[go: up one dir, main page]

Skip to content

Releases: secdev/scapy

v2.6.1

05 Nov 08:52
v2.6.1
8e08cbf
Compare
Choose a tag to compare

This update contains fixes for various small bugs introduced in v2.6.0:

  • On linux machines with IPv6 disabled, Scapy would crash on startup (#4541)
  • The scapy.1 manpage was no longer installed (#4549)
  • Upon the first startup, there could be a crash related to the creation of Scapy's XDG-* related folders. (#4558)
  • other small bugs that could lead to issues during packaging. Thanks to the downstream package maintainers for their help.

Please have a look at the full v2.6.0 changelog over here.

v2.6.0

28 Sep 13:42
f7a6411
Compare
Choose a tag to compare

Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing. This has no impact on the other plateforme that we support, such as Windows.

Changelog

General

  • [removal] DROP SUPPORT OF PYTHON 2.7

  • Python 3.11-3.13 support. The full range of supported Python versions is therefore 3.7-3.13
  • Improve packaging (pyproject.toml) and version handling. Scapy will now include wheels on pypi.
  • We welcome Nils Weiss (polybassa) as a new maintainer !

Main changes

  • [major] support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3: sr(IP(dst="224.0.0.1%eth0")/..., multi=True)
  • [major] using the iface= argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used.
  • [major] the internals that read the routes and interfaces configuration have been rewritten on Linux and BSD:
    • on linux, to use RTNETLINK. (this should help on machines that have huge BPG tables)
    • on *BSDs, to use PF_ROUTE.
    • on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
  • [new] Windows protocols:
    • DCE/RPC: DCERPC_Client and DCERPC_Server with support for NCACN_IP_TCP and NCACN_NP
    • SMB2/3:
      • Protocol refactor, many more SMB2/3 structures supported
      • Server (class + 'simple' util smbserver()) (2.0.2 to 3.1.1)
      • Client (class + interactive CLI smbclient()) (2.0.2 to 3.1.1)
      • SMB socket, RPC over SMB socket, etc.
    • Kerberos:
      • KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more !
      • Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc.
      • Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
      • Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
    • NTLM:
      • refactor, clean SSP
    • Extensive GSSAPI / SPNEGO support !
    • LDAP
      • Fixes, ASN.1 Windows variation support
      • dclocator, answering machine for "LDAP PING", etc.
      • add a (very) basic LDAP_client (support for various binding mechanisms, encryption, etc.)
  • [dep] Support for recent cryptography (42/43.0) versions
  • [new] CLI improvements
    • [breaking] Scapy CLI configuration now available in ~/.config/scapy/startup.py. This follows XDG variables. (Older ~/.scapy_startup.py is now non functional)
    • Support for bpython, ptpython and ptipython
  • [new] Wireshark extcap interfaces support (load_extcap())
  • Automaton:
    • fixes memory usage on Windows
    • support for EOF events
    • spawn() mode, better socket.socket support
  • [breaking] StreamSocket changes, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used with StreamSocket. Custom sessions are marked as unstable.
  • Use L3RawSocket(6) automatically on the loopback interface on linux
  • L3pcapSocket (the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing
  • the sr* class of functions now properly supports sending on multiple interfaces (Windows & Linux)
  • performance issues with the sr* class of functions have also been fixed
  • manufdb (from wireshark) is now bundled and cached in ~/.cache/scapy, as it is no longer shipped as a standalone file in Wireshark.
  • Improve builtin answering machines (dnsd, llmnrd, nbnsd, dhcpd...). Add mdnsd for mDNS support
  • Fix performance issues with nested *ListFields
  • [new] conf.nameservers contains the DNS servers. Also adds dns_resolve()
  • [new] SSHv2 layer
  • [breaking] Rework Session objects
  • Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
  • [breaking] change sendpfast loop argument to be consistent with sendp
  • automaton: improve graph() to include implicit links
  • HTTP:
    • [new] add HTTP_Client and HTTP_Server which support the same SSPs as Windows
    • rework http_client
    • various fixes to reassembly when using TCPSession
  • TLS:
    • support for TLS 1.3 post handshake
    • support for EdDSA signatures / keys (ed25519/ed448)
    • various fixes (ffdhe generation, middlebox compat)
    • support choosing of curve, signature algorithms, etc.
  • More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
  • Bluetooth, 802.11: new payloads supported
  • IPSEC: AES-NULL-GMAC support
  • [breaking] Merge EAPOL contrib into EAP
  • fix latex theme
  • IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
  • Minor fixes in Netflow, NTP, SCTP, TACACS
  • [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
  • [removal] Remove ubberlogger.
  • cache get_if_hwaddr for performance
  • fix arping without IP
  • [new] tcpros layer (ROS 1.1)
  • many more fixes

