Merge pull request #1058 from LocutusOfBorg/update-changelog

Update changelog for release

CHANGELOG

@@ -4,7 +4,7 @@ Legend:
          - old feature removed
          !! bug fixed
 =========================================
-0.8.4-XXXXXXXXX    YYYYMMDD
+0.8.3.1-Bertillon    20200801
    !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.0)
    !! Fix blackholing SSL packets when specific redirection is used
    !! Fix TLS 1.3 interception issues (replace fake certificate with proper key length)
@@ -17,19 +17,25 @@ Legend:
    !! Fix compiling with GCC version / defaulting to -fno-common
    !! Fix bad UDP length for packets changed with replace()
    !! Fix passing --lua-args arguments to LUA scripts
+   !! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used
+   !! Fix references to old sourceforce.org website in the code and documentation
+   !! Fix fingerprint_submit (still missing its server counterpart)
     + Take over client-side SNI extension in ClientHello in SSL interception (req. OpenSSL 1.1.1)
     + Take over SAN certificate extension from server certificate in SSL interception
     + Use server certificate sign algorithm to sign fake certificate defaulting to SHA256
     + CLI provided plugins are now also autostarted in graphical UI
     + Added --plugin-list CLI parameter
     + New execreplace etterfilter command
+    + Update bundled OUI mac addresses
+    + Update LuaJIT from 2.0.4 to 2.0.5
+    + Update libnet from 1.1.6 to 1.2
+    + Update check from 0.10.0 to 0.15.0
+    + Update curl from 7.44.0 to 7.71.1
     - Separate etter.dns and etter.mdns examples in dedicated examples file
     - Remove source IP specification from customizable SSL redirects
     - Remove of deprecated redirect commands from etter.conf
     - Remove Easter Egg (Sorry ALoR and NaGA)
 
-
-
 0.8.3-Bertillon    20190701
    !! Fix binary comparison and assignment in etterfilter
    !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long)
@@ -54,8 +60,6 @@ Legend:
     - GTK2 phase out initialized
     - Usage of deprecated inet_aton replaced with current successor functions
 
-
-
 0.8.2-Ferri   20150314
    !! Fixed some openssl deprecated functions usage
    !! Fixed log file ownership
@@ -70,7 +74,7 @@ Legend:
    !! A ton of BSD bug fixes
    !! Simplify macosx cmake files
    !! Fix incorrect sequence number after TCP injection
-   !! Fix pcap length, and aligment problems with libpcap
+   !! Fix pcap length, and alignment problems with libpcap
    !! Bug fixes and gtk code refactor (gtk box wrapper)
    !! Fix some ipv6 send issues
    !! Fixed sleep time on Windows (high CPU usage)

CMakeLists.txt

@@ -1,7 +1,7 @@
 cmake_minimum_required(VERSION 2.8)
 project(ettercap C)
 
-set(VERSION "0.8.4-rc")
+set(VERSION "0.8.3.1")
 
 set(CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/Modules")
 set(CMAKE_SCRIPT_PATH "${CMAKE_SOURCE_DIR}/cmake/Scripts")
@@ -167,6 +167,10 @@ if(ENABLE_LUA)
   set(HAVE_EC_LUA 1)
 endif()
 
+if(CURL_FOUND)
+  set(HAVE_CURL 1)
+endif()
+
 set(EC_INCLUDE_PATH ${CMAKE_CURRENT_BINARY_DIR}/include ${CMAKE_SOURCE_DIR}/include ${EC_INCLUDE})
 include_directories(${EC_INCLUDE_PATH})
 

README.BUGS

@@ -20,7 +20,7 @@ by definition, not smart enough to debug it." - Brian W. Kernighan
 
 If you found a new bug please report it to
 https://github.com/Ettercap/ettercap/issues or by sending an email to
-<ettercap-betatesting@lists.sourceforge.net>
+<ettercap-users@lists.ettercap-project.org>
 
 
 ==============================================================================

bundled_deps/curl/curl_configure_wrapper.sh.in

@@ -1,2 +1,2 @@
 #!/bin/sh
-./configure --disable-shared --enable-static --enable-cookies --enable-http --disable-verbose --enable-proxy --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smtp --disable-gopher --disable-manual --prefix="@CURL_PREFIX@" --includedir="@CURL_INCLUDE_DIR@" --libdir="@CURL_LIB_DIR@" @EXPORT_IPV6_FLAGS@ --with-ssl="@OPENSSL_ROOT_PATH@" --without-libssh2
+./configure --disable-shared --enable-static --enable-cookies --enable-http --disable-verbose --enable-proxy --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smtp --disable-gopher --disable-manual --prefix="@CURL_PREFIX@" --includedir="@CURL_INCLUDE_DIR@" --libdir="@CURL_LIB_DIR@" @EXPORT_IPV6_FLAGS@ --with-ssl="@OPENSSL_ROOT_PATH@" --without-libssh2 --without-nghttp2 --without-brotli

cmake/Modules/EttercapLibCheck.cmake

@@ -149,32 +149,29 @@ if(ENABLE_PLUGINS)
     endif()
 endif()
 
