Rework package(), Add sipvicious.changelog

2 files changed, 194 insertions, 15 deletions

diff --git a/PKGBUILD b/PKGBUILD
index 8d96108b1db7..f661e3ea8bde 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -1,31 +1,44 @@
-# Maintainer: Franck Stauffer <franck.stauffer@protonmail.ch>
+# Maintainer: Franck Stauffer <franck.stauffer@monaco.mc>
 # Contributor: GI_Jack <iamjacksemail@hackermail.com>
 # Contributor: Xavier Devlamynck <magicrhesus@ouranos.be>
 
 pkgname=sipvicious
 pkgver=0.3.0
-pkgrel=2
-pkgdesc="SIPVicious is a set of tools that can be used to audit SIP VoIP systems."
+pkgrel=3
+pkgdesc="Set of security tools that can be used to audit SIP based VoIP systems"
 arch=('any')
 url="https://github.com/EnableSecurity/sipvicious"
 license=('GPL3')
 depends=('python>=3.6' 'python-scapy')
 makedepends=('python-setuptools')
-source=("$pkgname-$pkgver.tar.gz::https://github.com/EnableSecurity/$pkgname/archive/v$pkgver.tar.gz")
+changelog=$pkgname.changelog
+source=("$pkgname-$pkgver.tar.gz::https://github.com/EnableSecurity/sipvicious/archive/v$pkgver.tar.gz")
 b2sums=('5ddcdf775db0ade6e61e77009c7991d8523db02dbdd6e8588c23f5cd6f4d2868dd1d78e7f17322cde67414b4eb2b8c89f2d4ee0079487e5f5f7ee75f4759adf5')
 
 package() {
-  readonly _PROGS=('svcrack' 'svcrash' 'svmap' 'svreport' 'svwar')
+  cd "$srcdir/$pkgname-$pkgver"
 
-  cd $srcdir/$pkgname-$pkgver
-  
-  chmod +x setup.py
-  ./setup.py install --root=$pkgdir
+  python setup.py install --root="$pkgdir"
+
+  install -dm755 "$pkgdir/usr/share/man/man1"
+
+  # Install svcrack
+  gzip -c --best man1/svcrack.1 > "$pkgdir/usr/share/man/man1/svcrack.1.gz"
+  install -Dm755 "$pkgdir/usr/bin/sipvicious_svcrack" "$pkgdir/usr/bin/svcrack"
 
