Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Newer
Older
100644 416 lines (339 sloc) 16.167 kb
35f9022 The NG version is coming to life... (complete code rewrite)
alor authored
1
2 Legenda:
3 + new feature
4 - old feature removed
b467e1f offline sniffing does not bind to any NIC
alor authored
5 !! bug fixed
35f9022 The NG version is coming to life... (complete code rewrite)
alor authored
6
7 =========================================
8
35f9ea8 etterlog is almost done and the passive logging got fixed
alor authored
9 NG-0.7.0 ????????
35f9022 The NG version is coming to life... (complete code rewrite)
alor authored
10
f3c4f40 doc updates
alor authored
11 + rewrite from scratch (the code is now cleaner and well commented)
12 + it now requirese libpcap and libnet
22ea719 started the new 'list' widget
alor authored
13 + automake and libtool are now used for the configuration process
705f330 enhancement in etterfilter (libpcre support)
alor authored
14 + etterlog utility for logfiles parsing
15 + etterfilter utility to compile advanced content filters
b467e1f offline sniffing does not bind to any NIC
alor authored
16 + root privs dropped after initialization
c50daeb prepared for the cursed GUI and some fixes
alor authored
17 + big endian arch support (sparc64)
b467e1f offline sniffing does not bind to any NIC
alor authored
18 + layer 3 routing (forwarding packets)
22ea719 started the new 'list' widget
alor authored
19 + new media support for:
20 + wifi
21 + token ring
22 + fddi
23 + ppp
24 + linux cooked interfaces
d10d1e5 new dissectors (nntp, x11), profile handling and various bugfixes
alor authored
25 + unified sniffing (you can use external hijacker)
d81a935 added the ICMP redirect attack
alor authored
26 + new MITM methods:
5677afa fixes
alor authored
27 + advanced ARP poisoning engine (with many-to-many support)
d81a935 added the ICMP redirect attack
alor authored
28 + ICMP redirect
98c75de new mitm attack: dhcp spoofing
alor authored
29 + DCHP spoofing
8e3f1a9 fixes
alor authored
30 + port stealing
b467e1f offline sniffing does not bind to any NIC
alor authored
31 + multiple target selection
b73e9e4 autoupdate feature (client side)
alor authored
32 + pcap filter on capture
33 + regex packet matching
d81a935 added the ICMP redirect attack
alor authored
34 + hook points per packet type (TCP, UDP... )
d10d1e5 new dissectors (nntp, x11), profile handling and various bugfixes
alor authored
35 + quiet mode (don't print packet content)
b467e1f offline sniffing does not bind to any NIC
alor authored
36 + enhanced passive open port discoverer
37 + randomized ARP scan
d10d1e5 new dissectors (nntp, x11), profile handling and various bugfixes
alor authored
38 + cached dns resolution (increase speed and stealth)
5b085c9 new packet_create interface (no need to alloc the packet every time)
alor authored
39 + enhanced statistics on ettercap performances
d0dc5f8 packet visualization for console UI and various bug fix
alor authored
40 + extended headers for every packet
c787db1 fixed host resolv in ec_log
alor authored
41 + passive DNS answer caching
403c560 added global conf (etter.conf) support
alor authored
42 + global conf file always loaded to tweak internal variables
d3582de dissectors can be configured via etter.conf
alor authored
43 + etter.conf supports dissectors on multiple ports
d10d1e5 new dissectors (nntp, x11), profile handling and various bugfixes
alor authored
44 + possibility to sniff on loopback
b73e9e4 autoupdate feature (client side)
alor authored
45 + autoupdate from website for passive databases
d0bed80 connbuf functions added
alor authored
46 + non root users can use ettercap to read from files
a4ce769 sync with local CVS (too many things to list)
alor authored
