[Silica] RSA things

Immunity Administrator admin at immunityinc.com
Mon Feb 25 16:21:19 EST 2013

Hash: SHA1


We wanted to let you know, if you're heading out to RSA this week Dave
will be around!

Catch him while he takes part in a panel with Andrew Jacquith where
they will be discussing Internet Gun Control

He'll also be walking around with SILICA so if you see him, make him
give you a demo!

If you don't see him, but still want to catch him for a SILICA demo
Tweet him @daveaitel

In case you're wondering if you need to see SILICA here's a list of
recent updates and features we've added:

- - - New VPN module for fake services under fake AP. This module will
impersonate a VPN PPTP server and answer the authentication request by
any client. Once the request is captured the username and the
challenge/response will be saved in the Reports directory and shown in
the information tab under passwords. The attack has been tested with
the native OS integrated software in the following platforms:

  + Android 4.x (tablet and phones)
  + IOS 5/6 (tablet and phones)
  + Mac OSX Snow Leopard and Mountain Lion (might work with other
versions too)
  + Windows 7 and XP (might work with other versions too)
  + Linux Network Manager

- - - Added exploit for MBeanInstantiator.findClass Remote Code Execution
(CVE-2013-0422) in MITM and Injection modules

- - - Added support for reading PKI (airpcap, kismet etc.) PCAPs

If you're not at RSA but would still like a demo or information about
SILICA just reach out to me!


- -- 
Vanessa Safie
Immunity Inc.
1130 Washington Ave - 8th Floor
Miami Beach, FL 33139
T. 786-220-0600
F. 786-513-8100
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/


More information about the Silica mailing list