--
A new, enhanced poisoining method (against Solaris) has been
introduced and many new plugins for PPTP tunnel breaking have
been added.
Updated the passive OS fingerprint database.
Several bugs fixed.
Changelog: http://ettercap.sourceforge.net/index.php?s=history
brad@ ok
is to specifically get signed char although most of those look wrong
and the code should be rewritten majorly. maintainer gave me the
blessing for this not long ago; more issues remain
Now works on ELF archs thanks to additional patch from brad@
From CHANGES:
+ Ability to bind a port on which ettercap forwards the sniffed traffic
+ The -H option now supports range ip
+ NEW PLUGIN: lamia (become root of a switches spanning tree)
+ Updated the passive OS fingerprint database (825 records)
!! Fixed the -w options (openssl path related bug)
!! Fixed the conflicting options -Y and -a
!! Fixed the FindIface function under BSD
+ added configure patch for curses check
* This update looks much cleaner on OpenBSD now! *
0.6.5 20020423
+ Windows (CYGWIN) porting
+ Dumping to and sniffing from tcpdump file format is now supported
+ Sniffing from command line now capture UDP+TCP packet by default
+ Logging engine doesn't log the same user/pass/ip twice
+ Under *BSD and MacOSX ettercap now uses only one bpf
+ Added the -J options (onlyposion) to allow multitarget arp sniffing
+ NEW PLUGIN :
- roper (Tries to stop ISAKMP for IPSEC traffic)
+ NEW password collector for: QUAKE 3, ICQ v7, MSN, YMSG
+ DISSECTORS enhanced: HTTPS - IMAP - NAPSTER (opennap) - IRC
+ PLUGIN enhanced:
- leech (now it rearps the victim after isolation)
+ DOCUMENTATION translated in Polish and Dutch
!! Better handling of CTRL+C
!! Fixed a bug the the dlsym on OpenBSD 3.0 (plugin related)
!! Fixed a bug in the handling of debug file
!! Fixed the "not scrolling" JOINED visualization
0.6.4 20020212
+ You can sniff remote traffic from a romote cisco router
and make mitm attacks on it using GRE tunnels.
+ Added some bits for the passive OS fingerprint database.
Now even the length of the packet make sense.
+ The sniffing interface now support JOINED view
+ NEW PLUGIN :
- thief (dumps all files from HTTP)
- zaratan (redirect GRE tunnels)
+ ICQ dissector now search for passwords on all ports
+ Updated the passive OS fingerprint database (675 records)
+ Changed the arg 2 of Plugin_HookPoint for PCK_RECEIVED_RAW
!! Under OpenBSD the pflog interface is ingored
!! Fixed the DATA_PATH issue in the phantom plugin
!! Fixed an unsigned short in state_machine
!! Fixed some plugins that don't recognize the 'yes' answer
!! Fixed the plugins symbol problem on Mac OS X (strip -x)
!! Fixed the possibility of remote exploitation on interface with MTU > 1500
+ now with OpenBSD "plug-in" support
eg.
banshee v 1.1 -- They kill without discretion...
dummy v 1.0 -- Dummy plugin. It does nothing !
leech v 1.6 -- Isolate a host from the LAN
lurker v 1.3 -- Try to search for other ettercap
ooze v 1.4 -- Ping a host.
shadow v 1.8 -- A very simple SYN/TCP port scanner
spectre v 1.1 -- Flood a switched LAN with random MAC addresses
triton v 1.3 -- Try to discover the LAN's gateway
Changes:
Added a Protocol State Machine for dissectors, the ability to
specify the rule "Log" to the filtering form, a Packet Factory to create
and send packets on the fly, support for multiple config files, code
cleanups, added the ability to launch plugins from connection list, a new
plugin named banshee, and enhancements in the protocol dissector for
SOCKS 5, IMAP, VNC, SMB, and MySQL.