-if(HAVE_PLUGINS)
-    # Fake target for curl
-    add_custom_target(curl)
+# Fake target for curl
+add_custom_target(curl)
 
-    # sslstrip has a requirement for libcurl >= 7.26.0
-    if(SYSTEM_CURL)
-        message(STATUS "CURL support requested. Will look for curl >= 7.26.0")
-        find_package(CURL 7.26.0)
+# sslstrip has a requirement for libcurl >= 7.26.0
+if(SYSTEM_CURL)
+    message(STATUS "CURL support requested. Will look for curl >= 7.26.0")
+    find_package(CURL 7.26.0)
 
-        if(NOT CURL_FOUND)
-            message(STATUS "Couldn't find a suitable system-provided version of Curl")
-        endif()
-    endif()
-
-    if(BUNDLED_CURL AND (NOT CURL_FOUND))
-        message(STATUS "Using bundled version of Curl")
-        add_subdirectory(bundled_deps/curl) # EXCLUDE_FROM_ALL)
-        add_dependencies(curl bundled_curl)
-        add_dependencies(bundled bundled_curl)
-    endif()
-
-    # Still haven't found curl? Bail!
     if(NOT CURL_FOUND)
-        message(FATAL_ERROR "Could not find Curl!")
+        message(STATUS "Couldn't find a suitable system-provided version of Curl")
     endif()
+endif()
+
+if(BUNDLED_CURL AND (NOT CURL_FOUND))
+    message(STATUS "Using bundled version of Curl")
+    add_subdirectory(bundled_deps/curl) # EXCLUDE_FROM_ALL)
+    add_dependencies(curl bundled_curl)
+    add_dependencies(bundled bundled_curl)
+endif()
 
+# Still haven't found curl? Bail!
+if(NOT CURL_FOUND)
+    message(STATUS "Could not find Curl, sslstrip and curl support will be disabled!")
 endif()
 
 check_function_exists(poll HAVE_POLL)

include/config.h.cmake

@@ -53,6 +53,7 @@
 #cmakedefine WITH_IPV6
 #cmakedefine HAVE_GEOIP
 #cmakedefine HAVE_EC_LUA
+#cmakedefine HAVE_CURL
 
 #cmakedefine INSTALL_PREFIX         "@INSTALL_PREFIX@"
 #cmakedefine INSTALL_SYSCONFDIR     "@INSTALL_SYSCONFDIR@"

include/ec_fingerprint.h

@@ -6,8 +6,10 @@ EC_API_EXTERN int fingerprint_search(const char *f, char *dst);
 EC_API_EXTERN void fingerprint_default(char *finger);
 EC_API_EXTERN void fingerprint_push(char *finger, int param, int value);
 EC_API_EXTERN u_int8 TTL_PREDICTOR(u_int8 x);
-EC_API_EXTERN int fingerprint_submit(const char *finger, char *os);
+EC_API_EXTERN int fingerprint_submit(char* host, char* page, const char *finger, const char *os);
 
+#define DEFAULT_HOST "https://www.ettercap-project.org"
+#define DEFAULT_PAGE "fingerprint.php"
 
 /*
  *  The fingerprint database has the following structure:                  
@@ -36,6 +38,8 @@ EC_API_EXTERN int fingerprint_submit(const char *finger, char *os);
 enum {
    FINGER_LEN = 28,
    OS_LEN     = 60,
+   HOST_LEN   = 100,
+   PAGE_LEN   = 100,
    FINGER_WINDOW     = 0,
    FINGER_MSS        = 5,
    FINGER_TTL        = 10,

include/ec_version.h

@@ -1,14 +1,15 @@
 #ifndef ETTERCAP_VERS_H
 #define ETTERCAP_VERS_H
 
-#define EC_VERSION            "0.8.4-rc"
-#define EC_VERSION_MAJOR      0
-#define EC_VERSION_MINOR      8
-#define EC_VERSION_REVISION   4
+#define EC_VERSION            "0.8.3.1"
+#define EC_VERSION_MAJOR       0
+#define EC_VERSION_MINOR       8
+#define EC_VERSION_REVISION    3
+#define EC_VERSION_SUBREVISION 1
 #ifndef PROGRAM
    #define PROGRAM            "ettercap"
 #endif
-#define EC_COPYRIGHT          "2001-2019"
+#define EC_COPYRIGHT          "2001-2020"
 #define EC_AUTHORS            "Ettercap Development Team"
 