47 + unoffensive mode (doesn't forward packets)
0e8a93e logging option for user messages
alor authored
48 + user messages can be logged
5ad5120 new telnet dissector
alor authored
49 + dissector enhancements in:
f984d1c pop AUTH PLAIN support
alor authored
50 + POP (APOP and AUTH LOGIN/PLAIN support)
5ad5120 new telnet dissector
alor authored
51 + X11 (banner discovery)
52 + TELNET (collect even failed attempts)
e49dab7 irc and snmp dissectors + various dissector fixes
alor authored
53 + SNMP fixes
c239cb0 filter_op encoding
alor authored
54 + MySQL fixes
3d7aa9f new dissectors: RCON and NAPSTER
alor authored
55 + HalfLife and Quake3 were unified
30043db little update
lordnaga authored
56 + SMB
57 + SSH
4580a5a possibility to load a plugin at runtime (from curses gui)
alor authored
58 + HTTP has gained performance overhaul
30043db little update
lordnaga authored
59 + ...many others
dfacfb6 etterfilter update
alor authored
60 + new dissectors:
0d20ffd added the smtp dissector
alor authored
61 + SMTP
dfacfb6 etterfilter update
alor authored
62 + CVS
63 + OSPF, VRRP
10cb5b1 unified plugins (standalone and hooking were merged)
alor authored
64 + plugins were unified, no more distinctions between standalone and hooking
a08f033 enhancement in plugins and user interfaces
alor authored
65 + new plugins:
48811f7 fixed the set_forwardable_flag calling
alor authored
66 + finger (SYN+ACK fingerprinting on remote hosts)
d939e0d support for mouse events
alor authored
67 + smb_clear, smb_down (attacks against the SMB protocol)
68 + curses interface improvements:
69 + resizable under X11
70 + mouse event are supported
4580a5a possibility to load a plugin at runtime (from curses gui)
alor authored
71 + customizable colors
22ea719 started the new 'list' widget
alor authored
72 + A lot of new bugs to be discovered ;)
b467e1f offline sniffing does not bind to any NIC
alor authored
73 !! offline sniffing actually does not bind to any NICs
74
f1b7fdd various fix and improvement after another developer meeting
alor authored
75 +++ too many other improvements to be listed here +++
76
b467e1f offline sniffing does not bind to any NIC
alor authored
77
d939e0d support for mouse events
alor authored
78 0.6.b 20030710
79
80 + Plugins now works with GTK+ interface
81 + Updated the passive OS fingerprint database (1279 records)
82 !! Fixed internal refreshing (for huge traffic loads)
83 !! Fixed wifi-dump support
84 !! Fixed doppleganger re-arp
85 !! Fixed a problem with signed char under mac G3
86 !! Fixed some possible buffer overflows
87
88
b467e1f offline sniffing does not bind to any NIC
alor authored
89 0.6.a 20030505
90
91 + Buffered Data Connections (only for ncurses)
92 + New Sniffing method (Port Stealing)
93 + Updated the passive OS fingerprint database (1189 records)
94 + enhanced smb dissector
95 + enhanced troll plugin against request caching
96 + NEW PLUGIN: Confusion,Hunter, SMB suite
97 + partial wifi-dump support (experimental)
98 !! Fixed demonization problem
99 !! Fixed StateMachine problem
100 !! a bouch of bug fix
35f9022 The NG version is coming to life... (complete code rewrite)
alor authored
101
102
103 0.6.9 20030125
104
105 + GTK+ 2.0 interface (experimental) (--enable-devel)
106 + Windows Plugins porting
107 + Updated the passive OS fingerprint database (1093 records)
108 + Dissector Proxy 8080
109 + NTLM auth
110 + Enhanced poisoning method (solaris issue)
111 + NEW PLUGIN: troll, PPTP suite
112 + text and ebcdic view from command line
113 + lc-convert utility (share dir)
114 !! Fixed a LIBS problem under MacOSX (-lpoll)
115 !! Fixed the VNC dissector
116 !! A bouch of bug fix (too many to list here)
117
118
119 0.6.7 20020702
120
121 + Updated the passive OS fingerprint database (853 records)
