[Silica] SILICA v7.31

[Oren Isacson]

Immunity is proud to announce the release of SILICA v7.31!

* Exploit module for SAMBA Remote Code Execution vulnerability.

This module exploits a vulnerability in SAMBA servers (CVE-2017-7494).
In order to use this exploit you need: write access to a SAMBA share,
and named pipes should be enabled in the SAMBA server. This module
was tested on Samba 4.1.6 (x86-64 and i386) on Ubuntu.

* Improved post-exploitation module for Linux.

After a Linux host is exploited, the post-exploitation module will now
extract saved WiFi credentials from the Network Manager, and screenshots
will be taken and saved in BMP format.

* Improved logging and status information.

A status information table shows information about current and past
actions started by the user. An error log tab was also added. Important
log entries are now shown in a different color.

Important bug fix: issue with the card not being detected in some OSX
hosts was fixed.

To view a demonstration of the new features visit:
https://vimeo.com/230656937

Videos can be found at:
D-link and Microsoft WSUS Exploits -
https://vimeo.com/209259981
Fake Captive Portal Demo -
https://vimeo.com/198045435
Malicious Access Point Detection -
https://vimeo.com/177231337
Karma attack filtering and background WPA handshake sniffer -
https://vimeo.com/165882825
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window  -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4


SILICA Team