[Silica] SILICA v7.27

Oren Isacson oren at immunityinc.com
Wed Oct 12 14:40:59 EDT 2016

Immunity is proud to announce the release of SILICA v7.27!

In this SILICA Release we have ramp up our Client-Side exploitation
capabilities, including our most successful CANVAS exploits.

We add Clientside exploitation capabilities to our HTTP traffic on
encrypted networks in FakeAP. We include some updates in our
post-exploitation capabilities, upgrading our Wifi Key dumper to all
windows version.

Enjoy it!


- Updated embedded Canvas version, including new clientside exploits:

* adobe_flash_id3 (CVE-2015-5560, targeting Adobe Flash <=
* adobe_flash_intoverflow_apply (silently patched in Adobe Flash >
* adobe_flash_domainMemory_uaf (CVE-2015-0313)
* ms16_006_silverlight

- Clientside exploits will now also be injected in HTTP traffic when in
encrypted FakeAp mode.

- Wifi key dumper post exploitation module now supports all windows
versions and now saves the recovered keys in the "passwords" tab

- Probe responses are now used to identify hidden SSIDs

- Bug fixes:
    * issue with channel hopping in the AP Mapping Module
    * issue with Canvas output processing
    * issue with Canvas post-exploitation setting

Videos can be found at:

Malicious Access Point Detection -
Karma attack filtering and background WPA handshake sniffer -
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
Exploiting Android WebView.addJavaScriptInterface -
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
Wireless Window  -


More information about the SILICA mailing list