IMMUNITY SILICA

Redefining wireless assessments

SILICA 7.40 Release Notes

Windows CryptoAPI Spoofing (CVE-2020-0601)

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. SILICA will try to exploit this vulnerability to spoof SSL certificates with the "FakeAP with service impersonation" module.

NETGEAR Telnet Enable Vulnerability

Several NETGEAR routers have a telnet daemon that can be enabled remotely and accessed with default credentials. SILICA will try to exploit this vulnerability with the "Attack" module and use it to obtain credentials for the router's HTTP Console.

Apple EAP-success attack (CVE-2019-6203)

There is a vulnerability in Apple devices that allows an attacker to create fake access points that successfully spoof real access points. This works by sending EAP-success messages that the Apple devices accept even before validating credentials. SILICA will exploit this vulnerability when creating a FakeAP with 802.1X encryption.

Fix missing "edit key" submenu option for 802.1X networks.

SILICA VIDEOS

See SILICA in action by watching the latest videos from Vimeo.

VIEW full SILICA Video collection

For product questions or purchase information

please contact us

786-220-0600 *

sales@immunityincdotcom

* Business Hours: Mon-Fri | 9am-5pm (EST)

LATEST IN

IMMUNITYMEDIA

TWITTER
VIDEOS
PRODUCT
BLOG
SERVICES
BLOG