122 !! Fixed the strlcpy bug in the the telnet dissector (oops alor mistake)
123 !! Fixed a possible sigfault in the rlogin dissector
124 !! Fixed the exit_func for Mac OS X
125
126
127 0.6.6.6 20020603
128
129 + Solaris porting
130 + Sparc architecture support even for all other OSes
131 + Windows 9X porting
132 + Increased the speed of arp storm under windows
133 + Added the ability to bind a port on which ettercap forwards the sniffed trafic
134 + The -H option now supports range ip
135 + NEW PLUGIN: lamia (become root of a switches spanning tree)
136 + Updated the passive OS fingerprint database (825 records)
137 !! Fixed the pthread_join problem under MacOSX
138 !! Fixed the -w options (openssl path related bug)
139 !! Fixed the conflicting options -Y and -a
140 !! Fixed the FindIface function under BSD
141
142
143 0.6.5 20020423
144
145 + Windows (CYGWIN) porting
146 + Dumping to and sniffing from tcpdump file format is now supported
147 + Sniffing from command line now capture UDP+TCP packet by default
148 + Logging engine doesn't log the same user/pass/ip twice
149 + Under *BSD and MacOSX ettercap now uses only one bpf
150 + Added the -J options (onlyposion) to allow multitarget arp sniffing
151 + NEW PLUGIN :
152 - roper (Tries to stop ISAKMP for IPSEC traffic)
153 + NEW password collector for: QUAKE 3, ICQ v7, MSN, YMSG
154 + DISSECTORS enhanced: HTTPS - IMAP - NAPSTER (opennap) - IRC
155 + PLUGIN enhanced:
156 - leech (now it rearps the victim after isolation)
157 + DOCUMENTATION translated in Polish and Dutch
158 !! Better handling of CTRL+C
159 !! Fixed a bug the the dlsym on OpenBSD 3.0 (plugin related)
160 !! Fixed a bug in the handling of debug file
161 !! Fixed the "not scrolling" JOINED visualization
162
163
164 0.6.4 20020212
165
166 + You can sniff traffic from a romote cisco router
167 and make mitm attacks on it using GRE tunnels.
168 + Added some bits for the passive OS fingerprint database.
169 Now even the length of the packet make sense.
170 + The sniffing interface now supports JOINED view
171 + NEW PLUGIN :
172 - thief (dumps all files from HTTP)
173 - zaratan (redirect GRE tunnels)
174 + ICQ dissector now searches for passwords on all ports
175 + Updated the passive OS fingerprint database (675 records)
176 + Changed arg 2 of Plugin_HookPoint for PCK_RECEIVED_RAW
177 !! Under OpenBSD the pflog interface is ingored
178 !! Fixed the DATA_PATH issue in the phantom plugin
179 !! Fixed an unsigned short in state_machine
180 !! Fixed some plugins that don't recognize the 'yes' answer
181 !! Fixed the plugins symbol problem on Mac OS X (strip -x)
182 !! Fixed the possibility of remote exploitation on interface with MTU > 1500
183
184
185 0.6.3.1 20011213
186
187 !! Fixed the truncation of passwords in some dissectors
188 !! Fixed the -undefined error problem for Mac OS X (darwin 1.4.x / 5.1)
189
190
191 0.6.3 20011212
192
193 + Grell dissector (HTTPS) now handles proxy auth
194 + Grell dissector (HTTPS) now correctly handles SSL & TLS
195 + Better connection status handling
196 + Updated the passive OS fingerprint database (530 records)
197 - Removed the --enable-suid option, so it is clear that ettercap is only for root
198 !! Fixed a bug that implied to send on the net every packet sniffed from it (introduced in ettercap 0.6.2)
199 !! Fixed the ENOBUFS error on BSD
200 !! Fixed a bug for the compilation with --disable-plugins
201 !! Fixed a bug for the compilation on Mac OS X without dlcompat libs
202 !! Fixed the configure script to handle the -bundle_loader option under Mac OS X
203 !! Fixed the command line format bug exploit (`ettercap %x%x%x%x%x`) !!
204 !! Fixed many security threats in the code
205
206
207 0.6.2 20011112
208
209 + Ettercap is now a multi-thread single process.
