[Silica] SILICA v7.27

[Oren Isacson]

Immunity is proud to announce the release of SILICA v7.27!

In this SILICA Release we have ramp up our Client-Side exploitation
capabilities, including our most successful CANVAS exploits.

We add Clientside exploitation capabilities to our HTTP traffic on
encrypted networks in FakeAP. We include some updates in our
post-exploitation capabilities, upgrading our Wifi Key dumper to all
windows version.

Enjoy it!


Changelog:

- Updated embedded Canvas version, including new clientside exploits:

* adobe_flash_id3 (CVE-2015-5560, targeting Adobe Flash <= 18.0.0.209)
* adobe_flash_intoverflow_apply (silently patched in Adobe Flash >
17.0.0.169)
* adobe_flash_domainMemory_uaf (CVE-2015-0313)
* ms16_006_silverlight

- Clientside exploits will now also be injected in HTTP traffic when in
encrypted FakeAp mode.

- Wifi key dumper post exploitation module now supports all windows
versions and now saves the recovered keys in the "passwords" tab

- Probe responses are now used to identify hidden SSIDs

- Bug fixes:
    * issue with channel hopping in the AP Mapping Module
    * issue with Canvas output processing
    * issue with Canvas post-exploitation setting


Videos can be found at:

Malicious Access Point Detection -
https://vimeo.com/177231337
Karma attack filtering and background WPA handshake sniffer -
https://vimeo.com/165882825
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window  -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4


SILICA Team