File: ChangeLog

package info (click to toggle)
inguma 0.0.7.2-2
  • links: PTS
  • area: main
  • in suites: squeeze
  • size: 6,612 kB
  • ctags: 7,859
  • sloc: python: 74,776; ansic: 344; makefile: 64; sql: 45; sh: 39
file content (131 lines) | stat: -rw-r--r-- 6,928 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
CURRENT_RELEASE Joxean Koret - Version 0.0.7

    * Fixed bugs in allmost all modules.
    * Added support for command line history and autocompletion (whenever
      readline is available).
    * Fixed various oracle module's documentation.
    * Added the first version of "anticrypt", a tool to detect the encryption
      algorithm used for a password hash. It saves a lot of time when auditing
      a (weak) encryption algorithm.
    * Added a Nikto plugin (Thanks you Sullo!).
    * Added module "archanix". Usefull to check old Unix boxes.
    * Many changes to PyShellcodelib (Thanks erg0t!).
    * Added a brute forcer for SMTP servers.
    * First release of the documentation by Andrew Brooks. Check the wiki
      available at http://inguma.wiki.sourceforge.net/ (Many thanks Andrew!).
    * Added 4 new Oracle exploit modules for CPUJAN2008.
    * Added a skr1pT k1|>i3 like module for the Oracle PL/SQL gateway flaw.
      Give a target & port and use "oragateway". The module will automagically
      guess the correct DAD and bypass technique. After it an SQL terminal
      will be opened.

2007-11-26 Joxean Koret - Version 0.0.6

    * Enhanced the module "sidguess". It now extracts the SID from Enterprise
      Manager banner. Thanks to Alexander Kornbrust!
    * Added more services to the identify module.
    * Added a brute force module for HTTP servers.
    * Renamed the directory "aux" to "auxi" to avoid problems in Win32.
    * Added a tool to known your external ip address. Util to check how
      anonymous an anonymous proxy server is ;) For more information navigate
      to http://inguma.wiki.sourceforge.net/externip.
    * Added various Oracle 8i, 9i and 10g SQL injection modules. A total of 5
      new modules.
    * Oracle payloads changed to use, when possible, the cursor injection
      technique.
    * Fixed bugs in whois module.
    * Added module nmbstat to gather NetBIOS information.
    * Enhanced the module firetest to make ICMP probes as well as TCP/IP
      probes. The probes are executed with an small MTU and with a common
      MTU (by default 16000).
    * Initial version of the Website (http://inguma.sourceforge.net).
    * Initial version of the Wiki (http://inguma.wiki.sourceforge.net).
    * Added a protocol scanner. Check what IP protocols enabled has a target.
      Take a look to the module "protoscan".
    * Initial version of PyShellCodeLib. A GPL'ed library similar to the well
      known InlineEgg.
    * Module SIDVault uses now PyShellCodeLib instead of InlineEgg.
    * Addedd module getmac to get the MAC address and the vendor name from a
      given IP address.
    * Added a module to poison ARP target's cache.
    * Fixed security paranoia bugs.
    * Added examples of the OpenDis framework. A tool called asmdiff.py has
      been added to do binary diffs as a well as other example that prints an
      OpenDis format database. See $INGUMA_DIR/dis/README for details.

2007-10-20 Joxean Koret - Version 0.0.5

    * Fixed too many bugs in the text and QT versions.
    * Fixed too many bugs in the modules section.
    * Added support to identify LDAP, RDP enabled servers and also some very
      old Unix services.
    * Added module "firetest" to test firewall configurations.
    * Added module "brutessh" to brute force SSH servers.
    * Removed many (stupids) sys.path.append (Thanks PH!).
    * Added module "bruteora" to brute force Oracle servers. It will check for
      every (commonly) possible user or for an specified user.
    * Removed scapereal from distribution. You can use it, of course, but you
      need to download it yourself.
    * Added a tool to crack MD5 hashes using freely available rainbow tables.
    * Added module "sidguess" to guess the SID of an Oracle Database instance.
    * Added module's option "help". Type "info <command>" to get the
      correspondient help.
    * _*Initial*_ shellcode support. See the SIDVault remote root exploit and
      $INGUMA_DIR/lib/libexploit.py for details. x86 support with InlineEgg.
      Thanks you Gera!
    * Added one exploit for the vulnerability in SYS.LT.FINDRICSET (CPU Oct. 2007).
    * Added a password cracker for Oracle11g.
    * Added a password cracker for MS SQL Server 7 and 2000.
    * Enhanced the Oracle PL/SQL fuzzer.

2007-10-03 Joxean Koret - Version 0.0.4

    * Added one module to check for the most common Oracle Appplications Server vulnerable
      urls.
    * Added "smbgold" module, to search in SMB/CIFS shares for interesting
      files (*.mdb, passwords.txt, ...).
    * Added "scapereal" to distribution. Run "sniffer", sniff a packet list and type "ethereal". You
      will see an ethereal like GTK Window showing all the sniffed packets in a graphical fashion.
    * First version of the GUI using pyqt.
    * Added a module to gather information from an Oracle TimesTen server.

2007-09-06 Joxean Koret - Version 0.0.3

    * Added a, non integrated, disassembler (you will need objdump). See
      dis/README for details.
    * Added a, non integrated, general purpose token based fuzzer. See
      krash/README for details.
    * Enhaced the Oracle PL/SQL fuzzer.
    * Added a TNS fuzzer. Use the tnscmd's option "fuzz".
    * Minor changes to the TNS Listener tool "tnscmd".
    * Support to "autoscan" a complete network (i.e., 192.168.1.0/24).
    * Now, it can "automagically" brute force username and passwords.
    * Added "libfuzz", a library to make easier the task of writing new fuzzers.
    * The module "identify" now can identify rmi, ocfs2, web servers, ftp servers, ssh servers,
      TNS listeners, CIFS/SMB compatible servers, LPD servers, Jet Direct printers, SMTP servers
      and MySQL servers. Sufficient for now (at least for me ;]).
    * Better support for Win32.
    * Basic plain text report support.
    * Better support for kb (knowledge base) files.
    * Better support for brute force modules.
    * Added the "interactive" option to launch in interactive or batch mode.
    * Autoscan can ignore specified hosts.
    * Autoscan is "SMB/CIFS" aware and can automagically brute force username and passwords.
    * Module "portscan" have been enhanced.
    * Rpcdump and samrdump can use username and passwords (brute forced or guessed).
    * Module "tcpscan" have been enhanced.
    * Minor fixes for various discover modules.
    * Added "libslp", a library (dissector?) for the Service Location Protocol.
    * The FTP fuzzer have been integrated.

2007-04-06 Joxean Koret - Version 0.0.2
    * Added knowledge base support (DANGEROUS!).
    * Added "whois" and "netcraft" discover modules.
    * Added brute force modules for FTP, IMAP, POP3 and SMB.
    * Added support for "autobrute".
    * Support to generate reports of the command "autoscan".
    * Many fixes mainly focused in Win32 support.

2007-02-16 Joxean Koret - Version 0.0.1
    * First public version. PRE-ALPHA