[Silica] SILICA v7.22
oren at immunityinc.com
Tue Sep 8 13:25:40 EDT 2015
Immunity is proud to announce the release of SILICA v7.22!
- Group Policy Exploit for Microsoft Windows (MS15-011)
Tested on Windows 7 targets joined to Windows 2008 R2 domain
controllers (DC). The SILICA VM's host should be on the same network
than the DC, that means packets should be able to reach the DC, and
the DNS server address should point to the DC. This exploit was tested
while on FakeAp with service impersonation mode. When successful, this
module will make changes to some registry values under
on the target.
- SMB Transparent Proxy
When running a FakeAp with service impersonation, SILICA intercepts all
SMB packets. SMB traffic accessing ".exe" files will be modified to
include backdoors. This works as long as mandatory SMB signing is not
enabled on the target.
- Use-after-free in Adobe Flash Player (CVE-2015-5119)
This release also include some bug fixes, included:
- Issue with ARP scanning in man-in-the-middle/main-in-the-middle module.
- Issue with FakeAp module when handling large number of connections.
- Issue with FakeAp with service impersonation module with slow DNS
To view a demonstration of the SMB proxy and group policy exploit visit:
For any questions or support please email silica at immunityinc.com
Videos can be found at:
SSL attacks using SSL stripping and self signed certificates -
Password stealing -
AP less WEP cracking -
Access point impersonation -
Custom traffic injection -
General overview -
Wireless Window -
Key retrieval (WEP, LEAP, WPA1,2) -
Passive session hijacking (facebook, twitter, gmail etc) -
Pixie Dust WPS Attack -
More WPS attacks -
More information about the SILICA