI mode
167 + New uninstall target
168 + Gnu/Hurd support!
169 + Automatically refresh plugin list
170 + Threading some plugins
171 + A new function for self-destruct plugins
172 + New INSTALL_EXEDIR cmake option, now you can have "ettercap" and
173 the other binaries in two different directories!
174 + New Null/Loopback decoder!
175 + Added automatic irc notifications!
176 + Added some debug and fortify-source flags
177 + Added some travis builds!
178 + Updated etter.finger.mac
179 + Added support for parsing RIPv2 and OSPF MD5 authentication packets
180 + Updated curl and check bundled libraries
181 + updated etter.filter.examples file
182 + updated TODO list
183 + etterfilter now is IPv6 ready!
184 + Documentation updated
185 + Man pages updated
186 + New nd-poisoning!
187 + Increased IPv6 probe delay from 2 seconds to 3
188 - Removed hex_encode stuff
189 - Removed ec_pap.c since it was already implemented in ec_ppp.c
190 - Removed duplicate code, in favour of libettercap usage
191
192 0.8.0-Lacassagne 20130921
193 !! Fixed some problems in fork and execve usage in case of command failure (sslstrip)
194 !! Fixed dropping privileges for remote_browser plugin ran as root
195 !! Fixed infinite loop when a http GET was issued on the attacker browser, while remote_browser was active
196 !! Fixed some "atexit" bad references
197 !! Fixed plugin load on text interface, if no number were entered
198 !! Fixed problem spotted when ethtool wasn't installed on the machine
199 !! Fixed old "ethereal" references
200 !! Fixed missing newlines in printf
201 !! Switching to ps2pdf as default (from ps2pdf13), it should point to ps2pdf14 on all distros
202 !! Fix cmake file, dropped MACPORTS_BASE_DIRECTORY
203 !! Fix problem in "stopping attacks" window not properly shown in gtk
204 !! Fix problem in wrong pcap file saving
205 !! Fix issue in send_udp function
206 !! Fix problem in libnet rc detection
207 !! Fix restore ip_forward by retrying up to 5 times
208 !! Fix socket issues
209 !! Fix for hex format display
210 !! New send_tcp function, taking payload and length
211 !! Fixed memory leak in remote browser plugin
212 !! Fixed comparison bug in ec_decode
213 !! Fixed UI input for GTK
214 !! Fixed some memory leaks
215 !! Fixed man pages and AUTHORS file
216 !! Fixes in sslstrip plugin
217 !! Many etter.dns fixes
218 !! Many documentation fixes
219 !! A ton of refactors/fixes in Cmake scripts
220 !! Fix GTK crash when scanning hosts
221 !! Fix build failure on Mac OS X 10.6
222 !! Crash fix in target selection
223 !! Disabled UID change for remote browser plugin
224 !! Fixed remote browser plugin
225 !! A ton of fixes in protocols and dissectors (dhcp, http, ppp, mpls)
226 + New ettercap logo
227 + Renamed help menu to "?", to avoid double "H" shortcut
228 + New WARN_MSG warning message
229 + Added message in DHCP spoofing when no mitm has started
230 + New horizontal scrollbar for messages in gtk view
231 + Disabled offload warning messages (only in Release mode)
232 + New ettercap-pkexec, policy and ettercap.desktop files for launching ettercap -G as a normal user with sudo privileges
233 + Automatic host list refresh in GTK GUI after scanning
234 + New fraggle plugin attack
235 + New fields in etter.fields file
236 + Cherry picked debian patches (svg icon)
237 + Added content print on http dissector
238 + Added support for negative dns replies
239 + Creation of (experimental) unit tests
240 + Creation of (experimental) libettercap
241 + Now you can build just the ettercap library (libettercap) without any GUIs
242 + Added travis-ci support
243 + DNS spoofing for IPv6 addresses
244 + PDF Docs generation is not optional
245 + Added SRV query handling to DNS spoof
246 + New mDNS spoof plugin
247 + New low level decoders
248 + New decoder for ip over pppoe
249 + Added PPP DLT to interfaces
250 + Add experimental Lua support to Ettercap
251 + New Bundle libnet and curl
252 + Full support for wifi decrypting (wep and wpa)
253 - Disabled update feature (not working anymore and not secure)
254 - Deprecated napster dissector
255
256 0.7.6-Locard 20130327
257 !! Fixed some parsing errors
258 !! Fixes to TN3270 dissector and SSL Strip
259 !! PostgreSQL dissector: Update output format to reflect release syntax
260 for John the Ripper 1.7.9-Jumbo-8. The old format is still supported,
261 but deprecated.