210 + The connection handling engine was enhanched and speeded up
211 + Now filtered (replaced) data can exceed the MTU
212 + Completely new plugin conception (hooking plugin)
213 + Better handling for unknown passive fingerprints
214 + Possibility to load/save the hosts list from/to a file (-j -k options)
215 - the -k (newcert) options was renamed to -w
216 + Updated the passive OS fingerprint database (501 records)
217 + Updated the active OS fingerprint database (2001/10/14)
218 + New 'TEXT only' view on sniffed data
219 + NEW password collector for: HALF LIFE, NFS, SNMP, LDAP
220 + ENHANCEMENT in the password collector for: MySQL
221 + NEW PLUGIN : dwarf (logs all POP and SMTP activity)
222 !! Fixed a bug when recognizing HUB or SWITCH
223 !! Fixed a bug in the banshee plugin
224 !! Fixed a bug in the filtering engine from command line
225 !! Fixed a sigfault in the HTTP dissector
226 !! Plugins are now installed in {prefix}/lib/ettercap, not in share/ettercap
227 !! ettercap is now installed in the more appropriate {prefix}/sbin/
228 !! now the configure script doesn't require root privledges to run
229 !! configure now handles correctly the --datadir=DIR and --libdir=DIR directive.
230
231
232 0.6.0 20010917
233
234 + Passive scanning of the LAN
235 + Plugins ported to Mac OS X (darwin)
236 + Doppleganger now uses the new REQUEST ARP POISON (see readme)
237 + Grell (HTTPS) now supports virtual hosts
238 + The Logging engine for the simple mode was rewritten from scratch
239 + Now MAC sniffing can have only one parameter
240 + Updated the active OS fingerprint database
241 + Updated the MAC fingerprint database
242 + NEW PLUGIN : beholder and basilisk
243 + PLUGIN enhanced: imp and triton
244 !! configure script tuned up. now it compiles missing libs only if needed
245 !! Fixed a bug preventing SSL sniffing
246 !! Fixed a problem in illithid related to the smart arp sniffing
247 !! Fixed a compilation problem for FreeBSD 4.0 (getifaddrs related)
248 !! Fixed a compilation problem for MacOsX (termios related)
249 !! Fixed a ioctl() problem in phantom plugin on *BSD and MacOsX
250
251 0.5.4 20010726
252
253 + Porting for Mac Os X (darwin 1.3.x)
254 + Reverse IP matching (-R option)
255 + Spoofing of the source ip on start up
256 + Customizable delay between arp request on startup
257 + Added the Inet_CloseRawSock API (for debugging purpose)
258 + Better handling of SIGSEGV and SIGBUS (for debugging purpose)
259 + Updated the OS fingerprint database
260 + ENHANCEMENT in the password collector for: IRC
261 + PLUGIN enhanced: triton
262 + NEW PLUGIN : arpcop, phantom, imp
263 !! Fixed the "make_label" compilation problem
264 !! Fixed a sigfault on OS fingerprinting
265 !! Fixed ip_forwarding restoring bug
266 !! Fixed some ncurses visualization errors
267
268 0.5.2 20010707
269
270 + Plugins ported to OpenBSD
271 + Porting for NetBSD 1.5
272 + Added FreeBSD 4 support for source MAC address spoofing
273 + Illithid (the sniffer engine) totally rewritten and tuned up
274 + Doppleganger (the arp poisoner) totally rewritten and tuned up
275 + New programmable filtering engine (see README for details)
276 + Filter can be used in command line mode (-F option)
277 + Possibility to scan only chosen IPs (-H option)
278 + Possibility to select the delay between arp replies (-D option)
279 + Checking for the latest ettercap version (-v option)
280 + More accurate and faster start up host scanning
281 + Connection killing method enhanced
282 + New and more detailed man pages
283 + ENHANCEMENT in the password collector for: HTTP (<form> parsing)
284 + NEW PLUGIN : spectre, triton
285 !! Fixed the interface shutdown bug... yeah !
286 !! Fixed "can't find grell_ssl.crt" error message in the rpm version.
287
288
289 0.5.0 20010611
290
291 + Full-duplex HTTPS man-in-the-middle support
292 + Support for HTTPS through a proxy
293 + SSH sniffing even from command line
294 + Enable/Disable dissectors via conf file
295 + Public ARP in simple mode
296 + Smart Public arp (all but the target)
297 + Dump of the pass to a file from interactive mode
298 + Packet Factory enhancement (now the payload can be loaded from a file)
299 + The newest config.guess and config.sub are now included
300 + Updated the OS fingerprint database (2001/06/04 09:40:50 fyodor)
301 + NEW password collector for: HTTPS, PROXYHTTPS
302 + ENHANCEMENT in the password collector for: SMB, HTTP, MySQL
303 + FIXED password collecor for: IRC
304 + DOCUMENTATION translated in : French, Italian
305 ! Fixed many many bug... but some still persist... ;)
306
307
308 0.4.3 20010511
309
310 + Added a Protocol State Machine for dissectors
311 + Added the rule "Log" to the filtering form
312 + Packet Factory (create and send packets on the fly)
313 + Configuration file
314 + Code cleanup !!
