Releases: secdev/scapy
Releases · secdev/scapy
v2.6.0
Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing. This has no impact on the other plateforme that we support, such as Windows.
Changelog
General
-
[removal] DROP SUPPORT OF PYTHON 2.7
- Python 3.11-3.13 support. The full range of supported Python versions is therefore 3.7-3.13
- Improve packaging (
pyproject.toml) and version handling. Scapy will now include wheels on pypi. - We welcome Nils Weiss (polybassa) as a new maintainer !
Main changes
- [major] support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3:
sr(IP(dst="224.0.0.1%eth0")/..., multi=True) - [major] using the
iface=argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used. - [major] the internals that read the routes and interfaces configuration have been rewritten on Linux and BSD:
- on linux, to use RTNETLINK. (this should help on machines that have huge BPG tables)
- on *BSDs, to use PF_ROUTE.
- on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
- [new] Windows protocols:
- DCE/RPC:
DCERPC_ClientandDCERPC_Serverwith support forNCACN_IP_TCPandNCACN_NP - SMB2/3:
- Protocol refactor, many more SMB2/3 structures supported
- Server (class + 'simple' util
smbserver()) (2.0.2 to 3.1.1) - Client (class + interactive CLI
smbclient()) (2.0.2 to 3.1.1) - SMB socket, RPC over SMB socket, etc.
- Kerberos:
- KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more !
- Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc.
- Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
- Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
- NTLM:
- refactor, clean SSP
- Extensive GSSAPI / SPNEGO support !
- LDAP
- Fixes, ASN.1 Windows variation support
- dclocator, answering machine for "LDAP PING", etc.
- add a (very) basic
LDAP_client(support for various binding mechanisms, encryption, etc.)
- DCE/RPC:
- [dep] Support for recent
cryptography(42/43.0) versions - [new] CLI improvements
- [breaking] Scapy CLI configuration now available in
~/.config/scapy/startup.py. This follows XDG variables. (Older~/.scapy_startup.pyis now non functional) - Support for
bpython,ptpythonandptipython
- [breaking] Scapy CLI configuration now available in
- [new] Wireshark extcap interfaces support (
load_extcap()) - Automaton:
- fixes memory usage on Windows
- support for EOF events
- spawn() mode, better socket.socket support
- [breaking]
StreamSocketchanges, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used withStreamSocket. Custom sessions are marked as unstable. - Use
L3RawSocket(6)automatically on the loopback interface on linux L3pcapSocket(the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing- the
sr*class of functions now properly supports sending on multiple interfaces (Windows & Linux) - performance issues with the
sr*class of functions have also been fixed manufdb(from wireshark) is now bundled and cached in~/.cache/scapy, as it is no longer shipped as a standalone file in Wireshark.- Improve builtin answering machines (
dnsd,llmnrd,nbnsd,dhcpd...). Addmdnsdfor mDNS support - Fix performance issues with nested
*ListFields - [new]
conf.nameserverscontains the DNS servers. Also addsdns_resolve() - [new] SSHv2 layer
- [breaking] Rework
Sessionobjects - Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
- [breaking] change
sendpfastloop argument to be consistent withsendp - automaton: improve
graph()to include implicit links - HTTP:
- [new] add
HTTP_ClientandHTTP_Serverwhich support the same SSPs as Windows - rework
http_client - various fixes to reassembly when using TCPSession
- [new] add
- TLS:
- support for TLS 1.3 post handshake
- support for EdDSA signatures / keys (ed25519/ed448)
- various fixes (ffdhe generation, middlebox compat)
- support choosing of curve, signature algorithms, etc.
- More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
- Bluetooth, 802.11: new payloads supported
- IPSEC: AES-NULL-GMAC support
- [breaking] Merge EAPOL contrib into EAP
- fix latex theme
- IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
- Minor fixes in Netflow, NTP, SCTP, TACACS
- [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
- [removal] Remove ubberlogger.
