[Silica] SILICA 7.9
Mark Wuergler
mark at immunityinc.com
Tue Apr 10 17:05:34 EDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Immunity is proud to announce the release of SILICA v7.9!
+ Client side exploit for Java AtomicReferenceArray Type Confusion
Sandbox Bypass (CVE-2012-0507).
* This is handled automatically by SILICA's Man-In-The-Middle,
Fake-AP and custom injection modules.
+ Browser auto-complete attack to retrieve saved passwords that the
browser has saved automatically
* Support for sites such as Twitter, Facebook, Gmail, Linkedin,
Pandora, Reddit, RenRen.com, Slashdot.org, Match.com and other popular
sites.
* This is one of the content injection attacks discussed at
INFILTRATE 2012 Secrets in Your Pocket: Analysis of [Your] Wireless
Data by Mark Wuergler
*
http://www.immunityinc.com/infiltratemovies/movies/markwuergler_Secretsinyourpocketanalysisofwirelessdata.mp4
+ Interface
* New column showing information from Cisco access points such as
the connected clients and hostname
* Info tab storing all passwords SILICA has automatically retrieved
during an attack (i.e. browser auto-complete)
* New column showing the data activity of APs and clients
You can see the browser auto-complete attack in action at the
following location:
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov
Other videos can be found at:
http://immunityinc.com/products-silica.shtml
If you have any further questions on updating please check our online
manual at: http://www.immunityinc.com/downloads/silica.pdf
SILICA Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk+EoJkACgkQorg+tja2+6CGkQCfSRFaAhO8SGwSWrhQOQvbsDvP
VKIAoKdFliQMbA0mC8qIDnL0sSCaa2Bj
=dJ+T
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: auto-complete-passwords.png
Type: image/png
Size: 93558 bytes
Desc: not available
URL: <https://lists.immunityinc.com/pipermail/silica/attachments/20120410/63e121f0/attachment-0001.png>
More information about the Silica
mailing list