IMMUNITY SILICA

Redefining wireless assessments

SILICA 7.22 Release Notes
  • Group Policy Exploit for Microsoft Windows (MS15-011)

    • Tested on Windows 7 targets joined to Windows 2008 R2 domain controllers (DC). The SILICA VM's host should be on the same network than the DC, that means packets should be able to reach the DC, and the DNS server address should point to the DC. This exploit was tested while on FakeAp with service impersonation mode. When successful, this module will make changes to some registry values under HKEYLOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Window on the target.
  • SMB Transparent Proxy

    • When running a FakeAp with service impersonation, SILICA intercepts all SMB packets. SMB traffic accessing ".exe" files will be modified to include backdoors. This works as long as mandatory SMB signing is not enabled on the target.
  • Use-after-free in Adobe Flash Player (CVE-2015-5119)

  • This release also include some bug fixes, included:

    • Issue with ARP scanning in man-in-the-middle/main-in-the-middle module.
    • Issue with FakeAp module when handling large number of connections.
    • Issue with FakeAp with service impersonation module with slow DNS resolving.

Demo: SMB proxy and group policy exploit

SILICA VIDEOS

See SILICA in action by watching the latest videos from Vimeo.

VIEW full SILICA Video collection

For product questions or purchase information

please contact us

866-524-4782 *

imu.sales@appgatedotcom

LATEST IN

IMMUNITYMEDIA

TWITTER
VIDEOS