This module exploits a vulnerability in apt to achieve remote code execution. The vulnerability is caused by incorrect sanitation of the 302 redirect field in the HTTP transport method of apt versions 1.4.8 and earlier. This attack will be used with the "Become this network with client-side injection" action, when the "transparent HTTP proxy" option is set. If a client joins the network, and tries to install a package using apt, the attack will be performed. In order for it to succeed, apt should download release files (Release.gpg).
See SILICA in action by watching the latest videos from Vimeo.
866-524-4782 *
imu.sales@appgatedotcom