- cache
get_if_hwaddrfor performance - fix
arpingwithout IP - [new] tcpros layer (ROS 1.1)
- many more fixes
v2.5.0
Changelog
Scapy v2.5.0 is the last version to support Python 2.7
Main Changes
- Type hinting of Scapy core: Scapy now provides type hintings for all of its core
- Python 3.9 and 3.10 support
- macOS 10.15 support
- update built-in dependencies (six) + and our cryptography imports that created warnings
- fix sniffing performance issues with 2.4.4+ on Windows
- greatly improve BPF (macOS) support (timestamps...)
- enhanced loopback interface support on Linux, *BSD, and Windows
- SPDX License identifiers added
- several major CLI improvements, especially in autocompletion: you can now auto-complete the names for all Scapy fields, automatons, answering machines thanks to signature injection (and patches in IPython/bpython)
Core
- improved support of BPF
- support pcapng writing, comments, TLS secrets decryption block
- Re-work how
sent_timeis shared across packets iterators - support new LINUX_SLL2 packet type (new tcpdump versions)
- pipes: performances issues fixed
- tools: fixes to hexdiff, lhex...
- [breaking]
FlagsFieldin dict mode now uses values instead of offsets
Layers
- new layers related to Windows: DCERPC/NTLM/KERBEROS/GSSAPI/SPNEGO/(C)LDAP.
- new contrib layers: ESMC/RTPS/RTPC/metawatch
- rework Netbios/SMB1/SMB2, basic SMB clients & server, ntlm relay
- several fixes to the TLS implementation
- major zigbee/6lowpan improvements
- bug fixes in TLS: properly support FFDH, fix the TLS 1.3 notebooks... among other things
- p0f module update
- IPsec: fixes, x25519 support...
- various updates to the ASN.1 engine
- IKEv2: fixes, UDP encapsulation
- STUN support
- Postgres line protocol 3.0 support
- EDNS0 client subnet support
- ESMC protocol added
- support TCP-MD5 and TCP-AO options
- ERF Ethernet Support
- many fixes: modbus, 802.11, BTLE, SCTP, DNS, LLDP, Kerberos, RTPS, DHCP, MQTT, BGP, L2TP...
Automotive
- ISOTPSoftSocket: Bug fixes and performance improvements
- Documentation and API-Doc improvements
- Unit-Test speedups for Scanners
- IPv6 support for DoIP
- Bugfixes for DoIP
- Unit-Test cleanups
- UDS-, GMLAN- and OBD-Scanner refactoring
- CANFD support
Misc
- new sanity rules prevent fields from having the same name in all packets
- Currently displays a warning but will become a SyntaxError in the future!
- archives of the Scapy repo should now have more consistent hashes
v2.4.5
Main Changes
Changelog
Core
- 354 commits to master since v2.4.4, from 73 contributors
- Python 3.9 support
- New interfaces system.
conf.ifaceis now an object (retro-compatible as a string) which contains additional information about the interface and allows for an automatic selection of the socket type.conf.ifacesnow lists all available interfaces. - Fix *BSD support. Improve filters handling on Linux and
libpcap - Automaton: support for
STOPevent - allows to cleanly end an Automata. Implemented in all Scapy's automatons - [Deprecated] Naming different fields with the same name will now raise a deprecation warning. This behavior has never properly worked and should never be necessary
- Enhance
NetandNet6 - Improvements to scapy's logging, colored output and to UTscapy
- Fix edge-cases with
ConditionalFieldandMultipleTypeFieldto make them more resilient - [Doc] Enhancements: improved
MultipleTypeFieldhandling, addview source. - [Internal] Move the test suite to GitHub Actions
- [Internal] Unit test housekeeping
- [Internal] Begin type hinting
Layers
- 6LoWPAN refactor
- TLS improvements (TLS 1.3 server downgrade, TLS 1.2 EXT MS...)
- HTTP improvements (http_request, support for zstd...)
- Refactor TunTap support
- Cleanup MACsec
- Many small bug fixes or improvements to layers (SMB2, BFD, DNS, Zigbee, EAP, HomeplugGP, DHCPv6, 802.11...)