262 !! Fixed memory leak in SSL Strip plugin
263 !! Fixed check in invalid ip header
264 !! Fixed QoS packets handling (they aren't dropped anymore)
265 !! Fix in o5logon Heap Corruption
266 !! New and updated OUI file
267 !! Some memory leaks fixed
268 !! Fixed some bugs in return values and fstat failures handling
269 !! Fixed a bug in some password display (didn't get null terminated)
270 !! Many fixes in gcc warnings when building
271 !! Better cmake module to find curl and libnet
272 !! Fixed bug in filters load
273 !! Fixes in HTTP and HTTPs protocols
274 !! Fixed UI deadlock
275 !! Fixes in tcp and http handling (infinite loop and crash)
276 !! Better reads in BGP to avoid invalid reads
277 + New logo
278 + Added ascii FQDN support to DHCP ACK
279 + Added UA parsing to http packets
280 + Added support for IPv4 and IPv6 Tunnels
281 + New mDNS dissector
282 + Added PPI support (per packet information) for wireless captures
283 + Ensure that we find required packages with cmake
284 + New clean-all cmake target
285 + Print a message when done reading PCAP file
286 - Removed 'u' and 'p' fields from etter.fields
287
288 0.7.5.3-Assimilation 20130201
289 !! Fixed ncurses host scan crash (already fixed in 0.7.5.2)
290 !! Fixed ppp connection crash (already fixed in 0.7.5.2)
291 !! Fixed only MiTM mode selecting text interface
292 + Changed to version 0.7.5.3 to help distributions.
293
294 0.7.5.2-Assimilation 20130129
295 !! applied patch to fix CVE-2012-0722
296 !! fixed username detection in TN3270 dissector
297 + Added new private-key and certificate-file options for SSL MiTM
298 + Fix for crash in ncurses multiple scan for host mode
299 + Fix for crash in ppp0 connections
300
301 0.7.5.1-Assimilation 20130103
302 !! fixed set_blocking() method preventing SSL MiTM from working
303 !! changed SSLStrip plugin to use PCRE
304 !! more improvements to SSLStrip plugin
305 + Added MySQL 5.x dissector
306 + Added O5Logon dissector
307 + Added iSCSI CHAP dissector
308 + Added TN3270 dissector
309 + Added MongoDB dissector
310
311 0.7.5-Assimilation 20121015
312 !! fixed more memory leaks
313 !! improved GTK GUI
314 !! changed build system to CMake.
315 + Added IPv6 poisoning and capture.
316 + Added NBNS spoof plugin.