 #endif

plug-ins/finger_submit/finger_submit.c

@@ -65,6 +65,8 @@ int plugin_load(void *handle)
 
 static int finger_submit_init(void *dummy) 
 {
+   char host[HOST_LEN + 1];
+   char page[PAGE_LEN + 1];
    char finger[FINGER_LEN + 1];
    char os[OS_LEN + 1];
 
@@ -74,9 +76,29 @@ static int finger_submit_init(void *dummy)
    /* don't display messages while operating */
    EC_GBL_OPTIONS->quiet = 1;
 
+   memset(host, 0, sizeof(host));
+   memset(page, 0, sizeof(page));
    memset(finger, 0, sizeof(finger));
-   memset(os, 0, sizeof(finger));
+   memset(os, 0, sizeof(os));
 
+   /* get the user input */
+   ui_input("Remote website (enter for default " DEFAULT_HOST " website) ('quit' to exit) : ", host, sizeof(host), NULL);
+   /* exit on user request */
+   if (!strcasecmp(host, "quit"))
+      return PLUGIN_FINISHED;
+
+   if(!strcmp(host, ""))
+      strcpy(host, DEFAULT_HOST);
+
+   ui_input("Remote webpage (enter for default " DEFAULT_PAGE " page) ('quit' to exit) : ", page, sizeof(page), NULL);
+
+   /* exit on user request */
+   if (!strcasecmp(page, "quit"))
+      return PLUGIN_FINISHED;
+
+   if(!strcmp(page, ""))
+      strcpy(page, DEFAULT_PAGE);
+
    /* get the user input */
    ui_input("Fingerprint      ('quit' to exit) : ", finger, sizeof(finger), NULL);
 
@@ -93,7 +115,7 @@ static int finger_submit_init(void *dummy)
    USER_MSG("\n");
 
    /* send the fingerprint */
-   fingerprint_submit(finger, os);
+   fingerprint_submit(host, page, finger, os);
 
    /* flush all the messages */
    ui_msg_flush(MSG_ALL);

share/etter.dns.examples

@@ -30,8 +30,8 @@ www.example.org  AAAA ::1
 #
 
 www.ettercap.org           A  127.0.0.1
-www.ettercap-project.org   A  127.0.0.1
-ettercap.sourceforge.net   A  23.235.43.133
+www.ettercap-project.org   A  104.24.100.131
+ettercap.sourceforge.net   A  104.24.100.131
 www.ettercap.org           PTR ::1
 
 ###############################################

share/etter.finger.os

@@ -36,13 +36,10 @@
 #       if irrilevant or unknown it is "LT"                                #
 # OS  : an ascii string representing the OS                                #
 #                                                                          #
-# IF YOU FIND A NEW FINGERPRING, PLEASE MAIL IT US WITH THE RESPECTIVE OS  #
-# or use the appropriate form at:                                          #
-#    http://ettercap.sourceforge.net/index.php?s=stuff&p=fingerprint       #
+# IF YOU FIND A NEW FINGERPRINT, PLEASE MAIL IT US WITH THE RESPECTIVE OS  #
+# or use the ettercap with submit_fingerprint = 1 in etter.conf            #
+#    www.ettercap-project.org/fingerprint.php                              #
 #                                                                          #
-# TO GET THE LATEST DATABASE:                                              #
-#                                                                          #
-#    ettercap -U                                                           #
 #                                                                          #
 ############################################################################
 

src/CMakeLists.txt

@@ -125,7 +125,6 @@ set(EC_SRC
     protocols/ec_wifi_radiotap.c
 )
 
-
 if(HAVE_GEOIP)
   set(EC_SRC ${EC_SRC} ec_geoip.c)
 endif()
@@ -192,6 +191,10 @@ add_library(lib_ettercap SHARED ${EC_SRC})
 add_dependencies(lib_ettercap libnet)
 target_link_libraries(lib_ettercap ec_interfaces ${EC_LIBS})
 
+if(CURL_FOUND)
+  target_link_libraries(lib_ettercap ${CURL_LIBRARY})
+endif()
+
 if(NOT LIBRARY_BUILD)
   add_subdirectory(interfaces)
   include_directories(interfaces/daemon interfaces/text)

src/dissectors/ec_gg.c

@@ -32,7 +32,7 @@ Gadu-Gadu (http://www.gadu-gadu.pl/) is the most widely used IM network in Polan
 
 Protocol description taken from http://ekg.chmurka.net/docs/protocol.html + own research (7.x).
 
-The newest version can be found at http://ettercap-gg.sourceforge.net/
+The newest version can be found at https://www.ettercap-project.org/downloads.html
 
 FEATURES: