[Silica] SILICA v7.25

Oren Isacson oren at immunityinc.com
Mon May 9 11:28:43 EDT 2016


Immunity is proud to announce the release of SILICA v7.25!

- Background WPA handshake sniffer
  SILICA will always be listening for WPA handshakes. The captured
  handshakes can be used later for cracking the pre-shared key using a
  dictionary attack.  Only the last valid handshake is stored for each
  AP, older ones are discarded. A visual indication for Access Points
  for which a handshake has been captured is displayed in the Network
  Listing Tab.

- SSIDs and MACs filters in Karma Mode
  Allows full control of which network names are spoofed in Karma Mode,
  and which stations are allowed to join the fakeAp.

- Better support for radius in fakeAP:
  * Authentications attempts are logged and the hashes stored on the
  password tab.
  * Return EAP-Success to try to get clients to log to our fakeAP.

- Better logging of stations actions (association, connection,
  disconnection) when in fakeAP mode.

- Fixed issue with the wordlist generator.

To view a demonstration of these new features visit:
https://vimeo.com/165882825

Videos can be found at:

Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
Password stealing -
http://partners.immunityinc.com/movies/Silica-BrowserAutoFill-Take2.mov
AP less WEP cracking -
http://silica.immunityinc.com/AP_less_WEP_cracking.mov
Access point impersonation -
http://partners.immunityinc.com/movies/Access_point_impersonation.mp4
Custom traffic injection -
http://partners.immunityinc.com/movies/Traffic_injection.mp4
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window  -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
Key retrieval (WEP, LEAP, WPA1,2) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU02.mp4
Passive session hijacking (facebook, twitter, gmail etc) -
http://partners.immunityinc.com/movies/Lightning_Demo_SilicaU_01.mp4


SILICA Team



More information about the SILICA mailing list