Skip to content

2.6.0/2.6.1 release #4196

New issue
New issue
Closed
Closed
2.6.0/2.6.1 release#4196
Labels
discussionmajorMajor changes
Milestone
2.6.0
@guedou

Description

@guedou
guedou
opened on Nov 27, 2023

This issue tracks the associated 2.6.0 release. As usual, feel free to comment down below to have some features/bugs included before the final release.

Note to package maintainers: it is important to point out that special care should be taken when porting/testing this release. The plateform-specific code aimed at reading the network configuration (interfaces, routes, etc.) has been entirely rewritten on both Linux and *BSD flavors. Plateforms that were tested include: Windows, Linux, OpenBSD, NetBSD, FreeBSD, Darwin. Other plateforms have not been tested, therefore we encourage maintainers to perform additional testing.

Changelog

General

  • [removal] DROP SUPPORT OF PYTHON 2.7

  • Python 3.11-3.13 support. The full range of supported Python versions is therefore 3.7-3.13
  • Improve packaging (pyproject.toml) and version handling. Scapy will now include wheels on pypi.
  • We welcome Nils Weiss (polybassa) as a new maintainer !

Main changes

  • [major] support for RFC6874-like scope identifiers. This is very useful for multicast IPs as one can now do the following on L3: sr(IP(dst="224.0.0.1%eth0")/..., multi=True)
  • [major] using the iface= argument is deprecated on level3 functions (send, sr, sr1), as its behavior was undefined. It remains in use for level2 functions (sendp, srp, srp1). RFC6874-like scope identifiers (see just above) should be used.
  • [major] the internals that read the routes and interfaces configuration have been rewritten on Linux and BSD:
    • on linux, to use RTNETLINK. (this should help on machines that have huge BPG tables)
    • on *BSDs, to use PF_ROUTE.
    • on Linux, NetBSD and FreeBSD, link-local and multicast routes should now properly be loaded
  • [new] Windows protocols:
    • DCE/RPC: DCERPC_Client and DCERPC_Server with support for NCACN_IP_TCP and NCACN_NP
    • SMB2/3:
      • Protocol refactor, many more SMB2/3 structures supported
      • Server (class + 'simple' util smbserver()) (2.0.2 to 3.1.1)
      • Client (class + interactive CLI smbclient()) (2.0.2 to 3.1.1)
      • SMB socket, RPC over SMB socket, etc.
    • Kerberos:
      • KerberosSSP to use in SMB/RPC clients/servers, [MS-KILE] variants, SFU and more !
      • Crypto: use cryptography, latest RFC8009, GSS_WrapEx support, typing, etc.
      • Util functions krb_as_req, krb_tgt_req, kpasswd (both modes), etc.
      • Ticketer++: ccache support, ask/renew/resign/edit tickets, etc
    • NTLM:
      • refactor, clean SSP
    • Extensive GSSAPI / SPNEGO support !
    • LDAP
      • Fixes, ASN.1 Windows variation support
      • dclocator, answering machine for "LDAP PING", etc.
      • add a (very) basic LDAP_client (support for various binding mechanisms, encryption, etc.)
  • [dep] Support for recent cryptography (42/43.0) versions
  • [new] CLI improvements
    • [breaking] Scapy CLI configuration now available in ~/.config/scapy/startup.py. This follows XDG variables. (Older ~/.scapy_startup.py is now non functional)
    • Support for bpython, ptpython and ptipython
  • [new] Wireshark extcap interfaces support (load_extcap())
  • Automaton:
    • fixes memory usage on Windows
    • support for EOF events
    • spawn() mode, better socket.socket support
  • [breaking] StreamSocket changes, support for TCP reassembly, etc. TCPSession(app=True) must no longer be used with StreamSocket. Custom sessions are marked as unstable.
  • Use L3RawSocket(6) automatically on the loopback interface on linux
  • L3pcapSocket (the default L3 on Windows or when libpcap is used) now follows the same behavior as other L3 sockets when routing
  • the sr* class of functions now properly supports sending on multiple interfaces (Windows & Linux)
  • performance issues with the sr* class of functions have also been fixed
  • manufdb (from wireshark) is now bundled and cached in ~/.cache/scapy, as it is no longer shipped as a standalone file in Wireshark.
  • Improve builtin answering machines (dnsd, llmnrd, nbnsd, dhcpd...). Add mdnsd for mDNS support
  • Fix performance issues with nested *ListFields
  • [new] conf.nameservers contains the DNS servers. Also adds dns_resolve()
  • [new] SSHv2 layer
  • [breaking] Rework Session objects
  • Fix L2 address computation when ARP is used over Ether (intrusive ARPs, bad guessing..)
  • [breaking] change sendpfast loop argument to be consistent with sendp
  • automaton: improve graph() to include implicit links
  • HTTP:
    • [new] add HTTP_Client and HTTP_Server which support the same SSPs as Windows
    • rework http_client
    • various fixes to reassembly when using TCPSession
  • TLS:
    • support for TLS 1.3 post handshake
    • support for EdDSA signatures / keys (ed25519/ed448)
    • various fixes (ffdhe generation, middlebox compat)
    • support choosing of curve, signature algorithms, etc.
  • More options supported in DHCP(v6), IPv6, DNS/LLMNR (special thanks to evverx)
  • Bluetooth, 802.11: new payloads supported
  • IPSEC: AES-NULL-GMAC support
  • [breaking] Merge EAPOL contrib into EAP
  • fix latex theme
  • IKEv2, ISAKMP: NAT traversal support, and other fixes (notify, ...)
  • Minor fixes in Netflow, NTP, SCTP, TACACS
  • [deprecation] Deprecate Winpcap support on Windows (please use Npcap instead if you are not already using it).
  • [removal] Remove ubberlogger.
  • cache get_if_hwaddr for performance
  • fix arping without IP
  • [new] tcpros layer (ROS 1.1)
  • many more fixes

Automotive changes

TODO

Metadata

Metadata

Assignees

No one assigned

    Labels

    discussionmajorMajor changes

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions