IMMUNITY SILICA

Redefining wireless assessments

SILICA 7.29 Release Notes
  • Windows Server Update Services (WSUS) MiTM Attack

    • A new attack module that performs a man-in-the-middle attack against windows stations using non-SSL connections to WSUS. This module is active when running the fake AP with client-side injection mode.
  • D-link authentication bypass

    • Multiple D-link access points are vulnerable to an authentication bypass [1]. The "attack" module will scan for the vulnerability and open a browser session to the administration interface if the attack is successful.
  • Deauthentication of wireless clients

    • A new option was added to deauthenticate a specific station from a wireless network. This can be useful to try to force a target to connect to the fake AP.
  • A new option was also added to select the channel used by the fake AP.

  • In addition, several fixes are included:

    • Issue with packet injection in MiTM mode with client-side injection.
    • Issue with network listing information display when an AP configuration is changed.

[1] http://seclists.org/bugtraq/2010/Nov/90

Demo: D-link and Microsoft WSUS Exploits

SILICA VIDEOS

See SILICA in action by watching the latest videos from Vimeo.

VIEW full SILICA Video collection

For product questions or purchase information

please contact us

866-524-4782 *

imu.sales@appgatedotcom

LATEST IN

IMMUNITYMEDIA

TWITTER
VIDEOS