Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pin scapy to latest version 2.6.0 #312

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

pyup-bot
Copy link
Collaborator

This PR pins scapy to the latest release 2.6.0.

Changelog

2.6.0

_Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Windows, Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing._

Changelog

General
-  [removal] **DROP SUPPORT OF PYTHON 2.7**
- **Python 3.11-3.13 support**. The full range of supported Python versions is therefore **3.7-3.13**
- Improve packaging (`pyproject.toml`) and version handling. Scapy will now include wheels on pypi.
- We welcome Nils Weiss (polybassa) as a new maintainer !

Main changes
- **[major]** support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3: `sr(IP(dst="224.0.0.1%eth0")/..., multi=True)`
- **[major]** using the `iface=` argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used.
- **[major]** the internals that read the routes and interfaces configuration **have been rewritten** on Linux and BSD:
- on linux, to use **RTNETLINK**. (this should help on machines that have huge BPG tables)
- on *BSDs, to use **PF_ROUTE**.
- on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
- **[new]** Windows protocols:
- DCE/RPC: `DCERPC_Client` and `DCERPC_Server` with support for `NCACN_IP_TCP` and `NCACN_NP`
- SMB2/3:
   - Protocol refactor, many more SMB2/3 structures supported
   - Server (class + 'simple' util `smbserver()`) (2.0.2 to 3.1.1) 
   - Client (class + interactive CLI `smbclient()`) (2.0.2 to 3.1.1)
   - SMB socket, RPC over SMB socket, etc. 
- Kerberos: 
   - KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more ! 
   - Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc. 
   - Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
   - Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
- NTLM: 
   - refactor, clean SSP 
- Extensive GSSAPI / SPNEGO support !
- LDAP 
   - Fixes, ASN.1 Windows variation support
   - dclocator, answering machine for "LDAP PING", etc.
   - add a (very) basic `LDAP_client` (support for various binding mechanisms, encryption, etc.)
- [dep] Support for recent [`cryptography`](https://github.com/pyca/cryptography) (42/43.0) versions
- [new] CLI improvements
- [breaking] Scapy CLI configuration now available in `~/.config/scapy/startup.py`. This follows XDG variables. (Older `~/.scapy_startup.py` is now non functional)
- Support for `bpython`, `ptpython` and `ptipython`
- [new] Wireshark extcap interfaces support (`load_extcap()`)
- Automaton: 
 - fixes memory usage on Windows
 - support for EOF events 
 - spawn() mode, better socket.socket support
- [breaking] `StreamSocket` changes, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used with `StreamSocket`. Custom sessions are marked as unstable.
- Use `L3RawSocket(6)` automatically on the loopback interface on linux
- `L3pcapSocket` (the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing
- the `sr*` class of functions now properly supports sending on multiple interfaces (Windows & Linux)
- performance issues with the `sr*` class of functions have also been fixed
- `manufdb` (from wireshark) is now bundled and cached in `~/.cache/scapy`, as it is no longer shipped as a standalone file in Wireshark.
- Improve builtin answering machines (`dnsd`, `llmnrd`, `nbnsd`, `dhcpd`...). Add `mdnsd` for mDNS support
- Fix performance issues with nested `*ListFields`
- [new] `conf.nameservers` contains the DNS servers. Also adds `dns_resolve()`
- [new] SSHv2 layer
- [breaking] Rework `Session` objects
- Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
- [breaking] change `sendpfast` loop argument to be consistent with `sendp`
- automaton: improve `graph()` to include implicit links
- HTTP:
- [new] add `HTTP_Client` and `HTTP_Server` which support the same SSPs as Windows
- rework `http_client`
- various fixes to reassembly when using TCPSession
- TLS:
- support for TLS 1.3 post handshake
- support for EdDSA signatures / keys (ed25519/ed448)
- various fixes (ffdhe generation, middlebox compat)
- support choosing of curve, signature algorithms, etc.
- More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
- Bluetooth, 802.11: new payloads supported
- IPSEC: AES-NULL-GMAC support
- [breaking] Merge EAPOL contrib into EAP
- fix latex theme
- IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
- Minor fixes in Netflow, NTP, SCTP, TACACS
- [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
- [removal] Remove ubberlogger.
- cache `get_if_hwaddr` for performance
- fix `arping` without IP
- [new] tcpros layer (ROS 1.1)
- **many** more fixes

