-
Notifications
You must be signed in to change notification settings - Fork 83
/
CHANGES
257 lines (130 loc) · 6.31 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
$Id: CHANGES,v 1.56 2001/03/19 06:53:47 dugsong Exp $
- Add support for ICMP frag-needed to tcpnice.
- New sshow program:
http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt
- Add support for HTTP absolute URIs to webmitm and urlsnarf.
- Add support for non-transparent proxying to webmitm, as requested
by Juergen Schmidt <[email protected]>.
- Fix TDS decode for MSSQL 7.x, from Paul van Maaren
- Kludge around stupid Redhat Linux 6, 7 build env inconsistencies.
- Fix dumb endianness bug in dnsspoof.
v2.3 Sun Dec 17 11:35:38 EST 2000
- Add VRRP parsing to dsniff, from Eric Jackson <[email protected]>.
- Require pcap filter argument for tcpkill, tcpnice.
- Add Microsoft PPTP MS-CHAP (v1, v2) parsing to dsniff, based on
anger.c by Aleph One <[email protected]>.
- Fix pcAnywhere 7, 9.x parsing in dsniff.
- Add -t trigger[,...] flag to dsniff, to specify individual triggers
on the command line.
- Convert most everything to use new buf interface.
- New programs: dnsspoof, msgsnarf, sshmitm, webmitm.
- Fix inverted regex matching in *snarf programs.
- Consistent arpspoof, macof, tcpnice, tcpkill output.
- Rename arpredirect to arpspoof (maintain consistent *sniff, *snarf,
*spoof, *spy nomenclature).
- Consistent pcap filter argument to dsniff, *snarf programs.
- Add trigger for Checkpoint Firewall-1 Session Authentication Agent
(261/tcp), as suggested by Joe Segreti <[email protected]>.
- Add SMTP parsing to dsniff, as requested by Denis Ducamp
- Add rexec and RPC ypserv parsing to dsniff, as requested by
Oliver Friedrichs <[email protected]>.
- Add HTTP proxy auth parsing back to dsniff, it got lost in the
shuffle. Reported by Denis Ducamp <[email protected]>.
- Add NNTPv2 and other AUTHINFO extensions to dsniff.
v2.2 Wed Jun 14 00:58:37 EDT 2000
- Rewrite HTTP decoding in dsniff, adding support for QUERY_STRING and
x-www-form-urlencoded parsing (various CGI authentication schemes).
- Alpha support (libnids and libnet still need to be fixed).
- Fix arp discovery in arpredirect on Linux.
- Add -m flag to enable automatic protocol detection in dsniff,
based on the classic file(1) command by Ian Darwin.
- Add TDS (Sybase, Microsoft SQL Server) parsing to dsniff.
- Clean up RPC decodes, TCP half-duplex reassembly in dsniff.
- New filesnarf program.
- Add regular expression matching to mailsnarf.
- Add POP support to mailsnarf.
v2.1 Thu May 18 16:18:35 EDT 2000
- Add -c flag to specify half-duplex TCP stream reassembly in dsniff
(better support for sniffing off switched ports using arpredirect).
- Fix > 24 char Meeting Maker passwd parsing in dsniff.
- Fix OSPF parsing in dsniff (don't truncate first two chars),
as reported by Felix Contreras <[email protected]>.
- Fix webspy URL ignoring, as reported by Interrupt <[email protected]>.
v2.0 Tue May 16 13:11:22 EDT 2000
- Major dsniff rewrite, since ppl are actually reading this code. :-)
- Add configurable decode triggers to dsniff.
- Add dsniff debugging functions, split out decode routines.
- Add yppasswd parsing to dsniff.
- Rewrite dsniff RPC framework, portmap and NFS mountd decodes.
- Make dsniff savefile format portable.
- Remove findgw - to be subsumed by dsquat package.
- Add PostgreSQL parsing to dsniff.
