killchain-compendium/misc/telecommunications/sipvicious/Changelog

v0.3.4 (20210601)
* Feature: Exit codes implementation
* Automated positive/negative testing with GitHub Actions
* Code refactoring

v0.3.3 (20210325)
* Feature: Input via STDIN for svcrack and svwar
* Feature: Full URL format support for svwar and svcrack
* Code refactoring

v0.3.2 (20210303)
* Feature: IPv6 support to svmap
* Bug fix: auth header exception handling
* Bug fix: relative import error fixes
* github issue templates for proper structured issue reporting
* supplementary bug fixes as and when reported

v0.3.0 (20200129)
* Port to Python 3! thanks to 0xInfection
* IPv6 support for svwar and svcrack
* svcrack now takes the --method option too
* qop and md5-sess auth support added
* lots of bug fixes

v0.2.8 (20121210)
* Feature: INVITE sends a BYE and supports ACK
* Feature: man pages can be produced with --manpage and man pages are included
* Bug fix: removed fingerprinting completely
* Change: moved pptable.py and svhelper to libs/
* Change: Number of changes to adhere to Debian's guidelines (copyright/license notices etc)
* Bug fix: fixed an svcrack unhandled exception

v0.2.7 (20120222)
* Feature: svcrash.py has a new option -b which bruteforces the attacker's port
* Feature: svcrack.py now tries the extension as password by default, automatically
* Feature: svcrack.py and svwar.py now support setting of source port
* Feature: new parameter --domain can be passed to all tools which specifies
          a custom domain in the SIP uri instead of the destination IP
* Feature: new --debug switch which shows the messages received
* Bug fix: Sometimes nonces could not be extracted due to an incorrect regex
* Bug fix: Fixed an unhandled exception when decoding tags
* Bug fix: now using hashlib when available instead of md5
* Bug fix: removed the space after the SIP address in the From header which
          led to newer version of Asterisk to ignore the SIP messages
* Bug fix: dictionaries with new lines made svcrack.py stop without this fix
* Change: renamed everything to start with sv*
* Bug fix: changed the way shelved files are opened by the fingerprinting module
* Change: fingerprinting disabled by default since it was giving too many problems
         and very little benefits

v0.2.6 (20100621)
* Feature:  svcrash.py is a new tool for sending messages that crash svwar and
           svcrack
* Bug fix:  helper.py has been fixed when decoding the tags (svcrash abuses
           this issue)

v0.2.5 (20100519)
* Feature:  svwar.py has "scan for default / typical extensions" option. This
           option tries to guess numeric extensions which have certain patterns
           such as 1212 etc. Option is -D, --enabledefaults

* General:  svwar.py and svcrack.py now have a new option which allows you to set
           how long the tools will scan without receiving any response back.
           This allows us to prevent flooding the target. Some PBX servers now
           have built-in firewalls / intrusion prevention systems which will
           blacklist the IP address of anyone using svwar or svcrack. Therefore
           if the IP is blacklisted it makes sense to stop scanning the target.
           The default for this option is 10 seconds. Set this option by using
           --maximumtime [seconds]
* Removed:  svlearnfp.py is now discontinued. The tool is still included for
           historic reasons but disabled.
* Feature:  svmap.py now includes the following new features:
            --debug - shows messages as they are received (useful for
                    developers)
            --first - scans the first X number of hosts, useful for
                    random or large address pool scanning
            --inputtext - scans IP ranges taken from a text file
            --fromname - sets the from header to something specific
                    useful for abusing other security issues or
                    when svmap is used in a more flexible way
                    then usual ;-)
* Feature:  svreport.py now has two new modes:
            - stats, which lists some statistics
            - search, allows you to search through logs looking for
                    specific user agents
* Bug fix:  svwar.py now by default does not send ACK messages (was a buggy feature
        that did not follow the standard)
* Bug fix:  svwar.py - the template passed through --template option is now checked
        sanity.

