[Silica] SILICA v7.31

Oren Isacson oren at immunityinc.com
Wed Aug 23 15:31:59 UTC 2017

Immunity is proud to announce the release of SILICA v7.31!

* Exploit module for SAMBA Remote Code Execution vulnerability.

This module exploits a vulnerability in SAMBA servers (CVE-2017-7494).
In order to use this exploit you need: write access to a SAMBA share,
and named pipes should be enabled in the SAMBA server. This module
was tested on Samba 4.1.6 (x86-64 and i386) on Ubuntu.

* Improved post-exploitation module for Linux.

After a Linux host is exploited, the post-exploitation module will now
extract saved WiFi credentials from the Network Manager, and screenshots
will be taken and saved in BMP format.

* Improved logging and status information.

A status information table shows information about current and past
actions started by the user. An error log tab was also added. Important
log entries are now shown in a different color.

Important bug fix: issue with the card not being detected in some OSX
hosts was fixed.

To view a demonstration of the new features visit:

Videos can be found at:
D-link and Microsoft WSUS Exploits -
Fake Captive Portal Demo -
Malicious Access Point Detection -
Karma attack filtering and background WPA handshake sniffer -
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
Exploiting Android WebView.addJavaScriptInterface -
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
Wireless Window  -


More information about the SILICA mailing list