[Silica] SILICA v7.36
oren at immunityinc.com
Tue Jan 15 15:52:23 UTC 2019
Immunity is proud to announce the release of SILICA v7.36!
- FakeAp Mana Mode:
The FakeAp karma option now implements the attack known as "mana":
build a per-mac view of the proximate network list, and respond to
broadcast probes with direct responses for each proximate network list.
This allows to attract more client devices than the previous karma
- EAP Relay Attack:
When trying to connect to a network using 802.1X authentication, SILICA
will now launch an EAP Relay Attack if the credentials are unknown.
This attack will allow SILICA to join the network after a
man-in-the-middle attack on a legitimate client device trying to join
Notes: two wireless cards are needed for this attack, and this attack
only works on PEAP-EAP-MSCHAPv2 at this time.
Videos can be found at:
Network Printer Attacks -
Bypassing WPA2 encryption using the KRACK attack -
SILICA 7.31: Samba Server Exploitation -
D-link and Microsoft WSUS Exploits -
Fake Captive Portal Demo -
Malicious Access Point Detection -
Karma attack filtering and background WPA handshake sniffer -
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
Wireless Window -
More information about the SILICA