[Silica] SILICA 7.9

Mark Wuergler mark at immunityinc.com
Tue Apr 10 17:05:34 EDT 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity is proud to announce the release of SILICA v7.9!

+ Client side exploit for Java AtomicReferenceArray Type Confusion
Sandbox Bypass (CVE-2012-0507).
  * This is handled automatically by SILICA's Man-In-The-Middle,
Fake-AP and custom injection modules.

+ Browser auto-complete attack to retrieve saved passwords that the
browser has saved automatically
  * Support for sites such as Twitter, Facebook, Gmail, Linkedin,
Pandora, Reddit, RenRen.com, Slashdot.org, Match.com and other popular
sites.
  * This is one of the content injection attacks discussed at
INFILTRATE 2012 Secrets in Your Pocket: Analysis of [Your] Wireless
Data by Mark Wuergler
  *
http://www.immunityinc.com/infiltratemovies/movies/markwuergler_Secretsinyourpocketanalysisofwirelessdata.mp4

+ Interface
  * New column showing information from Cisco access points such as
the connected clients and hostname
  * Info tab storing all passwords SILICA has automatically retrieved
during an attack (i.e. browser auto-complete)
  * New column showing the data activity of APs and clients

You can see the browser auto-complete attack in action at the
following location:
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov

Other videos can be found at:

http://immunityinc.com/products-silica.shtml

If you have any further questions on updating please check our online
manual at: http://www.immunityinc.com/downloads/silica.pdf

SILICA Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+EoJkACgkQorg+tja2+6CGkQCfSRFaAhO8SGwSWrhQOQvbsDvP
VKIAoKdFliQMbA0mC8qIDnL0sSCaa2Bj
=dJ+T
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: auto-complete-passwords.png
Type: image/png
Size: 93558 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/silica/attachments/20120410/63e121f0/attachment-0001.png>


More information about the Silica mailing list