[Silica] SILICA v7.15

Alex Iliadis alex at immunityinc.com
Thu Feb 21 16:56:33 EST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity is proud to announce the release of SILICA v7.15!


- - New VPN module for fake services under fake AP. This module will
impersonate a VPN PPTP server and answer the authentication request by
any client. Once the request is captured the username and the
challenge/response will be saved in the Reports directory and shown in
the information tab under passwords. The attack has been tested with
the native OS integrated software in the following platforms:

  + Android 4.x (tablet and phones)
  + IOS 5/6 (tablet and phones)
  + Mac OSX Snow Leopard and Mountain Lion (might work with other
versions too)
  + Windows 7 and XP (might work with other versions too)
  + Linux Network Manager

- - Added exploit for MBeanInstantiator.findClass Remote Code Execution
(CVE-2013-0422) in MITM and Injection modules

- - Added support for reading PKI (airpcap, kismet etc.) PCAPs


Videos can be found at:

Password stealing -
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov
AP less WEP cracking -
http://silica.immunityinc.com/AP_less_WEP_cracking.mov
Access point impersonation -
http://partners.immunityinc.com/movies/Access_point_impersonation.mp4
Custom traffic injection -
http://partners.immunityinc.com/movies/Traffic_injection.mp4
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window  -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
Key retrieval (WEP, LEAP, WPA1,2) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU02.mp4
Passive session hijacking (facebook, twitter, gmail etc) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU_01.mp4


SILICA Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlEmmBEACgkQ1j41DNEdEgjtQwCdHIDI6/Bp3SDKa/1EP+k1xozR
l38An3+RTMvVx7xf4DPWwytQ1zWTC9RX
=7Pz8
-----END PGP SIGNATURE-----


More information about the Silica mailing list