************************ 0.9c ************************ -aimSniff.pl *Made a slight modification because of a slight security vulnerability. ************************ 0.9b ************************ -aimSniff.pl *Did a check to make sure that we support the family identified *Fixed the AIM Logins section so that it would print a login if it didn't know the machinename or usermame (if smb is enabled) *Do some checks to avoid some errors (real descriptive right?) *Removed a statement that was printing ARG: $arg -install.pl *Incremented AS ver. number ************************ 0.9 ************************ -aimSniff.pl *Better stability *Better implementation of parent/child process controls with the ability to restart a child if it takes up too much of the cpu *The handles file is now a db file, so previous versions will not work *New command line switch: *--dumpHandles *New config file options: *useSyslog=1 *parentPollTimeout=10 *childCPUMaxPct=80 *New dependencies: *Proc::Simple *FileHandle *Unix::Syslog *GDBM_File -install.pl *Initial Release ************************ 0.8 ************************ -aimSniff.pl *Quite a bit of code modification to prevent infinite loops (should have been fixed a while ago), special thanks to Kogi *Added the ability to specify a file to store handles and ip address relationships to fill in both from/to fields on messages, see the forums on www.aimsniff.com for more info. ************************ 0.7 ************************ -aimSniff.pl *Count number of messages, logins, chats, and file xfers and display on exit *Get chat room joins *Get chat room messages *Allow output to be piped through other programs, (grep, tee, etc.) (requires FileHandle) *Ability to run as a daemon process (requires Proc::Daemon) *Ability to dump output to a flat file *Fixed a bug in getVersion *Fixed a bug in a lot of the functions that process TLV's so that it doesn't quit if it gets a length longer than the rest of packet. *Some changes made to the &getFile function to fix some bugs *Added -D (daemon) option and -O=filename (output file) to --help ************************ 0.6 ************************ -aimSniff.pl *Intercepts Ctrl-C and prints statistics before exiting *Changed @sqlAdd to an associative array for better flexibility *moved &msgClean function to &printOUT function so that messageswith HTML go into the database with HTML. This way you can see the messages as they were sent on the webpage. *Can now detect file transfers and tell you the file name being sent along with the ip address, port, and any message sent with the file *Can now get AIM Version information from a login *Changed the RegEx in &familyFind to be more generic *removed spaces in $dataset before returning it from &familyFind *adjusted &getSignon to not look for spaces *added &idFind to get 2 byte channel id before handle length and handle is setn *&msgFind added ability to get length of message *&mysqlAdd to accept more generic functions *Adjusted the way &printOUT displays messages as per David Britten's reccomendations *Added &getVersion and &getFile for obvious use *Added &convertHex to convert hex to strings *Added &LeaveNow to print statistics before quitting *Will get login information even if SMB isn't enabled -aimsniff.cgi *retrieves version information when a handle is clicked ************************ 0.5 ************************ -aimSniff.pl *Fixed a bug with the parsing of incoming messages *Fixed a bug in the function to detect a user login *Changed how the data portion of a packet is treated, changed from utf8() which was losing some parts of the data, to utf16() *Fixed a bug in mysqlAdd to remove /\\0/ from the quoted entries before inserting into the db *Found out that there is a 16 byte string that is passed between the Family ID and the length of the user's handle *Thanks to Marcus Young for pointing out that the length of a user's handle is sent just before the handle *Left HTML in the detected messages when inserting into the db *Parsing information out of the packet should be more reliable it's a constant work in progress though as I find out new things about how AIM packages their messages. Feel free to send me any ideas or findings. -aimsniff.cgi *Added the ability to sort findings *Added the ability to scroll through multiple pages of information *Added the ability to click on an AIM name and get info about them as well as any messages involving them ************************ 0.4 ************************ -Check for ACK PUSH in the packets before processing -Fixed code that finds the family information -Added --getHandles switch to perform a lookup on the handles table and find out who messages are coming from in the logs table and update that field -Changed some formatting of the code to make it easier to read -Altered the database table structures ************************ 0.3a ************************ -Changed README File to a new description of the program -Corrected dependencies listed in README to include: *Unicode::String *DBI::mysql *SAMBA ************************ 0.3 ************************ -Ability to read options from a config file -Option to perform SMB lookups when a user logs onto AIM in order to get their NT domain username -Dump the SMB information into the database -A couple of error check were thrown in -Completely replaced teh Data::Hexdumper module with Unicode::String ************************ 0.2 Initial Release ************************