CURRENT_RELEASE Joxean Koret - Version 0.0.7

    * Fixed bugs in allmost all modules.
    * Added support for command line history and autocompletion (whenever
      readline is available).
    * Fixed various oracle module's documentation.
    * Added the first version of "anticrypt", a tool to detect the encryption
      algorithm used for a password hash. It saves a lot of time when auditing
      a (weak) encryption algorithm.
    * Added a Nikto plugin (Thanks you Sullo!).
    * Added module "archanix". Usefull to check old Unix boxes.
    * Many changes to PyShellcodelib (Thanks erg0t!).
    * Added a brute forcer for SMTP servers.
    * First release of the documentation by Andrew Brooks. Check the wiki
      available at http://inguma.wiki.sourceforge.net/ (Many thanks Andrew!).
    * Added 4 new Oracle exploit modules for CPUJAN2008.
    * Added a skr1pT k1|>i3 like module for the Oracle PL/SQL gateway flaw.
      Give a target & port and use "oragateway". The module will automagically
      guess the correct DAD and bypass technique. After it an SQL terminal
      will be opened.

2007-11-26 Joxean Koret - Version 0.0.6

    * Enhanced the module "sidguess". It now extracts the SID from Enterprise
      Manager banner. Thanks to Alexander Kornbrust!
    * Added more services to the identify module.
    * Added a brute force module for HTTP servers.
    * Renamed the directory "aux" to "auxi" to avoid problems in Win32.
    * Added a tool to known your external ip address. Util to check how
      anonymous an anonymous proxy server is ;) For more information navigate
      to http://inguma.wiki.sourceforge.net/externip.
    * Added various Oracle 8i, 9i and 10g SQL injection modules. A total of 5
      new modules.
    * Oracle payloads changed to use, when possible, the cursor injection
      technique.
    * Fixed bugs in whois module.
    * Added module nmbstat to gather NetBIOS information.
    * Enhanced the module firetest to make ICMP probes as well as TCP/IP
      probes. The probes are executed with an small MTU and with a common
      MTU (by default 16000).
    * Initial version of the Website (http://inguma.sourceforge.net).
    * Initial version of the Wiki (http://inguma.wiki.sourceforge.net).
    * Added a protocol scanner. Check what IP protocols enabled has a target.
      Take a look to the module "protoscan".
    * Initial version of PyShellCodeLib. A GPL'ed library similar to the well
      known InlineEgg.
    * Module SIDVault uses now PyShellCodeLib instead of InlineEgg.
    * Addedd module getmac to get the MAC address and the vendor name from a
      given IP address.
    * Added a module to poison ARP target's cache.
    * Fixed security paranoia bugs.
    * Added examples of the OpenDis framework. A tool called asmdiff.py has
      been added to do binary diffs as a well as other example that prints an
      OpenDis format database. See $INGUMA_DIR/dis/README for details.

2007-10-20 Joxean Koret - Version 0.0.5

    * Fixed too many bugs in the text and QT versions.
    * Fixed too many bugs in the modules section.
    * Added support to identify LDAP, RDP enabled servers and also some very
      old Unix services.
    * Added module "firetest" to test firewall configurations.
    * Added module "brutessh" to brute force SSH servers.
    * Removed many (stupids) sys.path.append (Thanks PH!).
    * Added module "bruteora" to brute force Oracle servers. It will check for
      every (commonly) possible user or for an specified user.
    * Removed scapereal from distribution. You can use it, of course, but you
      need to download it yourself.
    * Added a tool to crack MD5 hashes using freely available rainbow tables.
    * Added module "sidguess" to guess the SID of an Oracle Database instance.
    * Added module's option "help". Type "info <command>" to get the
      correspondient help.
    * _*Initial*_ shellcode support. See the SIDVault remote root exploit and
      $INGUMA_DIR/lib/libexploit.py for details. x86 support with InlineEgg.
      Thanks you Gera!
    * Added one exploit for the vulnerability in SYS.LT.FINDRICSET (CPU Oct. 2007).
    * Added a password cracker for Oracle11g.
    * Added a password cracker for MS SQL Server 7 and 2000.
    * Enhanced the Oracle PL/SQL fuzzer.

2007-10-03 Joxean Koret - Version 0.0.4

    * Added one module to check for the most common Oracle Appplications Server vulnerable
      urls.
    * Added "smbgold" module, to search in SMB/CIFS shares for interesting
      files (*.mdb, passwords.txt, ...).
    * Added "scapereal" to distribution. Run "sniffer", sniff a packet list and type "ethereal". You
      will see an ethereal like GTK Window showing all the sniffed packets in a graphical fashion.
    * First version of the GUI using pyqt.
    * Added a module to gather information from an Oracle TimesTen server.

2007-09-06 Joxean Koret - Version 0.0.3

    * Added a, non integrated, disassembler (you will need objdump). See
      dis/README for details.
    * Added a, non integrated, general purpose token based fuzzer. See
      krash/README for details.
    * Enhaced the Oracle PL/SQL fuzzer.
    * Added a TNS fuzzer. Use the tnscmd's option "fuzz".
    * Minor changes to the TNS Listener tool "tnscmd".
    * Support to "autoscan" a complete network (i.e., 192.168.1.0/24).
    * Now, it can "automagically" brute force username and passwords.
    * Added "libfuzz", a library to make easier the task of writing new fuzzers.
    * The module "identify" now can identify rmi, ocfs2, web servers, ftp servers, ssh servers,
      TNS listeners, CIFS/SMB compatible servers, LPD servers, Jet Direct printers, SMTP servers
      and MySQL servers. Sufficient for now (at least for me ;]).
    * Better support for Win32.
    * Basic plain text report support.
    * Better support for kb (knowledge base) files.
    * Better support for brute force modules.
    * Added the "interactive" option to launch in interactive or batch mode.
    * Autoscan can ignore specified hosts.
    * Autoscan is "SMB/CIFS" aware and can automagically brute force username and passwords.
    * Module "portscan" have been enhanced.
    * Rpcdump and samrdump can use username and passwords (brute forced or guessed).
    * Module "tcpscan" have been enhanced.
    * Minor fixes for various discover modules.
    * Added "libslp", a library (dissector?) for the Service Location Protocol.
    * The FTP fuzzer have been integrated.

2007-04-06 Joxean Koret - Version 0.0.2
    * Added knowledge base support (DANGEROUS!).
    * Added "whois" and "netcraft" discover modules.
    * Added brute force modules for FTP, IMAP, POP3 and SMB.
    * Added support for "autobrute".
    * Support to generate reports of the command "autoscan".
    * Many fixes mainly focused in Win32 support.

2007-02-16 Joxean Koret - Version 0.0.1
    * First public version. PRE-ALPHA