v0.2.4
* Feature:  svwar.py can now scan for templated numbers. This allows more flexible
            usage of ranges of numbers, allowing for prefixes and suffixes as
            need be ;-)
* Bug fix:  svwar.py now sends ACK to be nice to other devices.
* Bug fix:  each tag is padded with a unique 32 bit
* Bug fix:  Contact header is always added to the request to always send well
            formed SIP requests
* Bug fix:  Large data is sent fragmented now (mysendto)
* Bug fix:  svwar.py now handles new SIP response codes

v0.2.3
* Feature:  Fingerprinting support for svmap. Included fphelper.py and
            3 databases used for fingerprinting.
* Feature:  Added svlearnfp.py which allows one to add new signatures to
            db and send them to the author.
* Feature:  Added DNS SRV check to svmap. Use ./svmap.py --srv domainname.com
            to give it a try

v0.2.svn
* Feature:  added the ability for svreport to count results when doing a list
* Bug fix:  fixed a bug related to resuming a scan which does not have an
        an extension

v0.2.1 (maintenance)
General:
* Feature:  updated the report function to include more information about
        the system. Python version and operating system is now included
        in the bug report. option now supports optional feedback.

* Feature:  Store information about the state of a session. Sessions can be
        complete or incomplete, so that you can resume incomplete sessions
        but not complete ones.

* Feature:  Added -e option to svmap. Allows you to specify an extension. This
    is useful when using -m INVITE options on a SIP phone.

* Bug fix:  Added a check to make sure that the python version is supported.
    Anything less than version 2.4 is not supported

* Bug fix:  IP in the SIP msg was being set to localhost when not explicitly
    set. This is not correct behavior and was fixed. As a result of this
    behavior some devices, such as Grandstream BT100 were not being detected.
    Thanks to robert&someone from bulgaria for reporting this

* Bug fix:  fixed a bug in the database which was reported anonymously via the --reportback / -R option.
    Thanks whoever reported that. Bug concerns the dbm which does not
    support certain methods supported other database modules referenced
    by anydbm. Reproduced on FreeBSD. Thanks to Anthony Williams for help i
    dentifying this

* Bug fix:  Ranges of extensions in svwar could not take long numeric extensions
    (xrange does not support long / large numbers). Thanks to Joern for reporting this

* Bug fix:  svwar was truncating extension names containing certain characters. Fixed.

* Bug fix:  when binding to a specific interface, the IP within the SIP message could be incorrect (when there are multiple interfaces). This has been fixed.

* Cosmetic: Certain PBXs reply with "603 Declined" when svwar finds that the
    extension does not exist. This creates extra noise. It is now being
    suppressed.

v0.2
General:
* Feature: replaced 3rd party functions in ip4range with our functions in helper.py
* Feature: ReportBack function is off by default but can be enabled by using -R option
* Feature: verbose and quiet mode. Now making use of logging module
* Newtool: svreport - export to csv, pdf, xml and plain text.
* Feature: session / database support. This allows two things:
    - resuming of previous scans
    - exporting the results to more meaningful formats
* Feature: give a warning when the default port is already being used and listen on another port


Svmap:
* Feature: Host arguments now accepts a variety of formats. You can now scan using ranges like the following:
    - 1.1.1.1-20 1.1.1-20.1-10
    - 1.1.1.*
    - 1.1.1.1-1.1.2.20
    - sipvicious.org/22
* Bug fix: Generation of hosts to scan is now dynamic and does not slow down startup time
* Feature: Now making use of the standard logging module with more logging to debug problems
* Feature: When the port is already bound, svmap tries to listen on another port
* Feature: Added options to allow you to specify the ip to bind to as well as the external ip address of the scanner
* Feature: --help now shows proper usage
* Feature: New scanning method - random scan! This scans only valid internet address space.
* Feature: Randomize scan. Allows you to randomize the order of the IP addresses to be scanned.

Svwar:
* Bug fix: Svwar was missing valid extensions (false negatives) - fixed
* Bug fix: Logic bug which did not identify between a server that does not respond and one that sends an unexpected response.
* Bug fix: Fixed description of errors and usage

Svcrack:
* General: --help output was updated to match the other tools.

Svreport:
* General: was born. Allows managing of saved sessions and exporting to different file formats.
* Feature: Reverse name lookup for ip addresses

v0.1
First release.