317 + Added SSLStrip Plugin (EXPERIMENTAL)
318
319 0.7.4-Lazarus 20111202
320 !! fixed resource depletion issue
321 !! buffer access out-of-bounds issues
322 !! fixed DNS dissector not working on 64bit systems
323 !! multiple buffer overflows
324 !! multiple memory leaks
325 !! multiple files with obsolete code
326 !! fixed SEND L3 errors experienced by some users
327 !! fixed a compilation error under Mac OS X Lion
328 !! updated build system
329 (Please see bug track for issue specifics)
330
331 NG-0.7.4 2005
332
333 + added the radius dissector
334 + go into unoffensive mode if libnet initialization fails
335 !! etterfilter now accepts empty blocks
336 !! the log files are closed on SIGTERM
337 !! fixed a compilation error under Mac OS X Tiger
338 !! fixed an improper handling of wdg_dynlist callback
339 !! fixed bound checking in some dissectors
340
341
342 NG-0.7.3 20050528
343
344 + added the INC (+=) and DEC (-=) operators to the filter engine
345 !! fixed the compilation of some plugins
346 !! fixed a segfault in the isolate plugin
347 !! fixed a bug in the dhcp spoofing module
348 !! fixed a serious security bug (a format bug in the curses gui)
349
350
351 NG-0.7.2 20041221
352
353 + the hosts scan can now be canceled by the user (ctrl+q)
354 + the netmask for the scan can now be specified within the GUI
355 + checksum_check was renamed to checksum_warning
356 and a new option to prevent the check was introduced
357 (see the man page etter.conf(5) for details)
358 + added the help menu (inline man pages)
359 + wins support for the dns_spoof plugin
360 + new plugin: repoison_arp
361 !! do not drop privs under windows (useless)
362 !! fixed the mmap problem under windows
363 !! fixed file operation under windows (O_BINARY related)
364 !! fixed the IRC password collector (\r \n related)
365 !! fixes the dumping of the profiles to a file (fingerprint not recorded)
366 !! the remote flag is now reset when the arp poisoning is stopped
367 !! fixed the ebcdic visualization
368 !! fixed the autoadd plugin when a target is ANY
369
370
371 NG-0.7.1 20040920
372
373 + added the -s options to issue commands to the gui (useful in scripts)
374 + added the -I options to show the list of NICs
375 + ported to windows (mingw)
376 + added a new plugin: isolate
377 + updated os and mac fingerprints
378 !! fixed compilation of strtok_r under solaris
379 !! fixed a pthread problem under mac os X
380 !! fixed the compilation with gcc 3.5.x
381 !! fixed message box character wrapping (gtk)
382
383
384 NG-0.7.0 20040705
385
386 + implemented a thread safe strtok
387 + prepared the source for a smooth mingw porting
388 !! fixed numeric sorting in gtk interface
389 !! autoadd plugin does not add the local address
390 !! dump profiles to file now dumps even host without any open port
391 !! fixed compilation under freebsd 4.9
392
393
394 NG-0.7.0_rc1 20040614
395
396 + WEP decryption for WiFi packets
397 + support for prism2 headers
398 + added the -I search option in etterlog
399 + you can now apply filters on pcapfiles and dump the results
400 + you can now specify an alternative config file with -a
401 !! log to file works again
402 !! fixed a segfault dumping profiles to file
403 !! fixed a segfault when opening not-readable dirs from the curses GUI
404 !! fixed uninitialized data that caused segfault in the dhcp dissector
405 !! etterlog -c respect the -f specification
406 !! fixed some problems with non blocking ssl sockets
407 !! "should be checksum" is now correct
408
409
410 NG-0.7.0_pre2 20040517
411
412 + added support for UTF-8 strings
413 + telnet collector enhancements (catches cisco login)
414 + added new plugins:
415 + find_ettercap
416 + autoadd
417 + the live connections list can be purged by the user
418 + SSL support for the following dissector:
419 + imaps
420 + ircs
421 + ldaps
422 + nntps
423 + pop3s
424 + ssmtp
425 + telnets
426 + support for vlan tagging (802.1q header)
427 + support for rawip file dumps
428 + multiple selections in the GTK ui for targets and hosts
429 + wifi enhancements
430 !! fixed the $prefix issue in the configure
431 !! fixed a linking problem against openssl
432 !! some fixes in the man pages
433 !! compiles against old openssl 0.9.6x
