[Silica] SILICA v7.39
Oren Isacson
oren at immunityinc.com
Wed Nov 20 19:07:53 UTC 2019
Immunity is proud to announce the release of SILICA v7.39!
- WPA/WPA2 client-less attack using PMKID
SILICA now supports WPA/WPA2 bruteforcing using PMKID data. This allows
SILICA to attack access points even when no stations (clients) are
present. When running the "Discover key" module, SILICA will try to
connect to the Access Point and parse the response for RSN PMKID data.
If present, it will store the handshake and commence bruteforcing
immediately. SILICA will also passively detect and capture any WPA
handshakes with PMKID data.
- DDE Close Handle Local Privilege Escalation (CVE-2019-0803)
An elevation of privilege vulnerability exists when Windows improperly
handles closes the objects handle at Dynamic Data Exchange. This
module will be run by SILICA automatically after a successful
exploitation.
Videos can be found at:
Network Printer Attacks -
https://vimeo.com/270182796
Bypassing WPA2 encryption using the KRACK attack -
https://vimeo.com/251369829
SILICA 7.31: Samba Server Exploitation -
https://vimeo.com/230656937
D-link and Microsoft WSUS Exploits -
https://vimeo.com/209259981
Fake Captive Portal Demo -
https://vimeo.com/198045435
Malicious Access Point Detection -
https://vimeo.com/177231337
Karma attack filtering and background WPA handshake sniffer -
https://vimeo.com/165882825
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
SILICA Team
More information about the SILICA
mailing list