v2.5.0

25 Dec 10:20
9473f77
Compare
Choose a tag to compare

Changelog

Scapy v2.5.0 is the last version to support Python 2.7

Main Changes

  • Type hinting of Scapy core: Scapy now provides type hintings for all of its core
  • Python 3.9 and 3.10 support
  • macOS 10.15 support
  • update built-in dependencies (six) + and our cryptography imports that created warnings
  • fix sniffing performance issues with 2.4.4+ on Windows
  • greatly improve BPF (macOS) support (timestamps...)
  • enhanced loopback interface support on Linux, *BSD, and Windows
  • SPDX License identifiers added
  • several major CLI improvements, especially in autocompletion: you can now auto-complete the names for all Scapy fields, automatons, answering machines thanks to signature injection (and patches in IPython/bpython)

Core

  • improved support of BPF
  • support pcapng writing, comments, TLS secrets decryption block
  • Re-work how sent_time is shared across packets iterators
  • support new LINUX_SLL2 packet type (new tcpdump versions)
  • pipes: performances issues fixed
  • tools: fixes to hexdiff, lhex...
  • [breaking] FlagsField in dict mode now uses values instead of offsets

Layers

  • new layers related to Windows: DCERPC/NTLM/KERBEROS/GSSAPI/SPNEGO/(C)LDAP.
  • new contrib layers: ESMC/RTPS/RTPC/metawatch
  • rework Netbios/SMB1/SMB2, basic SMB clients & server, ntlm relay
  • several fixes to the TLS implementation
  • major zigbee/6lowpan improvements
  • bug fixes in TLS: properly support FFDH, fix the TLS 1.3 notebooks... among other things
  • p0f module update
  • IPsec: fixes, x25519 support...
  • various updates to the ASN.1 engine
  • IKEv2: fixes, UDP encapsulation
  • STUN support
  • Postgres line protocol 3.0 support
  • EDNS0 client subnet support
  • ESMC protocol added
  • support TCP-MD5 and TCP-AO options
  • ERF Ethernet Support
  • many fixes: modbus, 802.11, BTLE, SCTP, DNS, LLDP, Kerberos, RTPS, DHCP, MQTT, BGP, L2TP...

Automotive

  • ISOTPSoftSocket: Bug fixes and performance improvements
  • Documentation and API-Doc improvements
  • Unit-Test speedups for Scanners
  • IPv6 support for DoIP
  • Bugfixes for DoIP
  • Unit-Test cleanups
  • UDS-, GMLAN- and OBD-Scanner refactoring
  • CANFD support

Misc

  • new sanity rules prevent fields from having the same name in all packets
    • Currently displays a warning but will become a SyntaxError in the future!
  • archives of the Scapy repo should now have more consistent hashes

v2.4.5

19 Apr 19:10
Compare
Choose a tag to compare

Main Changes

Changelog

Core

  • 354 commits to master since v2.4.4, from 73 contributors
  • Python 3.9 support
  • New interfaces system. conf.iface is now an object (retro-compatible as a string) which contains additional information about the interface and allows for an automatic selection of the socket type. conf.ifaces now lists all available interfaces.
  • Fix *BSD support. Improve filters handling on Linux and libpcap
  • Automaton: support for STOP event - allows to cleanly end an Automata. Implemented in all Scapy's automatons
  • [Deprecated] Naming different fields with the same name will now raise a deprecation warning. This behavior has never properly worked and should never be necessary
  • Enhance Net and Net6
  • Improvements to scapy's logging, colored output and to UTscapy
  • Fix edge-cases with ConditionalField and MultipleTypeField to make them more resilient
  • [Doc] Enhancements: improved MultipleTypeField handling, add view source.
  • [Internal] Move the test suite to GitHub Actions
  • [Internal] Unit test housekeeping
  • [Internal] Begin type hinting

Layers

  • 6LoWPAN refactor
  • TLS improvements (TLS 1.3 server downgrade, TLS 1.2 EXT MS...)
  • HTTP improvements (http_request, support for zstd...)
  • Refactor TunTap support
  • Cleanup MACsec
  • Many small bug fixes or improvements to layers (SMB2, BFD, DNS, Zigbee, EAP, HomeplugGP, DHCPv6, 802.11...)