434 !! better error handling on file creation failure
435 !! fingerprint submissions works again
436 !! fixed the configure checks for libpcap and libnet
437 !! ec[ip] files are now platform independent
438 !! fixed the "etter.ssl.crt not found" bug
439 !! the arp_cop plugin now does not report the ettercap poisoning
440 !! the filters are respected even logging to a eci file
441 !! profiles in the eci file are not duplicated if arp poisoning
442
443
444 NG-0.7.0_pre1 20040415
445
446 + rewrite from scratch (the code is now cleaner and well commented)
447 + it now requires libpcap and libnet
448 + support for unconfigured network interfaces
449 + automake and libtool are now used for the configuration process
450 + etterlog utility for logfiles parsing
451 + etterfilter utility to compile advanced content filters
452 + root privs dropped after initialization
453 + big endian arch support (sparc64)
454 + layer 3 routing (forwarding packets)
455 + new media support for:
456 + wifi
457 + token ring
458 + fddi
459 + ppp
460 + linux cooked interfaces
461 + unified sniffing (you can use external hijacker)
462 + new MITM methods:
463 + advanced ARP poisoning engine (with many-to-many support)
464 + ICMP redirect
465 + DCHP spoofing
466 + port stealing
467 + multiple target selection
468 + pcap filter on capture
469 + regex packet matching
470 + hook points per packet type (TCP, UDP... )
471 + quiet mode (don't print packet content)
472 + enhanced passive open port discoverer
473 + randomized ARP scan
474 + cached dns resolution (increase speed and stealth)
475 + enhanced statistics on ettercap performances
476 + extended headers for every packet
477 + passive DNS answer caching
478 + global conf file always loaded to tweak internal variables
479 + etter.conf supports dissectors on multiple ports
480 + possibility to sniff on loopback
481 + autoupdate from website for passive databases
482 + non root users can use ettercap to read from files
483 + unoffensive mode (doesn't forward packets)
484 + user messages can be logged
485 + dissector enhancements in:
486 + POP (APOP and AUTH LOGIN/PLAIN support)
487 + X11 (banner discovery)
488 + TELNET (collect even failed attempts)
489 + SNMP fixes
490 + MySQL fixes
491 + HalfLife and Quake3 were unified
492 + SMB
493 + SSH (blowfish support)
494 + SSL (totally reworked, runs on all platforms)
495 + HTTP has gained performance overhaul
496 + ...many others
497 + new dissectors:
498 + SMTP
499 + CVS
500 + OSPF, VRRP
501 + plugins were unified, no more distinctions between standalone and hooking
502 + new plugins:
503 + finger (SYN+ACK fingerprinting on remote hosts)
504 + smb_clear, smb_down (attacks against the SMB protocol)
505 + curses interface improvements:
506 + resizable under X11
507 + mouse event are supported
508 + customizable colors
509 + completely new menu-driven interface
510 + totally redesigned GTK+ interface
511 + you can filter data with a visualization regexp
512 + profiles can be dumped to a file
513 + A lot of new bugs^H^H^H^H random features to be discovered ;)
514 !! offline sniffing actually does not bind to any NICs
515 - packet factory was removed
516 - some plugins were not ported
517
518 +++ too many other improvements to be listed here +++
519
520
521 0.6.b 20030710
522
523 + Plugins now works with GTK+ interface
524 + Updated the passive OS fingerprint database (1279 records)
525 !! Fixed internal refreshing (for huge traffic loads)
526 !! Fixed wifi-dump support
527 !! Fixed doppelganger re-arp
528 !! Fixed a problem with signed char under mac G3
529 !! Fixed some possible buffer overflows
530
531
532 0.6.a 20030505
533
534 + Buffered Data Connections (only for ncurses)
535 + New Sniffing method (Port Stealing)
536 + Updated the passive OS fingerprint database (1189 records)
537 + enhanced smb dissector
538 + enhanced troll plugin against request caching
539 + NEW PLUGIN: Confusion,Hunter, SMB suite
540 + partial wifi-dump support (experimental)
541 !! Fixed demonization problem
542 !! Fixed StateMachine problem
543 !! a bouch of bug fix
544
545
546 0.6.9 20030125
547
548 + GTK+ 2.0 interface (experimental) (--enable-devel)
549 + Windows Plugins porting
550 + Updated the passive OS fingerprint database (1093 records)
