[Silica] SILICA v7.37
oren at immunityinc.com
Thu Mar 28 19:18:32 UTC 2019
Immunity is proud to announce the release of SILICA v7.37!
- Neighborhood Graph Visualization:
This new visualization allows the user to view a graph of related
networks, Access Points, SSIDs, and client devices for a given
wireless device. This graph can be useful for looking for rogue
access points, or for figuring out how to attack an access point by
attacking its stations.
- DHCP client Command Injection Exploit:
This module exploits a command injection flaw in the Network Manager
script included in the DHCP client packages in Red Hat Enterprise
Linux. This module will try to exploit the vulnerability in devices
that join SILICA's Fake AP.
- Improved KRACK attack detection:
SILICA will passively sniff for encrypted WPA traffic and try to
decrypt it using an all-zero key. If the decryption succeeds, the
BSSID of the encrypted traffic will be shown in red in the Malicious
Access Point Detection tab.
Updated OUI database.
Videos can be found at:
Network Printer Attacks -
Bypassing WPA2 encryption using the KRACK attack -
SILICA 7.31: Samba Server Exploitation -
D-link and Microsoft WSUS Exploits -
Fake Captive Portal Demo -
Malicious Access Point Detection -
Karma attack filtering and background WPA handshake sniffer -
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
Wireless Window -
More information about the SILICA