2.5.0

Changelog

Scapy v2.5.0 is the last version to support Python 2.7

Main Changes

- **Type hinting of Scapy core**: Scapy now provides type hintings for [all of its core](https://github.com/secdev/scapy/issues/2158)
- **Python 3.9 and 3.10 support**
- macOS 10.15 support
- update built-in dependencies (six) + and our cryptography imports that created warnings
- fix sniffing performance issues with 2.4.4+ on Windows
- greatly improve BPF (macOS) support (timestamps...)
- enhanced loopback interface support on Linux, *BSD, and Windows
- SPDX License identifiers added
- several **major CLI improvements**, especially in **autocompletion**: you can now auto-complete the names for all Scapy fields, automatons, answering machines thanks to signature injection (and patches in IPython/bpython)

Core

- improved support of BPF
- support **pcapng writing**, comments, TLS secrets decryption block
- Re-work how `sent_time` is shared across packets iterators
- support new LINUX_SLL2 packet type (new tcpdump versions)
- pipes: performances issues fixed
- tools: fixes to hexdiff, lhex...
- **[breaking]** `FlagsField` in dict mode now uses values instead of offsets

Layers

- new layers related to Windows: DCERPC/NTLM/KERBEROS/GSSAPI/SPNEGO/(C)LDAP.
- new contrib layers: ESMC/RTPS/RTPC/metawatch
- rework Netbios/SMB1/SMB2, basic SMB clients & server, ntlm relay
- several fixes to the TLS implementation
- major zigbee/6lowpan improvements
- bug fixes in TLS: properly support FFDH, fix the TLS 1.3 notebooks... among other things
- p0f module update
- IPsec: fixes, x25519 support...
- various updates to the ASN.1 engine
- IKEv2: fixes, UDP encapsulation
- STUN support
- Postgres line protocol 3.0 support
- EDNS0 client subnet support
- ESMC protocol added
- support TCP-MD5 and TCP-AO options
- ERF Ethernet Support
- many fixes: modbus, 802.11, BTLE, SCTP, DNS, LLDP, Kerberos, RTPS, DHCP, MQTT, BGP, L2TP...

Automotive

- ISOTPSoftSocket: Bug fixes and performance improvements
- Documentation and API-Doc improvements
- Unit-Test speedups for Scanners
- IPv6 support for DoIP
- Bugfixes for DoIP
- Unit-Test cleanups
- UDS-, GMLAN- and OBD-Scanner refactoring
- CANFD support

Misc

- new sanity rules prevent fields from having the same name in all packets
- Currently displays a warning but will become a SyntaxError in the future!
- archives of the Scapy repo should now have more consistent hashes

2.4.5

Main Changes

Changelog

Core

- [354 commits to master](https://github.com/secdev/scapy/compare/v2.4.4...v2.4.5) since v2.4.4, from 73 contributors
- **Python 3.9 support**
- New interfaces system. `conf.iface` is now an object (retro-compatible as a string) which contains additional information about the interface and allows for an automatic selection of the socket type. `conf.ifaces` now lists all available interfaces.
- Fix *BSD support. Improve filters handling on Linux and `libpcap`
- Automaton: support for `STOP` event - allows to cleanly end an Automata. Implemented in all Scapy's automatons
- [Deprecated] Naming different fields with the same name will now raise a deprecation warning. This behavior has never properly worked and should never be necessary
- Enhance `Net` and `Net6`
- Improvements to scapy's logging, colored output and to UTscapy
- Fix edge-cases with `ConditionalField` and `MultipleTypeField` to make them more resilient
- [Doc] Enhancements: improved `MultipleTypeField` handling, add `view source`.
- [Internal] Move the test suite to GitHub Actions
- [Internal] Unit test housekeeping
- [Internal] Begin type hinting

Layers

- 6LoWPAN refactor
- TLS improvements (TLS 1.3 server downgrade, TLS 1.2 EXT MS...)
- HTTP improvements (http_request, support for zstd...)
- Refactor TunTap support
- Cleanup MACsec
- Many small bug fixes or improvements to layers (SMB2, BFD, DNS, Zigbee, EAP, HomeplugGP, DHCPv6, 802.11...)