551 + Dissector Proxy 8080
552 + NTLM auth
553 + Enhanced poisoning method (solaris issue)
554 + NEW PLUGIN: troll, PPTP suite
555 + text and ebcdic view from command line
556 + lc-convert utility (share dir)
557 !! Fixed a LIBS problem under MacOSX (-lpoll)
558 !! Fixed the VNC dissector
559 !! A bouch of bug fix (too many to list here)
560
561
562 0.6.7 20020702
563
564 + Updated the passive OS fingerprint database (853 records)
565 !! Fixed the strlcpy bug in the the telnet dissector (oops alor mistake)
566 !! Fixed a possible sigfault in the rlogin dissector
567 !! Fixed the exit_func for Mac OS X
568
569
570 0.6.6.6 20020603
571
572 + Solaris porting
573 + Sparc architecture support even for all other OSes
574 + Windows 9X porting
575 + Increased the speed of arp storm under windows
576 + Added the ability to bind a port on which ettercap forwards the sniffed traffic
577 + The -H option now supports range ip
578 + NEW PLUGIN: lamia (become root of a switches spanning tree)
579 + Updated the passive OS fingerprint database (825 records)
580 !! Fixed the pthread_join problem under MacOSX
581 !! Fixed the -w options (openssl path related bug)
582 !! Fixed the conflicting options -Y and -a
583 !! Fixed the FindIface function under BSD
584
585
586 0.6.5 20020423
587
588 + Windows (CYGWIN) porting
589 + Dumping to and sniffing from tcpdump file format is now supported
590 + Sniffing from command line now capture UDP+TCP packet by default
591 + Logging engine doesn't log the same user/pass/ip twice
592 + Under *BSD and MacOSX ettercap now uses only one bpf
593 + Added the -J options (onlyposion) to allow multitarget arp sniffing
594 + NEW PLUGIN :
595 - roper (Tries to stop ISAKMP for IPSEC traffic)
596 + NEW password collector for: QUAKE 3, ICQ v7, MSN, YMSG
597 + DISSECTORS enhanced: HTTPS - IMAP - NAPSTER (opennap) - IRC
598 + PLUGIN enhanced:
599 - leech (now it rearps the victim after isolation)
600 + DOCUMENTATION translated in Polish and Dutch
601 !! Better handling of CTRL+C
602 !! Fixed a bug the the dlsym on OpenBSD 3.0 (plugin related)
603 !! Fixed a bug in the handling of debug file
604 !! Fixed the "not scrolling" JOINED visualization
605
606
607 0.6.4 20020212
608
609 + You can sniff traffic from a remote cisco router
610 and make mitm attacks on it using GRE tunnels.
611 + Added some bits for the passive OS fingerprint database.
612 Now even the length of the packet make sense.
613 + The sniffing interface now supports JOINED view
614 + NEW PLUGIN :
615 - thief (dumps all files from HTTP)
616 - zaratan (redirect GRE tunnels)
617 + ICQ dissector now searches for passwords on all ports
618 + Updated the passive OS fingerprint database (675 records)
619 + Changed arg 2 of Plugin_HookPoint for PCK_RECEIVED_RAW
620 !! Under OpenBSD the pflog interface is ignored
621 !! Fixed the DATA_PATH issue in the phantom plugin
622 !! Fixed an unsigned short in state_machine
623 !! Fixed some plugins that don't recognize the 'yes' answer
624 !! Fixed the plugins symbol problem on Mac OS X (strip -x)
625 !! Fixed the possibility of remote exploitation on interface with MTU > 1500
626
627
628 0.6.3.1 20011213
629
630 !! Fixed the truncation of passwords in some dissectors
631 !! Fixed the -undefined error problem for Mac OS X (darwin 1.4.x / 5.1)
632
633
634 0.6.3 20011212
635
636 + Grell dissector (HTTPS) now handles proxy auth
637 + Grell dissector (HTTPS) now correctly handles SSL & TLS
638 + Better connection status handling
639 + Updated the passive OS fingerprint database (530 records)
640 - Removed the --enable-suid option, so it is clear that ettercap is only for root
641 !! Fixed a bug that implied to send on the net every packet sniffed from it (introduced in ettercap 0.6.2)
642 !! Fixed the ENOBUFS error on BSD
643 !! Fixed a bug for the compilation with --disable-plugins
644 !! Fixed a bug for the compilation on Mac OS X without dlcompat libs
645 !! Fixed the configure script to handle the -bundle_loader option under Mac OS X
646 !! Fixed the command line format bug exploit (`ettercap %x%x%x%x%x`) !!
647 !! Fixed many security threats in the code
648
649
650 0.6.2 20011112
651
652 + Ettercap is now a multi-thread single process.