-  install -dm755 $pkgdir/usr/share/man/man1
-  for _PROG in "${_PROGS[@]}"; do
-    gzip -c --best man1/$_PROG.1 > man1/$_PROG.1.gz
-    install -Dm644 man1/$_PROG.1.gz $pkgdir/usr/share/man/man1/$_PROG.1.gz
-    mv $pkgdir/usr/bin/sipvicious_$_PROG $pkgdir/usr/bin/$_PROG
-  done
+  # Install svcrash
+  gzip -c --best man1/svcrash.1 > "$pkgdir/usr/share/man/man1/svcrash.1.gz"
+  install -Dm755 "$pkgdir/usr/bin/sipvicious_svcrash" "$pkgdir/usr/bin/svcrash"
+  
+  # Install svmap
+  gzip -c --best man1/svmap.1 > "$pkgdir/usr/share/man/man1/svmap.1.gz"
+  install -Dm755 "$pkgdir/usr/bin/sipvicious_svmap" "$pkgdir/usr/bin/svmap"
+  
+  # Install svreport
+  gzip -c --best man1/svreport.1 > "$pkgdir/usr/share/man/man1/svreport.1.gz"
+  install -Dm755 "$pkgdir/usr/bin/sipvicious_svreport" "$pkgdir/usr/bin/svreport"
+  
+  # Install svwar
+  gzip -c --best man1/svwar.1 > "$pkgdir/usr/share/man/man1/svwar.1.gz"
+  install -Dm755 "$pkgdir/usr/bin/sipvicious_svwar" "$pkgdir/usr/bin/svwar"
 }
diff --git a/sipvicious.changelog b/sipvicious.changelog
new file mode 100644
index 000000000000..120734fc85d9
--- /dev/null
+++ b/sipvicious.changelog
@@ -0,0 +1,166 @@
+v0.3.0 (20200129)
+* Port to Python 3! thanks to 0xInfection
+* IPv6 support for svwar and svcrack
+* svcrack now takes the --method option too
+* qop and md5-sess auth support added
+* lots of bug fixes
+
+v0.2.8 (20121210)
+* Feature: INVITE sends a BYE and supports ACK
+* Feature: man pages can be produced with --manpage and man pages are included
+* Bug fix: removed fingerprinting completely
+* Change: moved pptable.py and svhelper to libs/
+* Change: Number of changes to adhere to Debian's guidelines (copyright/license notices etc)
+* Bug fix: fixed an svcrack unhandled exception
+
+v0.2.7 (20120222)
+* Feature: svcrash.py has a new option -b which bruteforces the attacker's port
+* Feature: svcrack.py now tries the extension as password by default, automatically
+* Feature: svcrack.py and svwar.py now support setting of source port
+* Feature: new parameter --domain can be passed to all tools which specifies
+           a custom domain in the SIP uri instead of the destination IP
+* Feature: new --debug switch which shows the messages received
+* Bug fix: Sometimes nonces could not be extracted due to an incorrect regex
+* Bug fix: Fixed an unhandled exception when decoding tags
+* Bug fix: now using hashlib when available instead of md5
+* Bug fix: removed the space after the SIP address in the From header which
+           led to newer version of Asterisk to ignore the SIP messages
+* Bug fix: dictionaries with new lines made svcrack.py stop without this fix
+* Change: renamed everything to start with sv*
+* Bug fix: changed the way shelved files are opened by the fingerprinting module
+* Change: fingerprinting disabled by default since it was giving too many problems
+          and very little benefits 
+
+v0.2.6 (20100621)
+* Feature:  svcrash.py is a new tool for sending messages that crash svwar and 
+            svcrack
+* Bug fix:  helper.py has been fixed when decoding the tags (svcrash abuses 
+            this issue)
+
+v0.2.5 (20100519)
+* Feature:  svwar.py has "scan for default / typical extensions" option. This
+	    option tries to guess numeric extensions which have certain patterns
+	    such as 1212 etc. Option is -D, --enabledefaults
+* General:  svwar.py and svcrack.py now have a new option which allows you to set
+	    how long the tools will scan without receiving any response back.
+	    This allows us to prevent flooding the target. Some PBX servers now
+	    have built-in firewalls / intrusion prevention systems which will
+	    blacklist the IP address of anyone using svwar or svcrack. Therefore
+	    if the IP is blacklisted it makes sense to stop scanning the target.
+	    The default for this option is 10 seconds. Set this option by using
+	    --maximumtime [seconds]
+* Removed:  svlearnfp.py is now discontinued. The tool is still included for
+	    historic reasons but disabled.
+* Feature:  svmap.py now includes the following new features:
+			--debug - shows messages as they are received (useful for
+				    developers)
+			--first - scans the first X number of hosts, useful for
+				    random or large address pool scanning
+			--inputtext - scans IP ranges taken from a text file
+			--fromname - sets the from header to something specific
+				    useful for abusing other security issues or
+				    when svmap is used in a more flexible way
+				    then usual ;-)
+* Feature:  svreport.py now has two new modes:
+			- stats, which lists some statistics
+			- search, allows you to search through logs looking for
+				    specific user agents
+* Bug fix:  svwar.py now by default does not send ACK messages (was a buggy feature
+	    that did not follow the standard)
+* Bug fix:  svwar.py - the template passed through --template option is now checked
