SILICA 7.29 Release Notes
Windows Server Update Services (WSUS) MiTM Attack
- A new attack module that performs a man-in-the-middle attack against
windows stations using non-SSL connections to WSUS. This module is
active when running the fake AP with client-side injection mode.
D-link authentication bypass
- Multiple D-link access points are vulnerable to an authentication
bypass [1]. The "attack" module will scan for the vulnerability and
open a browser session to the administration interface if the attack
is successful.
Deauthentication of wireless clients
- A new option was added to deauthenticate a specific station from a
wireless network. This can be useful to try to force a target to
connect to the fake AP.
A new option was also added to select the channel used by the fake AP.
In addition, several fixes are included:
- Issue with packet injection in MiTM mode with client-side injection.
- Issue with network listing information display when an AP
configuration is changed.
[1] http://seclists.org/bugtraq/2010/Nov/90
Demo: D-link and Microsoft WSUS Exploits