653 + The connection handling engine was enhanced and sped up
654 + Now filtered (replaced) data can exceed the MTU
655 + Completely new plugin conception (hooking plugin)
656 + Better handling for unknown passive fingerprints
657 + Possibility to load/save the hosts list from/to a file (-j -k options)
658 - the -k (newcert) options was renamed to -w
659 + Updated the passive OS fingerprint database (501 records)
660 + Updated the active OS fingerprint database (2001/10/14)
661 + New 'TEXT only' view on sniffed data
662 + NEW password collector for: HALF LIFE, NFS, SNMP, LDAP
663 + ENHANCEMENT in the password collector for: MySQL
664 + NEW PLUGIN : dwarf (logs all POP and SMTP activity)
665 !! Fixed a bug when recognizing HUB or SWITCH
666 !! Fixed a bug in the banshee plugin
667 !! Fixed a bug in the filtering engine from command line
668 !! Fixed a sigfault in the HTTP dissector
669 !! Plugins are now installed in {prefix}/lib/ettercap, not in share/ettercap
670 !! ettercap is now installed in the more appropriate {prefix}/sbin/
671 !! now the configure script doesn't require root privileges to run
672 !! configure now handles correctly the --datadir=DIR and --libdir=DIR directive.
673
674
675 0.6.0 20010917
676
677 + Passive scanning of the LAN
678 + Plugins ported to Mac OS X (darwin)
679 + Doppelganger now uses the new REQUEST ARP POISON (see readme)
680 + Grell (HTTPS) now supports virtual hosts
681 + The Logging engine for the simple mode was rewritten from scratch
682 + Now MAC sniffing can have only one parameter
683 + Updated the active OS fingerprint database
684 + Updated the MAC fingerprint database
685 + NEW PLUGIN : beholder and basilisk
686 + PLUGIN enhanced: imp and triton
687 !! configure script tuned up. now it compiles missing libs only if needed
688 !! Fixed a bug preventing SSL sniffing
689 !! Fixed a problem in illithid related to the smart arp sniffing
690 !! Fixed a compilation problem for FreeBSD 4.0 (getifaddrs related)
691 !! Fixed a compilation problem for MacOsX (termios related)
692 !! Fixed a ioctl() problem in phantom plugin on *BSD and MacOsX
693
694 0.5.4 20010726
695
696 + Porting for Mac Os X (darwin 1.3.x)
697 + Reverse IP matching (-R option)
698 + Spoofing of the source ip on start up
699 + Customizable delay between arp request on startup
700 + Added the Inet_CloseRawSock API (for debugging purpose)
701 + Better handling of SIGSEGV and SIGBUS (for debugging purpose)
702 + Updated the OS fingerprint database
703 + ENHANCEMENT in the password collector for: IRC
704 + PLUGIN enhanced: triton
705 + NEW PLUGIN : arpcop, phantom, imp
706 !! Fixed the "make_label" compilation problem
707 !! Fixed a sigfault on OS fingerprinting
708 !! Fixed ip_forwarding restoring bug
709 !! Fixed some ncurses visualization errors
710
711 0.5.2 20010707
712
713 + Plugins ported to OpenBSD
714 + Porting for NetBSD 1.5
715 + Added FreeBSD 4 support for source MAC address spoofing
716 + Illithid (the sniffer engine) totally rewritten and tuned up
717 + Doppelganger (the arp poisoner) totally rewritten and tuned up
718 + New programmable filtering engine (see README for details)
719 + Filter can be used in command line mode (-F option)
720 + Possibility to scan only chosen IPs (-H option)
721 + Possibility to select the delay between arp replies (-D option)
722 + Checking for the latest ettercap version (-v option)
723 + More accurate and faster start up host scanning
724 + Connection killing method enhanced
725 + New and more detailed man pages
726 + ENHANCEMENT in the password collector for: HTTP (<form> parsing)
727 + NEW PLUGIN : spectre, triton
728 !! Fixed the interface shutdown bug... yeah !
729 !! Fixed "can't find grell_ssl.crt" error message in the rpm version.