315 + Plugins can be launched from connection list
316 + NEW plugin : banshee
317 + ENHANCEMENT in the password collector for: SOCKS 5, IMAP, VNC, SMB, MySQL
318 + FIXED password collecor for: SOCKS 5
319
320
321 0.4.2 20010429
322
323 + You can specify the IP "ANY"
324 + Logging all data to specific file(s)
325 + Added the "demonization" feature (--quiet)
326 + Packet filtering/dropping/search/replace
327 + Improved the user/password hunting in datadecode module
328 + Tuning of Doppelganger poison/rearp
329 + NEW plugin : lurker
330 + NEW password collector for: NNTP, X11, NAPSTER, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC
331 + ENHANCEMENT in the password collector for: POP, SMB, MySQL
332 ! fixed a bug in the fingerprint for *BSD
333 ! fixed the handling of eth aliases
334 ! fixed the activation/deactivation of Active Dissectors
335
336
337 0.4.0 20010409
338
339 + Full duplex SSH man-in-the-middle support !!
340 + new startup mode (--broadping -b).
341 + new sniffig metod (PublicARP)
342 + Injector now supports escape sequences
343 + netmask switch added
344 + added support for getopt_long even on *BSD
345 + NEW password collector for : SSH1, SMB, RLOGIN, HTTP, ICQ, MySQL
346 ! fixed the "sendto() 1518 byte" bug
347
348
349 0.3.1 20010323
350
351 ! fixed a nasty bug sniffing/sending big packets
352 ! fixed telnet dissector
353
354
355 0.3.0 20010319
356
357 + Ported on OpenBSD 2.7
358 + UDP support
359 + OS Fingerprint
360 + Network Adapter Fingerprint
361 + Password collector for: FTP, POP, TELNET
362 + Injection interface redesigned
363 + Possibility to check if you are in a switched lan or not.
364 ! various bugfix
365
366
367 0.2.4 20010309
368
369 + Ported on FreeBSD 4.x
370 + Plugin version control
371 + Added -x option for hex mode in command line
372 - Removed -1 and -2 options (better getopt parsing)
373 + Ability to sniff in all direction (no more two hosts limit)
374 + Silent mode (--silent or -z) (no arp storm on start up)
375
376
377 0.2.1 20010223
378
379 + Scrolling window for plugin output
380 + detailed packets view in hex mode (SEQ, ACK and FLAGS)
381 + identification of connections type (FTP, telnet, ecc)
382 + ability to kill a connection from connection list
383 ! sigfault when no plugin found and press return
384
385
386 0.2.0 20010219
387
388 + Plug-In support
389 + Inet module totally rewritten and redesigned.
390 + Downported to 2.0.x Linux Kernels (EXPERIMENTAL)
391 + Added support for glibc 2.0.x 2.1.x 2.2.x
392 + Scroll back in sniffing window (*very* *very* usefull !!)
393 ! after injection the connections are cleanly RSTted
394
395
396 0.1.1 20010209
397
398 + detect if there is another man-in-the-middle in the LAN
399 + full telnet injection support
400 ! ettercap defaults to the first up and running iface
401 ! removed possible sigfault making host list
402 ! now works with openwall
403 ! various bugfixing
404
405
406 0.1.0.beta 20010125
407
408 * Initial public release...
409
410 + Easy to use ncurses interface
411 + Command line mode (without ncurses)
412 + IP based sniffing (old style sniffing)
413 + MAC based sniffing (for traffic between hosts and gateways)
414 + ARP based sniffing (with arp poisoning for switched lan)
415 + Characters injection in an established connection
Something went wrong with that request. Please try again.