Skip to content

v2.6.0

Latest
Latest
Compare
Choose a tag to compare
@gpotter2 gpotter2 released this 28 Sep 13:42
· 16 commits to master since this release
v2.6.0
f7a6411
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing. This has no impact on the other plateforme that we support, such as Windows.

Changelog

General

  • [removal] DROP SUPPORT OF PYTHON 2.7

  • Python 3.11-3.13 support. The full range of supported Python versions is therefore 3.7-3.13
  • Improve packaging (pyproject.toml) and version handling. Scapy will now include wheels on pypi.
  • We welcome Nils Weiss (polybassa) as a new maintainer !

Main changes

  • [major] support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3: sr(IP(dst="224.0.0.1%eth0")/..., multi=True)
  • [major] using the iface= argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used.
  • [major] the internals that read the routes and interfaces configuration have been rewritten on Linux and BSD:
    • on linux, to use RTNETLINK. (this should help on machines that have huge BPG tables)
    • on *BSDs, to use PF_ROUTE.
    • on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
  • [new] Windows protocols:
    • DCE/RPC: DCERPC_Client and DCERPC_Server with support for NCACN_IP_TCP and NCACN_NP
    • SMB2/3:
      • Protocol refactor, many more SMB2/3 structures supported
      • Server (class + 'simple' util smbserver()) (2.0.2 to 3.1.1)
      • Client (class + interactive CLI smbclient()) (2.0.2 to 3.1.1)
      • SMB socket, RPC over SMB socket, etc.
    • Kerberos:
      • KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more !
      • Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc.
      • Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
      • Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
    • NTLM:
      • refactor, clean SSP
    • Extensive GSSAPI / SPNEGO support !
    • LDAP
      • Fixes, ASN.1 Windows variation support
      • dclocator, answering machine for "LDAP PING", etc.
      • add a (very) basic LDAP_client (support for various binding mechanisms, encryption, etc.)
  • [dep] Support for recent cryptography (42/43.0) versions
  • [new] CLI improvements
    • [breaking] Scapy CLI configuration now available in ~/.config/scapy/startup.py. This follows XDG variables. (Older ~/.scapy_startup.py is now non functional)
    • Support for bpython, ptpython and ptipython
  • [new] Wireshark extcap interfaces support (load_extcap())
  • Automaton:
    • fixes memory usage on Windows
    • support for EOF events
    • spawn() mode, better socket.socket support
  • [breaking] StreamSocket changes, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used with StreamSocket. Custom sessions are marked as unstable.
  • Use L3RawSocket(6) automatically on the loopback interface on linux
  • L3pcapSocket (the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing
  • the sr* class of functions now properly supports sending on multiple interfaces (Windows & Linux)
  • performance issues with the sr* class of functions have also been fixed
  • manufdb (from wireshark) is now bundled and cached in ~/.cache/scapy, as it is no longer shipped as a standalone file in Wireshark.
  • Improve builtin answering machines (dnsd, llmnrd, nbnsd, dhcpd...). Add mdnsd for mDNS support
  • Fix performance issues with nested *ListFields
  • [new] conf.nameservers contains the DNS servers. Also adds dns_resolve()
  • [new] SSHv2 layer
  • [breaking] Rework Session objects
  • Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
  • [breaking] change sendpfast loop argument to be consistent with sendp
  • automaton: improve graph() to include implicit links
  • HTTP:
    • [new] add HTTP_Client and HTTP_Server which support the same SSPs as Windows
    • rework http_client
    • various fixes to reassembly when using TCPSession
  • TLS:
    • support for TLS 1.3 post handshake
    • support for EdDSA signatures / keys (ed25519/ed448)
    • various fixes (ffdhe generation, middlebox compat)
    • support choosing of curve, signature algorithms, etc.
  • More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
  • Bluetooth, 802.11: new payloads supported
  • IPSEC: AES-NULL-GMAC support
  • [breaking] Merge EAPOL contrib into EAP
  • fix latex theme
  • IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
  • Minor fixes in Netflow, NTP, SCTP, TACACS
  • [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
  • [removal] Remove ubberlogger.
  • cache get_if_hwaddr for performance
  • fix arping without IP
  • [new] tcpros layer (ROS 1.1)
  • many more fixes
Assets 2
Loading