Automotive

  • Renaming of ENET to HSFZ
  • Added XCP layer
  • Added DoIP layer
  • [Internal] Cleanup of interface preparation code in unit tests
  • Renaming of ECU to Ecu
  • Refactoring of EcuState class to be more versatile
  • [Internal] Started with typing
  • [Internal] Multiple minor cleanups
  • Minor updates to the documentation

v2.4.4

02 Sep 18:21
95ba5b8
Compare
Choose a tag to compare

Main Changes

Core

  • 784 commits to master since this v2.4.3
  • fix how timestamps are measured on layer 3 (broken since 2.4.1)
  • drop DNET support (deprecated since 2.4.0)
  • Scapy will now use libpcap instead of tcpdump to compile the filters (tcpdump is still used to filter pcaps)
  • major changes to the online doc: add an automatically generated API reference with visual representation of each layer, move to Sphinx 3.0.0, new layer-specific doc...
  • *BSD fixes
  • more doc to many functions

Layers

  • New layers (homeplug sg, smb2, NSH, RPL, ERSPAN, BFD, ROCE...)
  • TLS: TLS 1.3 support & many fixes
  • 802.11 improvements / WPA3 detection
  • Netflow 9 fixes
  • Major refactor & changes of the Automotive layers
  • HTTP changes
  • DHCPv6 fixes according to revision of the RFC
  • Bluetooth improvements (+BLE)
  • minor fixes to Radius, PPP, GTP, IPsec, CDP, VTP, HTTP/2, ...

v2.4.3

06 Aug 23:46
3047580
Compare
Choose a tag to compare

Main Changes

Core

  • 364 commits since v2.4.2
  • better native support for FreeBSD, NetBSD, OpenBSD
  • Windows: native RAW sockets support, load interfaces/routes using C calls, ...
  • Solaris: fixed support
  • latency improvements
  • sniff() can be used to test BPF fiters on pcap files
  • more unit tests and Python3 compatibility
  • asynchronous sniffing
  • UTScapy vim syntax highlighting
  • drop distutils for setuptools
  • Console / IPython integration improvements

Layers

Major changes

New

  • HTTP (from the deprecated scapy-http module), TLS 1.3, ATA over Ethernet, OVD, IEC 60870-5-104, enip, ...

Improved

  • NetflowV9, ISOTP, Zigbee, RTR, BLE, PPI, DNS, LLDP, ...
  • Bluetooth/BTLE rework
  • PPI / 802.11 improvements

v2.4.2

11 Jan 09:51
bad14cb
Compare
Choose a tag to compare

Main changes

  • Gabriel Potter is officially part of the Scapy maintainers team
  • PEP08 compliance (see #1277)
  • Speed improvements (see #642)

Core

  • 253 merged pull requests since v2.4.0
  • Python 3.7 support
  • Enhanced Windows support
  • unit testing is now 100% tox based

Layers

Major changes

  • Many automotive related layers added (ISO-TP...)

New

  • EtherCat
  • OPCDA
  • SOCKS
  • USBpcap
  • RPKI

Improved

  • MACsec, MQTT, MPLS, DNS, ARP, Dot15d4, Zigbee, Bluetooth4LE, RadioTap ...
  • Enhanced monitor mode support

Other

v2.4.0

27 Mar 09:40
ae348f8
Compare
Choose a tag to compare

Main changes

  • Python3 support
  • 85% code coverage

Core

  • Pcap/PcapNg improvements
  • enhanced Windows support
  • OpenBSD improvements
  • OSX 802.11 monitor mode
  • Krack AP module
  • iPython support
  • automatically tested on Linux, OSX & Windows
  • ...

Layers

Major changes

TLS (including TLS1.3), X.509 ...

New

HTTP/2, EAP-TTLS, TACACS, MQTT ...

Improved

IPv6, SCTP, NTP, PPTP, CDP, BGP, ISIS ...

v2.2.0

26 Jun 20:30
Compare
Choose a tag to compare

Note: all releases tags before 2.4.0 are imported from http://freshmeat.sourceforge.net/projects/scapy
This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.

v2.1.1

26 Jun 20:30
Compare
Choose a tag to compare

This release adds SCTP and VRRP protocols. It fixes some bugs.