[Silica] SILICA v7.17

Alex Iliadis alex at immunityinc.com
Wed May 22 15:18:15 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Immunity is proud to announce the release of SILICA v7.17!


- - New probe window:

  + Added color coding easy to exploit factor for probe requests takes
into account the following information:
    . Common name of probe request
    . Signal level of client
    . Last seen time
    . If there is a key

  + Added new columns:
    . Probe count, allows us to determine if a client is still probing
for a network
    . Channel, for better replication of fake AP
    . Quality, signal levels to see if the client is distant
    . Last time seen

  + Added coloring code of how active a client is, follows the same
scheme as the network listing window

  + Added column sorting similar to the network listing window



- - Dynamic SSL certificate creation based on the detected CNAME of the
connecting host and caching

- - New HTTPs module for fake answers, captures BasicAuth/OAuth
credentials, SSL Cookies, automatic phishing for all popular websites:
  Facebook, Twitter, Gmail, Amazon, Ebay, Hotmail, Yahoo, Linkedin,
Pandora etc. It can be extended to work with any website.

- - New SMTPs module for fake answers, captures emails and the following
authentication methods:

  + CRAM-MD5, getting the username and encrypted password
  + LOGIN, getting the username and password
  + PLAIN, getting the username and password

  Also extended supporting STARTTLS dynamic socket upgrade to SSL


- - New POP3s module for fake answers, captures login credentials

- - New IMAPs module for fake answers, captures login credentials

- - Updated fake DNS module to intelligently send back responses to
clients. The logic is that if any of the fake answer modules has
captured useful information the DNS module will then send the real IP
and allow continuation of service instead of delivering our IP,
increasing the sophistication of the attack and making it seemless to
clients.


- - New key recovery method for VPN credentials. If the VPN fake answers
module captures a handshake it can then be loaded to the offline key
recovery tab to find the password.

- - New key recovery tab now automatically identifies the type of the
capture file and loads the right module. It supports the following key
recovery options:

  + LEAP
  + WPA1,2
  + VPN

- - Added new preference option to set a static IP instead of using DHCP


For any questions or support please email silica at immunityinc.com


Videos can be found at:

Password stealing -
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov
AP less WEP cracking -
http://silica.immunityinc.com/AP_less_WEP_cracking.mov
Access point impersonation -
http://partners.immunityinc.com/movies/Access_point_impersonation.mp4
Custom traffic injection -
http://partners.immunityinc.com/movies/Traffic_injection.mp4
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window  -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
Key retrieval (WEP, LEAP, WPA1,2) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU02.mp4
Passive session hijacking (facebook, twitter, gmail etc) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU_01.mp4


SILICA Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlGdGfcACgkQ1j41DNEdEgjnMwCdFEy6KOo75O57fwoOPNT4syci
j8UAn2dg7ebwjo1NYMWV5WMM3aDr5TvI
=zRvU
-----END PGP SIGNATURE-----


More information about the SILICA mailing list