Automotive

- Renaming of ENET to HSFZ
- Added XCP layer
- Added DoIP layer
- [Internal] Cleanup of interface preparation code in unit tests
- Renaming of ECU to Ecu
- Refactoring of EcuState class to be more versatile
- [Internal] Started with typing
- [Internal] Multiple minor cleanups
- Minor updates to the documentation

2.4.4

Main Changes

Core

- [784 commits to master](https://github.com/secdev/scapy/compare/v2.4.3...v2.4.4) since this v2.4.3
- fix how timestamps are measured on layer 3 (broken since 2.4.1)
- drop DNET support (deprecated since 2.4.0)
- Scapy will now use `libpcap` instead of `tcpdump` to compile the filters (`tcpdump` is still used to filter pcaps)
- major changes to the online doc: add an automatically generated [API reference](https://scapy.readthedocs.io/en/latest/api/scapy.html) with visual representation of each layer, move to Sphinx 3.0.0, new layer-specific doc...
- *BSD fixes
- more doc to many functions

Layers

- New layers (homeplug sg, smb2, NSH, RPL, ERSPAN, BFD, ROCE...)
- TLS: TLS 1.3 support & many fixes
- 802.11 improvements / WPA3 detection
- Netflow 9 fixes
- Major refactor & changes of the Automotive layers
- HTTP changes
- DHCPv6 fixes according to revision of the RFC
- Bluetooth improvements (+BLE)
- minor fixes to Radius, PPP, GTP, IPsec, CDP, VTP, HTTP/2, ...

2.4.3

Main Changes

Core

- 364 commits since v2.4.2
- better native support for FreeBSD, NetBSD, OpenBSD
- Windows: native RAW sockets support, load interfaces/routes using C calls, ...
- Solaris: fixed support
- latency improvements
- `sniff()` can be used to test BPF fiters on pcap files
- more unit tests and Python3 compatibility
- asynchronous sniffing
- UTScapy vim syntax highlighting
- drop distutils for setuptools
- Console / IPython integration improvements

Layers

Major changes

New

- HTTP (from the deprecated `scapy-http` module), TLS 1.3, ATA over Ethernet, OVD, IEC 60870-5-104, enip, ... 

Improved

- NetflowV9, ISOTP, Zigbee, RTR, BLE, PPI, DNS, LLDP, ...
- Bluetooth/BTLE rework
- PPI / 802.11 improvements

2.4.2

Main changes

- Gabriel Potter is officially part of the Scapy maintainers team
- PEP08 compliance (see 1277)
- Speed improvements (see 642)

Core

- 253 merged pull requests since v2.4.0
- Python 3.7 support
- Enhanced Windows support
- unit testing is now 100% tox based

Layers

Major changes

- Many automotive related layers added (ISO-TP...)

New

- EtherCat
- OPCDA
- SOCKS
- USBpcap
- RPKI

Improved

- MACsec, MQTT, MPLS, DNS, ARP, Dot15d4, Zigbee, Bluetooth4LE, RadioTap ...
- Enhanced monitor mode support

Other

- addresses [a v2.4.0 vulnerability](https://github.com/secdev/scapy/security/advisories/GHSA-q5wg-mj9r-hp59)

2.4.0

Main changes

- Python3 support
- 85% code coverage


Core

- Pcap/PcapNg improvements
- enhanced Windows support
- OpenBSD improvements
- OSX 802.11 monitor mode
- Krack AP module
- iPython support
- automatically tested on Linux, OSX & Windows
- ...


Layers

Major changes

TLS (including TLS1.3), X.509 ...

New
HTTP/2, EAP-TTLS, TACACS, MQTT ...

Improved
IPv6, SCTP, NTP, PPTP, CDP, BGP, ISIS ...

2.2.0

**Note: all releases tags before 2.4.0 are imported from http://freshmeat.sourceforge.net/projects/scapy**
This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.

2.1.1

This release adds SCTP and VRRP protocols. It fixes some bugs.

2.1.0

The Windows branch has been merged. Many bugs have been fixed. Network automata gained new features like the ability to add breakpoints or tracepoints. Many new small features have been added. Last but not least, this release comes with documentation.

2.0.0.10

The code has been split since versions 1.x. Many bugs have been fixed. The IPv6 branch has been merged in.

1.1.1

This release adds the ability to transcribe ASN1-specified protocols easily, SNMP protocol support, MIB parsing, OID/DNS/OUI resolving, configurable field value resolution, a startup script, and srflood() and srpflood() to flood with packets while catching answers.

1.0.5.20

This release has improved fuzzing capability with frame random corruption. It has improved ISAKMP support. New protocols have been added. Autofragmentation for big frames has been added. There are many bugfixes.

1.0.4.106

This release adds easy packet list filtering (e.g., list[ICMP]), bluetooth HCI protocol support, an improved show() for PacketFields, a LaTeX theme that escapes special characters, a timeout to sniff(), an equality test, a 3D traceroute, and bugfixes. It no longer depends on libreadline.
Links

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant