Softpedia >Windows >Network Tools >Network/IP Scanner >WinFingerprint >  Changelog

WinFingerprint Changelog

What's new in WinFingerprint 0.6.2

Mar 4, 2011
  • Upgraded NSIS to 2.06
  • NSIS: No longer deletes MFC DLLs on uninstall.
  • NSIS: Verify OS is not 95, 98, or Me before installing since those OSes are unsupported.
  • Fix ICMP Traceroute support for NT 2000 and NT4 by using LoadlLibrary icmp.dll.
  • Actually FreeLibrary()s.
  • Improve RPC Bindings Enumeration output.

New in WinFingerprint 0.6.1 (Mar 4, 2011)

  • Don't call LoadLibrary/GetProcAddress every time ICMP_Traceroute() is called.
  • Move member variable initialization to Class constructor where it belongs. This removes lots of SetWindowText() and SetCheck() calls in OnInitDialog();
  • Our IP Address was available in three different structs populated in OnInitDialog(). Remove redundant function calls.
  • Move all WinPcap related initialization from Dialog Class to Engine Class where it is used only by the TCP_Raw_Sockets() function when Winpcap is available. This cleans up lots of code.
  • Move interface information gathering out of TCP_Raw_Sockets() since it was called once for every destination IP Address. Now only call once upon initialization to improve performance.
  • Do not perform TCP connect() checks for TCP 445 and 139 if no NetBIOS over TCP options are checked.

New in WinFingerprint 0.6.0 (Mar 4, 2011)

  • Added ICMP Traceroute.
  • Added WMI User and Group enumeration functions.
  • Added WMI NetBIOS shares enumeration which also checks for accessiblity with current credentials.
  • Added Database hooks so that winfingerprint can write output to MySQL database in a future release.
  • Fixed WMI and Active Directory enumeration methods. They have both been broken since December 22, 2003 without anyone submitting a bug report!?
  • Fixed Network Neighborhood enumeration.
  • Fix bug in TCP SYN scan where IP address of first UP interface was used instead of selected interface.
  • WMI Services enumeration was not hooked to Launch() function so it was never called.
  • ADSI User, Group, and Service Enumerations which all use the same API call now display only the results from the enumeration options selected from the GUI rather than all of them.
  • NetBIOS shares are now reported with NetBIOS name rather than IP Address when possible. Report "Accessible with current credentials" instead of "Accessible without password".
  • Remove duplicates for WMI and Net Transport MAC Addresses.
  • Limit NetBIOS, Domain, and MAC output from UDP packet output.
  • Renamed Registry option to "Patch Level" because two methods are used, either WMI or Registry querying.
  • Renamed NBT Information to MAC Address and cleaned up all methods to only report the MAC address.
  • Began standardizing output. Supressed NBT check output for TCP 139/445.
  • Perform Computer SID lookup for WMI and ADSI enumerations.
  • RPC Enumerations have long been disabled under WMI due to a crash. The cleanup process has apparently fixed this crash so it is reenabled.
  • TCP SYN scans against localhost are skipped when winpcap is present. Now fallback to TCP connect() scan for localhost when winpcap is present.
  • Upgrade to NSIS 2.03. Dramatically improved winfingerprint installer script.

New in WinFingerprint 0.5.13 (Mar 4, 2011)

  • Dynamically link wpcap.dll and packet.dll. Winfingerprint will now again work without WinPcap although TCP SYN portscans will be unavailable.
  • Automatically fall back to TCP non-blocking connect TCP scans if WinPcap is not available.
  • Do not TCP SYN scan the local computer (when winpcap is available) as it will fail.
  • Test for NetBIOS over TCP presence with TCP connect() rather than TCP SYN as it has proven to be much more accurate.

New in WinFingerprint 0.5.12 (Mar 4, 2011)

  • Fixed ICMP bug reported by nausicaa2. This logic bug has existed for a long time, but was uncovered with the new lowered "Retries" default.
  • Fixed TCP SYN Scan timing bug that would be present only when Ping hosts option was not selected.
  • Various select() bug fixes and improvements in TCP connect() and ICMP code. Improved ICMP Error Code and Type messages.
  • Consolidated redundant ErrorHandling code.
  • Removed a debugging return; IP Range bug which caused this option to not work for almost a full year. (Fixed in 0.5.11a Release).
  • Improved bpf filtering for TCP SYN scanning.
  • Various Installer updates including GPL License, fix broken directory selection, TCP/IP tuning registry entry.

New in WinFingerprint 0.5.11 (Mar 4, 2011)

  • Removed debugging information accidentally left in 0.5.10.
  • Only ping host until you receive one ICMP echo reply. No need to waste time with additional ICMP echo requests.
  • Also keep trap of ICMP echo reply time and use it for TCP SYN timings.
  • Report when target host does not support NetBIOS over TCP. 0.5.10 introduced the logic to skip SMB queries against hosts that did not respond to a TCP SYN on port 445 or 139.
  • Given an IP address and not a hostname, ping host to see if it responds before attempting DNS resolution. This increases performance against hosts that are not up as Win32's gethostbyname and gethostbyaddr will fallback and attempt NetBIOS resolution.
  • Do a better job at obtaining local IP address. Ensure interface is both up and not loopback.
  • Ability to stop in the middle of TCP SYN scan.
  • Fixed bug on multi interfaced systems where internal pcap interface was not synchronized with internal win32 interface causing SendArp to be unable to retrieve default gateway MAC address needed for TCP SYN scans.
  • On Single Scan type, Stop button was not reverting back to Exit button upon completion

New in WinFingerprint 0.5.10 (Mar 4, 2011)

  • Added TCP SYN port scanner. As of 0.5.10, winfingerprint requires WinPcap.
  • (3.01alpha or better is recommended)
  • TCP non-blocking connect() scans are now only performed against ports that would return banners (21,22,23,25,80,110,119,143, 443) and that were found open with the SYN scan.
  • Winfingerprint now performs a TCP SYN against TCP 445 and 139. If neither of these ports return a SYN|ACK then all SMB queries will be skipped. (The queries would be unsuccessful anyway).
  • Peter Kuznetsov [[email protected]] pointed out several memory leak problems in the NET_* functions. Went through and standardized on his proposed fix.
  • Peter Kuznetsov [[email protected]] also found some problems in the TCP and UDP sockets function related to lpsock.
  • winfingerprint-cli was performing a _flushall() call that was breaking list input.
  • Winfingerprint and winfingerprint-cli now both report hostname lookup failure, rather than just skipping host.

New in WinFingerprint 0.5.9 (Mar 4, 2011)

  • Fixed memory leaks in ADSI_OSVersion(), ADSI_Services_Users_Groups(), and NET_Local_Groups() reported by shadowfen.
  • Fixed crashes in WMI Enumerations due to an incorrect SysFreeString() reported by many, fix suggested by shadowfen.
  • Fixed TCP Port Banner Grabbing
  • Fixed memory leak in Net_Shares
  • Fixed RichEdit Control text insertion bug

New in WinFingerprint 0.5.8 (Mar 4, 2011)

  • Netmask and Inverted Netmask support for IP Range and IP List scan types.
  • Fixed RegQueryValueEx() access level consistency within Registry function.
  • Added WMI query support for OS, Services, Service Pack, HotFix,and MAC Address Enumeration. (Requires Administrative Privileges on remote system).
  • Rewrote the WfpEngine class, breaking NET, ADSI, and WMI queries into their own functions with consistent naming conventions.
  • Changed "Transports" option name to "NBT Info" so that it is more obvious that this option is similar to nbtstat / nbtscan. Also modified output to now include DOMAIN in addition to COMPUTERNAME and MAC Address.
  • Fixed Index in Help.

New in WinFingerprint 0.5.7 (Mar 4, 2011)

  • Ping function now respects winfingerprint's number of retries. Output also looks more like ping.exe
  • Fixed a bug where Registry connections were not being properly closed (sometimes).
  • Increased limit of ephemeral ports from (1024-5000) to (1024-65534) via optional install-time registry setting.
  • Decreased the TIME_WAIT time from the default 4 minutes to 30 seconds via optional install-time registry setting.
  • TCPSockets() and UDPSockets() now use a dynamically allocated doubly-linked list instead of a staticly allocated buffer to hold socket information structure.
  • Fixed bug where targets supplied with a hostname would not be properly pinged, or tcp/udp portscanned. This bug was introduced with the new Resolver() function which appeared in 0.5.6
  • Propery close raw sockets in ICMPSockets()

New in WinFingerprint 0.5.6 (Mar 4, 2011)

  • Rewrote TCP and UDP Portscanner code.
  • Only intialize/unititialize COM dll once per thread.
  • Active Directory Session Enumeration now displays seconds connected/seconds idle like the NT Domain version.
  • Allow user to control number of retries and maximum connections.
  • Added "sqlping" feature with permission from [email protected].
  • Now only performs inet_addr() gethostbyname() and gethostbyaddr() once in new Resolver() function.
  • Moved ip_address, dns, szComputerM, and szComputerW into a node struct which is now passed to all functions.
  • Added a patch (with some of my own modifications) from Peter Kuznetsov. Now the List of IPs option supports a list of ranges in the following format "192.168.1.1 - 192.168.1.15"
  • Cursor changes to hand over richedit control hyperlinks. Thanks Mike Davis.
  • Cleaned up RPC bindings output and nbtstat query MAC addresses

New in WinFingerprint 0.5.5 (Mar 4, 2011)

  • NetBIOS connections if successful are now properly disconnected reported by Kuang Kuo Liu.
  • HTTP,FTP,and Telnet services now show RichEdit2 hyperlinks properly.
  • SNMP functionality Huge thanks to Kuang Kuo Liu for supplying an ASN parsing function. I had existing SNMP code, but it was disabled.
  • Password Policy Enumeration when Users option is checked also thanks to Kuang Kuo Liu.
  • Bindings Enumeration also thanks to Kuang Kuo Liu.
  • TCP Portscans fixed for winfingerprintcli.exe (command line version).
  • New Show Errors Checkbox. Error Messages are turned off by default now for cleaner reports.
  • SMB Fingerprinting is no longer a forced option even if not selected.
  • Security Event Log enumeration is now enabled although it still needs some work.