Automotive
- Renaming of ENET to HSFZ
- Added XCP layer
- Added DoIP layer
- [Internal] Cleanup of interface preparation code in unit tests
- Renaming of ECU to Ecu
- Refactoring of EcuState class to be more versatile
- [Internal] Started with typing
- [Internal] Multiple minor cleanups
- Minor updates to the documentation
v2.4.4
Main Changes
Core
- 784 commits to master since this v2.4.3
- fix how timestamps are measured on layer 3 (broken since 2.4.1)
- drop DNET support (deprecated since 2.4.0)
- Scapy will now use
libpcapinstead oftcpdumpto compile the filters (tcpdumpis still used to filter pcaps) - major changes to the online doc: add an automatically generated API reference with visual representation of each layer, move to Sphinx 3.0.0, new layer-specific doc...
- *BSD fixes
- more doc to many functions
Layers
- New layers (homeplug sg, smb2, NSH, RPL, ERSPAN, BFD, ROCE...)
- TLS: TLS 1.3 support & many fixes
- 802.11 improvements / WPA3 detection
- Netflow 9 fixes
- Major refactor & changes of the Automotive layers
- HTTP changes
- DHCPv6 fixes according to revision of the RFC
- Bluetooth improvements (+BLE)
- minor fixes to Radius, PPP, GTP, IPsec, CDP, VTP, HTTP/2, ...
v2.4.3
Main Changes
Core
- 364 commits since v2.4.2
- better native support for FreeBSD, NetBSD, OpenBSD
- Windows: native RAW sockets support, load interfaces/routes using C calls, ...
- Solaris: fixed support
- latency improvements
sniff()can be used to test BPF fiters on pcap files- more unit tests and Python3 compatibility
- asynchronous sniffing
- UTScapy vim syntax highlighting
- drop distutils for setuptools
- Console / IPython integration improvements
Layers
Major changes
New
- HTTP (from the deprecated
scapy-httpmodule), TLS 1.3, ATA over Ethernet, OVD, IEC 60870-5-104, enip, ...
Improved
- NetflowV9, ISOTP, Zigbee, RTR, BLE, PPI, DNS, LLDP, ...
- Bluetooth/BTLE rework
- PPI / 802.11 improvements
v2.4.2
Main changes
- Gabriel Potter is officially part of the Scapy maintainers team
- PEP08 compliance (see #1277)
- Speed improvements (see #642)
Core
- 253 merged pull requests since v2.4.0
- Python 3.7 support
- Enhanced Windows support
- unit testing is now 100% tox based
Layers
Major changes
- Many automotive related layers added (ISO-TP...)
New
- EtherCat
- OPCDA
- SOCKS
- USBpcap
- RPKI
Improved
- MACsec, MQTT, MPLS, DNS, ARP, Dot15d4, Zigbee, Bluetooth4LE, RadioTap ...
- Enhanced monitor mode support
Other
- addresses a v2.4.0 vulnerability
v2.4.0
Main changes
- Python3 support
- 85% code coverage
Core
- Pcap/PcapNg improvements
- enhanced Windows support
- OpenBSD improvements
- OSX 802.11 monitor mode
- Krack AP module
- iPython support
- automatically tested on Linux, OSX & Windows
- ...
Layers
Major changes
TLS (including TLS1.3), X.509 ...
New
HTTP/2, EAP-TTLS, TACACS, MQTT ...
Improved
IPv6, SCTP, NTP, PPTP, CDP, BGP, ISIS ...
v2.2.0
Note: all releases tags before 2.4.0 are imported from http://freshmeat.sourceforge.net/projects/scapy
This release adds a contrib section filled with old contributions that were not distributed with Scapy yet: CDP, IGMP, MPLS, CHDLC, SLARP, WPA EAPOL, DTP, EIGRP, VQP, BGP, OSPF, VTP RSVP, EtherIP, RIPng, and IKEv2. It fixes some bugs.