This version introduces l7-patterns classifier for all flows not decoded, also there is the improvement of the real time acquisition, new features for the XI (Xplico Interface) and many bugs fixes.
- l7-patterns for all flows/protocols not decoded by xplico
- Xplico Interface (XI) improved
- python3 porting of many scripts
- realtime capture module improved
- facebook chat realtime view
- UTC/localtime bug fixes
- l2tp dissector bug fixes
- cli and lite dispatchers bug fixes
- telnet dissector bug fixes
- trigcap bug fixes
- new script named session_mng.pyc to facilitate the creation of new case and/or new session from command line
We thank naif for his support and his availability.
The decoding performance are:
- from command line: 5.9 MB/s
- from Xplico Interface (XI) with SQLite DB (=> lite dispatcher): 1.76 MB/s
- from Xplico Interface with MySQL DB (=> ximysql dispatcher): 4.09 MB/s
measured on an Aspire 5633WLMi (Intel Core 2 Duo processor T5500 with 1GB RAM an HD IDE controller) with the pcap http://domex.nps.edu/corp/scenarios/2009-m57/net/day11-18.dmp.zip (851 MB).
As always: Enjoy !
In this version new dissectors, new features and obviously many bugfix:
- Paltalk chat dissector
- MSN dissector (beta basic version)
- XI Cookie hijacking
- XI pagination for Images and Web
- XI XSS fixed
- XI bugfix
- Tim Hentenaa for his Paltalk reverse engineering
- Steve-William KISSI to have found various XSS
- Daniele Franchetto for MSN dissector
- Michele Dallachiesa for cookietools
In this version there are bugfix, dissectors improvements and new features:
- XI configuration pages
- XI administator pages
- XI multi-user
- IRC dissector
- ARP/RAP dissector
- radiotap dissector
- GeoMap latitude and longitude selectable from XI
- CLI decoding directory (xdecode) selectable
- Telent dissector with PIPI
- Paltalk Express dissector and aggregator (basic version)
- sftp/scp pcap files upload
Any feedback is welcome.
You can download source code and Ubuntu 10.04 package here.
This version brings some improvements and fixes some bugs too serious.
- RTP, FTP, Telnet, SIP dissectors improvements
- RTP bug fix
- Xplico Interface XSS Vulnerability fixed
- Xplico Interface updated to CakePHP 1.2.7
- new tool named trigcap to manage pcap
- new version (0.63) of videosnarf
- Maximiliano Soler from Security-Database and Marcos Garcia from Zero Science Lab for finding the vulnerability (XSS) and for helping us.
- Alex Antão for having supported us in finding a bug in RTP
You can download VirtualBox.org image, source code and Ubuntu 10.04 package here.
- HTTP reconstruction file. ie: files downloaded with tools like DownThemAll
- undecodec UDP and TCP “stream” with textual content
- RTP dissector
- SIP dissector
- SDP dissector
- Improved XI
- many bugfix
This version of the SIP and RTP dissectors is not optimal. The (media) contents currently decoded have the following characteristics (limitations) :
- only audio
- audio codec: G711ulaw, G711alaw, G722, G729, G723 and G726
- only static RTP payload type
We have to thank:
- Michele Dallachiesa, for his wonderful tool rtpbreak and for his papers on VoIP protocols
- UCSniff Team for their tool VideoSnarf
- Carlos Gacimartín, for his help and for Virtualbox Image
- Massimiliano Dal Cero for his help with flash application
- all forum users for their debug
You can download VirtualBox.org image, source code and Ubuntu 9.10 package here.
In this version:
- migrating to SQLite3
- telnet dissector
- webmail dissector
- webmail manipulator: Yahoo!, AOL, Hotmail (all without attachments)
- Improved LLC dissector
- Improved XI
- script to check new release (only in source code)
Hotmail (Live) depends on the language. Currently the languages supported are Italian and English.
Any feedback are welcome: forum.
You can download VirtualBox image, source code and Ubuntu 9.10 package here.
This version of Xplico introduce new and important features:
- Facebook web chat dissector
- New XI based on CakePHP 1.2.5
- New representation of images
- For each image you can see (with the proxy enabled) the page where the image is contained
- WLAN and LLC basic dissectors
- HTTP dissector Improvements
You can download source code, Ubuntu 9.10 package and VirtualBox.org image here.