+	    sanity. 
+
+v0.2.4
+* Feature:  svwar.py can now scan for templated numbers. This allows more flexible
+            usage of ranges of numbers, allowing for prefixes and suffixes as
+            need be ;-)
+* Bug fix:  svwar.py now sends ACK to be nice to other devices.
+* Bug fix:  each tag is padded with a unique 32 bit
+* Bug fix:  Contact header is always added to the request to always send well
+            formed SIP requests
+* Bug fix:  Large data is sent fragmented now (mysendto)
+* Bug fix:  svwar.py now handles new SIP response codes
+
+v0.2.3
+* Feature:  Fingerprinting support for svmap. Included fphelper.py and 
+            3 databases used for fingerprinting. 
+* Feature:  Added svlearnfp.py which allows one to add new signatures to 
+            db and send them to the author.
+* Feature:  Added DNS SRV check to svmap. Use ./svmap.py --srv domainname.com
+            to give it a try
+
+v0.2.svn
+* Feature:  added the ability for svreport to count results when doing a list
+* Bug fix:  fixed a bug related to resuming a scan which does not have an
+	    an extension
+
+v0.2.1 (maintenance)
+General:
+* Feature:  updated the report function to include more information about
+	    the system. Python version and operating system is now included 
+	    in the bug report. option now supports optional feedback.
+* Feature:  Store information about the state of a session. Sessions can be 
+	complete or incomplete, so that you can resume incomplete sessions 
+	but not complete ones.
+* Feature:  Added -e option to svmap. Allows you to specify an extension. This
+	is useful when using -m INVITE options on a SIP phone.
+* Bug fix:  Added a check to make sure that the python version is supported. 
+	Anything less than version 2.4 is not supported
+* Bug fix:  IP in the SIP msg was being set to localhost when not explicitly 
+	set. This is not correct behavior and was fixed. As a result of this 
+	behavior some devices, such as Grandstream BT100 were not being detected.
+	Thanks to robert&someone from bulgaria for reporting this
+* Bug fix:  fixed a bug in the database which was reported anonymously via the --reportback / -R option.
+	Thanks whoever reported that. Bug concerns the dbm which does not
+	support certain methods supported other database modules referenced
+	by anydbm. Reproduced on FreeBSD. Thanks to Anthony Williams for help i
+	dentifying this
+* Bug fix:  Ranges of extensions in svwar could not take long numeric extensions
+	(xrange does not support long / large numbers). Thanks to Joern for reporting this
+* Bug fix:  svwar was truncating extension names containing certain characters. Fixed.
+* Bug fix:  when binding to a specific interface, the IP within the SIP message could be incorrect (when there are multiple interfaces). This has been fixed.
+* Cosmetic: Certain PBXs reply with "603 Declined" when svwar finds that the
+	extension does not exist. This creates extra noise. It is now being
+	suppressed.
+
+v0.2
+General:
+* Feature: replaced 3rd party functions in ip4range with our functions in helper.py
+* Feature: ReportBack function is off by default but can be enabled by using -R option
+* Feature: verbose and quiet mode. Now making use of logging module
+* Newtool: svreport - export to csv, pdf, xml and plain text. 
+* Feature: session / database support. This allows two things:
+	- resuming of previous scans
+	- exporting the results to more meaningful formats
+* Feature: give a warning when the default port is already being used and listen on another port
+
+
+Svmap:
+* Feature: Host arguments now accepts a variety of formats. You can now scan using ranges like the following:
+	- 1.1.1.1-20 1.1.1-20.1-10
+	- 1.1.1.*
+	- 1.1.1.1-1.1.2.20
+	- sipvicious.org/22
+* Bug fix: Generation of hosts to scan is now dynamic and does not slow down startup time
+* Feature: Now making use of the standard logging module with more logging to debug problems
+* Feature: When the port is already bound, svmap tries to listen on another port
+* Feature: Added options to allow you to specify the ip to bind to as well as the external ip address of the scanner
+* Feature: --help now shows proper usage
+* Feature: New scanning method - random scan! This scans only valid internet address space.
+* Feature: Randomize scan. Allows you to randomize the order of the IP addresses to be scanned. 
+
+Svwar:
+* Bug fix: Svwar was missing valid extensions (false negatives) - fixed
+* Bug fix: Logic bug which did not identify between a server that does not respond and one that sends an unexpected response.
+* Bug fix: Fixed description of errors and usage
+
+Svcrack:
+* General: --help output was updated to match the other tools. 
+
+Svreport:
+* General: was born. Allows managing of saved sessions and exporting to different file formats.
+* Feature: Reverse name lookup for ip addresses
+
+v0.1
+First release.
+