- Add Meeting Maker parsing to dsniff.
- Add poppass parsing to dsniff.
- Add RIP, OSPF parsing to dsniff.
- Fix RSET handling in mailsnarf (from Martin Fredriksson <[email protected]>).
v1.8 Sun Apr 9 23:59:46 EDT 2000
- Add SOCKS parsing to dsniff.
- Add pcAnywhere parsing to dsniff.
- Fix SMB parsing in dsniff.
- Add IRC parsing to dsniff.
- Add NAI Sniffer parsing to dsniff (from Anonymous).
v1.7 Mon Mar 27 16:19:32 EST 2000
- Add -s flag to specify snaplen to dsniff.
- Support systems without <libgen.h> or dirname().
- Add Microsoft SMB parsing to dsniff.
- Add Citrix ICA parsing to dsniff.
- Add LDAP parsing to dsniff.
- Fix Berkeley mbox format again (\n, not \r\n).
- Fix null URI dereference in urlsnarf.
- Add Oracle SQL*Net (v2, Net8) parsing to dsniff.
- Catch data left on connection close in mailsnarf, urlsnarf, webspy.
v1.6 Sun Mar 12 16:25:09 EST 2000
- Support non-glibc Linux systems missing ether_ntoa().
- Unique HTTP auth info by URI dirname in dsniff.
- Add Napster parsing to dsniff.
- Don't rely on /etc/services for dsniff.
- Add AIM, ICQ (v2, v5) parsing to dsniff.
- Add CVS pserver parsing to dsniff.
- Skip IMAP command tag in dsniff.
v1.5 Tue Feb 15 23:22:25 EST 2000
- Fix HTTP proxy support in urlsnarf (from <[email protected]>).
- Fix HTTP proxy support in dsniff (from <[email protected]>).
- Proper manpages for all programs.
- Strip binary nulls in telnet input, in dsniff (doh!).
v1.4 Thu Jan 27 12:08:41 EST 2000
- Add verbose flag (-v) to tcpkill, tcpnice.
- Add NNTP parsing to dsniff (from Felix von Leitner <[email protected]>).
- Fix mailsniff mbox formatting of ^From in message body.
- Add HTTP proxy support in dsniff, urlsnarf, webspy.
- Fix getopt() usage to be POSIX compliant (s/EOF/-1/).
- New tcpnice program.
v1.3 Fri Jan 21 02:47:37 EST 2000
- Ported to Solaris (along with libnids :-)
- Add Berkeley db(3) output file format to dsniff, as well as
restricting logging to unique auth info.
- New tcpkill program.
- New lame dsniff(8) manpage.
- Add DNS lookups (and -n flag to disable) in dsniff, urlsnarf.
- Add HTTP Basic Authentication, Referer, User-Agent logging to urlsnarf.
- Improve RPC message parsing in dsniff.
- Improve SMTP parsing in mailsnarf.
- Improve HTTP 1.x parsing in dsniff, urlsnarf, webspy.
- Fix IMAP, Rlogin, Telnet option parsing in dsniff (broke them in 1.2).
- Add X11 MIT-MAGIC-COOKIE parsing to dsniff.
- Don't forget to decode POP SASL username in dsniff (doh!).
v1.2 Sat Jan 8 22:36:42 EST 2000
- Ported to FreeBSD (but not tested!).
- Add GNU autoconf support.
- Add NFS mount parsing / RPC framework to dsniff.
- Add -i flag to specify interface to use with dsniff, mailsnarf,
urlsnarf, and webspy.
v1.1 Tue Dec 21 10:31:42 EST 1999 (re-released)
- Make macof loop repeatedly if missing -n argument.
- Remove dependencies on unreleased version of libnids.
- Make arpredirect restore original ARP mapping on exit.
- Ported to Linux & Solaris (but not tested!).
v1.0 Fri Dec 17 02:42:42 EST 1999
- First public release.