730
731
732 0.5.0 20010611
733
734 + Full-duplex HTTPS man-in-the-middle support
735 + Support for HTTPS through a proxy
736 + SSH sniffing even from command line
737 + Enable/Disable dissectors via conf file
738 + Public ARP in simple mode
739 + Smart Public arp (all but the target)
740 + Dump of the pass to a file from interactive mode
741 + Packet Factory enhancement (now the payload can be loaded from a file)
742 + The newest config.guess and config.sub are now included
743 + Updated the OS fingerprint database (2001/06/04 09:40:50 fyodor)
744 + NEW password collector for: HTTPS, PROXYHTTPS
745 + ENHANCEMENT in the password collector for: SMB, HTTP, MySQL
746 + FIXED password collector for: IRC
747 + DOCUMENTATION translated in : French, Italian
748 ! Fixed many many bug... but some still persist... ;)
749
750
751 0.4.3 20010511
752
753 + Added a Protocol State Machine for dissectors
754 + Added the rule "Log" to the filtering form
755 + Packet Factory (create and send packets on the fly)
756 + Configuration file
757 + Code cleanup !!
758 + Plugins can be launched from connection list
759 + NEW plugin : banshee
760 + ENHANCEMENT in the password collector for: SOCKS 5, IMAP, VNC, SMB, MySQL
761 + FIXED password collector for: SOCKS 5
762
763
764 0.4.2 20010429
765
766 + You can specify the IP "ANY"
767 + Logging all data to specific file(s)
768 + Added the "demonization" feature (--quiet)
769 + Packet filtering/dropping/search/replace
770 + Improved the user/password hunting in datadecode module
771 + Tuning of Doppelganger poison/rearp
772 + NEW plugin : lurker
773 + NEW password collector for: NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC
774 + ENHANCEMENT in the password collector for: POP, SMB, MySQL
775 ! fixed a bug in the fingerprint for *BSD
776 ! fixed the handling of eth aliases
777 ! fixed the activation/deactivation of Active Dissectors
778
779
780 0.4.0 20010409
781
782 + Full duplex SSH man-in-the-middle support !!
783 + new startup mode (--broadping -b).
784 + new sniffing method (PublicARP)
785 + Injector now supports escape sequences
786 + netmask switch added
787 + added support for getopt_long even on *BSD
788 + NEW password collector for : SSH1, SMB, RLOGIN, HTTP, ICQ, MySQL
789 ! fixed the "sendto() 1518 byte" bug
790
791
792 0.3.1 20010323
793
794 ! fixed a nasty bug sniffing/sending big packets
795 ! fixed telnet dissector
796
797
798 0.3.0 20010319
799
800 + Ported on OpenBSD 2.7
801 + UDP support
802 + OS Fingerprint
803 + Network Adapter Fingerprint
804 + Password collector for: FTP, POP, TELNET
805 + Injection interface redesigned
806 + Possibility to check if you are in a switched lan or not.
807 ! various bugfix
808
809
810 0.2.4 20010309
811
812 + Ported on FreeBSD 4.x
813 + Plugin version control
814 + Added -x option for hex mode in command line
815 - Removed -1 and -2 options (better getopt parsing)
816 + Ability to sniff in all direction (no more two hosts limit)
817 + Silent mode (--silent or -z) (no arp storm on start up)
818
819
820 0.2.1 20010223
821
822 + Scrolling window for plugin output
823 + detailed packets view in hex mode (SEQ, ACK and FLAGS)
824 + identification of connections type (FTP, telnet, ecc)
825 + ability to kill a connection from connection list
826 ! sigfault when no plugin found and press return
827
828
829 0.2.0 20010219
830
831 + Plug-In support
832 + Inet module totally rewritten and redesigned.
833 + Downported to 2.0.x Linux Kernels (EXPERIMENTAL)
834 + Added support for glibc 2.0.x 2.1.x 2.2.x
835 + Scroll back in sniffing window (*very* *very* useful !!)
836 ! after injection the connections are cleanly RSTted
837
838
839 0.1.1 20010209
840
841 + detect if there is another man-in-the-middle in the LAN
842 + full telnet injection support
843 ! ettercap defaults to the first up and running iface
844 ! removed possible sigfault making host list
845 ! now works with openwall
846 ! various bugfixing
847
848
849 0.1.0.beta 20010125
850
851 * Initial public release...
852
853 + Easy to use ncurses interface
854 + Command line mode (without ncurses)
855 + IP based sniffing (old style sniffing)
856 + MAC based sniffing (for traffic between hosts and gateways)
857 + ARP based sniffing (with arp poisoning for switched lan)
858 + Characters injection in an established connection