Releases: utoni/ptunnel-ng
Releases · utoni/ptunnel-ng
Last Release (for a long time)
SeLinux update, pcap improvment
- updated SeLinux policy file
- added SeLinux policy compile script
- list available pcap devices
- fixed build errors related to pcap
Minor changes
- change RNG device with
./configure --with-rngdev=path
, defaults to/dev/random
- fixes issues on systems with low entropy available (see: #11)
- fixes openwrt/packages#8517
Extended options and Bugfixes
- improved empty ping mode (by Masaq-)
- fixed NULL pointer derefs and division by zero
- more secure chroot
- CWE-126 workaround reported by codacy
- switched to /dev/random as RNG except for Windows
- fixed CLang related build errors
- fixed SEGFAULT when network not reachable (by Masaq-)
- added extended options for protocol tuning (by Masaq-)
- Systemd support (also in debian/rules)
- fixed compilation issues for Android targets
- fixed 100% CPU consumption when receive window is full but data via select() available (by Masq-)
Major Security Enhancement
- improved error logging
- introduced icmp_filter via setsockopt to filter unwanted icmp messages
- more "secure" random number generator
- fixed NULL deref and invalid memory access by elnerd
(https://github.com/elnerd) PoC: https://www.securityfocus.com/bid/54627/info
Android build support
- added Android build support (requires a root'ed device!)
- fixed ArchLinux PKGBUILD/AUR
Minor Improvments
- travis-ci, coverity integration
- xcompile issue for mingw-w64 fixed
- fixed wrong usage of format() specifiers
Coverity Issues Fixes
- Readme improvements
- Fixes a possible memory leak when a packet could not send
- Better error handling on socket descriptor creation
- All Coverity issues fixed
First PingTunnel-NG Release
- First public release
- Fixes a exploitable memory leak (proxy/forwarder) if using password
protected challenge response authentication. - Fixes an invalid memory write during a pcap capture.
- Full source refactoring. The code should be more readable imho.
- This project is now Autotools based.
Disable optional features: SeLinux, pcap. - Removed an already disabled and highly buggy feature: kPT_add_iphdr
- Added a more "GNU" alike option parsing.
- Support a user defined PingTunnel-NG magic value which is required
for bypassing Cisco IPS (and maybe other IDS/IPS/Firewalls).
This feature was well tested against Cisco's "IronPort" which
scans for fingerprints in an ICMP packet (PingTunnel magic value).