[Silica] SILICA v7.18
Oren Isacson
oren at immunityinc.com
Fri Oct 24 09:06:40 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Immunity is proud to announce the release of SILICA v7.18!
- - New client side exploit for Android's WebView addJavascriptInterface
Remote Code Execution (CVE-2013-4710). This is handled automatically by
SILICA's Fake-AP module.
- - New filtering feature added. Supply a list of newline-seperated MAC
addresses for the main wireless AP window and FakeAP tab. This way a
tester can track devices that only are registered with a particular company.
- - New feature to use CANVAS MOSDEF listeners. This feature is
implemented for the Android's WebView addJavascriptInterface Remote Code
Execution Exploit.
For any questions or support please email silica at immunityinc.com
Videos can be found at:
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Password stealing -
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov
AP less WEP cracking -
http://silica.immunityinc.com/AP_less_WEP_cracking.mov
Access point impersonation -
http://partners.immunityinc.com/movies/Access_point_impersonation.mp4
Custom traffic injection -
http://partners.immunityinc.com/movies/Traffic_injection.mp4
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
Key retrieval (WEP, LEAP, WPA1,2) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU02.mp4
Passive session hijacking (facebook, twitter, gmail etc) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU_01.mp4
SILICA Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBAgAGBQJUSk7gAAoJEIr/9BeaykZdpKQQAIOPcIJY4CBnV76WNipGFMGh
CA0ao/eVCq9YQybNO6wAi/+0ICojB3sIavNKf+LBSSxctXhXPRgUUTrd6FQXA+rW
1s+rjDxat/G3HrW58LYpwCiUSnFB3tn7A5ODlyO3nXgV8EA5MErkKeFIzdL2Sjue
0ecEZ61YulbCKd+xfBTQLFIL6kyQtM3pCc0PUbkEov0GQ/Or9UOzmSIbA7Al9Yl6
pgA1L+bxGTH4rC6+OQLhvMBAuGNhywbM10JhTnR6VSHsOv4vXfzSiDG6/1lqeQyd
Hk17cHRAX6Au4Qn4iW0CzLMxk7ccqBMoE6YrOIMAQowdDcDRA4+Sgs8pgW1ek1D5
la4iibgcrlUe63zoyahGjxHw8CvoOSaJWkRnZbt2OlWmAD1sFJU4GWEnAnC9TaX2
tj7fE8wj2+9TqkSjLJSQGRX3Uj+e+L4mcFeb3bx5tEq4BX4ngWE3Dx7xmoSAnJ9F
txumTYZsLoEKGbCwEvGxeU4zkTnsqV9goS9dAcuz4/7YtKHCn3Igkv4ojtAXj9bS
euOH4D3DRGYrCYmF/DchSvyFqsUj9YznHBoVN/q1ujD7VChBiI8jww5QUhQX+TBl
FHit6l6j86gofuXsxJ+BiZIcWtLn/PywR73eaLaoh5rUgzm7GyHSi5lfJsfaz2Cu
wd4HcZngS76RMWG1erPa
=4l3j
-----END PGP SIGNATURE-----
More information about the SILICA
mailing list