IMMUNITY SILICA

Redefining wireless assessments

SILICA 7.38 Release Notes

APT Remote Code Execution Exploit (CVE-2019-3462)

This module exploits a vulnerability in apt to achieve remote code execution. The vulnerability is caused by incorrect sanitation of the 302 redirect field in the HTTP transport method of apt versions 1.4.8 and earlier. This attack will be used with the "Become this network with client-side injection" action, when the "transparent HTTP proxy" option is set. If a client joins the network, and tries to install a package using apt, the attack will be performed. In order for it to succeed, apt should download release files (Release.gpg).

Fixes an issue that prevents SILICA from joining certain WEP networks.

SILICA VIDEOS

See SILICA in action by watching the latest videos from Vimeo.

VIEW full SILICA Video collection

For product questions or purchase information

please contact us

786-220-0600 *

sales@immunityincdotcom

* Business Hours: Mon-Fri | 9am-5pm (EST)

LATEST IN

IMMUNITYMEDIA

TWITTER
VIDEOS
PRODUCT
BLOG
SERVICES
BLOG