[Silica] SILICA v7.32
oren at immunityinc.com
Wed Jan 17 18:36:43 UTC 2018
Immunity is proud to announce the release of SILICA v7.32!
* KRACK attack: bypassing WPA2 encryption
SILICA can now perform a man-in-the-middle attack between a target
access point and the target devices that try to connect to the network.
When a vulnerable device tries to connect, SILICA will intercept the
packets and replay them in a way that will cause the device to install
an all-zero encryption key. SILICA will then carry-on with ssl-stripping
and ssl-spoofing attacks against the target device.
This module supported targets are wpa_supplicant 2.4 and 2.5, and was
tested on a stock Ubuntu 16.04.1 target.
Also included in this release:
Updated certificates for Fake AP in radius mode.
Compatibility fixes to the DHCP server.
Important Note: To make the KRACK attack work, SILICA requires two
wireless cards, as the fake access point needs to be on a different
channel than the real Access Point. The additional card could be any
wireless card that supports packet injection, however, Immunity will
*only* support the Alfa AWUS052NH 802.11n Dual Band 2.4/5 GHz Wi-Fi USB
Adapter which can be obtained here:
To view a demonstration of the new features visit:
Videos can be found at:
SILICA 7.31: Samba Server Exploitation - https://vimeo.com/230656937
D-link and Microsoft WSUS Exploits -
Fake Captive Portal Demo -
Malicious Access Point Detection -
Karma attack filtering and background WPA handshake sniffer -
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
Wireless Window -
More information about the SILICA