[Silica] SILICA v7.48
Miguel Turner
miguel.turner at appgate.com
Wed Aug 3 18:46:17 UTC 2022
Immunity is proud to announce the release of SILICA v7.48!
Updated embedded Canvas version with additional exploits for the
"Attack" module:
+ CVE-2017-7504 - jbossmq_httpil_deserialization
Targets Red Hat Jboss Application Server <= Jboss 4.X
+ CVE-2021-41773, CVE-2021-42013 - apache_cgi_rce
Targets Apache 2.4.49 and Apache 2.4.50 on x64 Linux only
+ CVE-2022-0543 - redis_sandbox_escape_rce
Targets redis versions: 5:5.0.14-1+deb10u1, 5:5.0.3-4, 5:6.0.15-1
+ CVE-2022-1388 - f5_bigip_auth_bypass_rce
Targets unpatched versions of BIG-IP prior to v17
+ CVE-2022-29464 - wso2_file_upload_rce
Targets several WSO2 products via arbitrary file upload
Also:
It is now possible to select the exploits that the "Attack" module
will use
on the "Module Config" tab of the Settings dialog.
Videos can be found at:
Known APs Attack & Improved Deauthentication Attack -
https://vimeo.com/537915679
WPA traffic decryption using the Kr00k Attack -
https://vimeo.com/481719308
Network Printer Attacks -
https://vimeo.com/270182796
Bypassing WPA2 encryption using the KRACK attack -
https://vimeo.com/251369829
SILICA 7.31: Samba Server Exploitation -
https://vimeo.com/230656937
D-link and Microsoft WSUS Exploits -
https://vimeo.com/209259981
Fake Captive Portal Demo -
https://vimeo.com/198045435
Malicious Access Point Detection -
https://vimeo.com/177231337
Karma attack filtering and background WPA handshake sniffer -
https://vimeo.com/165882825
Access Point Mapping - https://vimeo.com/157178038
Full Karma Attack - https://vimeo.com/155393829
SMB proxy and group policy exploit - https://vimeo.com/136964755
SSL attacks using SSL stripping and self signed certificates -
https://vimeo.com/122117823
Exploiting Android WebView.addJavaScriptInterface -
http://vimeo.com/109831748
Pixie Dust WPS Attack - https://vimeo.com/130883860
More WPS attacks - https://vimeo.com/album/3385057/video/115337910
General overview -
http://www.immunityinc.com/movies/SILICA_7.5_New_Features.mov
Wireless Window -
http://www.immunityinc.com/movies/SILICA_Wireless_Window.mp4
SILICA Team
The information contained in this electronic mail is confidential information intended only for the use of the individual(s) or entity(s) named. If the reader of the message is not the addressee (or authorized to receive for the addressee), you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by reply e-mail and/or by telephone and destroy the original message.
More information about the SILICA
mailing list