[Silica] SILICA v7.35
Oren Isacson
oren at immunityinc.com
Mon Sep 17 14:06:42 UTC 2018
Immunity is proud to announce the release of SILICA v7.35!
- Updated embedded Canvas version with additional exploits:
+ CVE-2017-0143 - Windows SMB Remote Kernel Pool Overflow
The "Attack" module will now launch the ETERNALBLUE exploit. This
module was tested with Windows 7 X86 and X64 targets.
+ CVE-2017-11906 - WPAD/PAC Exploit via JScript Heap Overflow
The "Service impersonation" module will now launch the WPAD exploit
when a station joins the Fake Access Point. This module was tested
with Windows 10 X64 targets.
- Important bugfix: Fix issue with WEP cracking module that could
result on out of memory errors.
Videos can be found at:
Network Printer Attacks -
https://vimeo.com/270182796
Bypassing WPA2 encryption using the KRACK attack -
https://vimeo.com/251369829
SILICA 7.31: Samba Server Exploitation -
https://vimeo.com/230656937
D-link and Microsoft WSUS Exploits -
https://vimeo.com/209259981
Fake Captive Portal Demo -
https://vimeo.com/198045435
Malicious Access Point Detection -
https://vimeo.com/177231337
Karma attack filtering and background WPA handshake sniffer -
https://vimeo.com/165882825
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
SILICA Team
More information about the SILICA
mailing list