SILICA 7.31 Release Notes
Exploit module for SAMBA Remote Code Execution vulnerability.
- This module exploits a vulnerability in SAMBA servers (CVE-2017-7494).
In order to use this exploit you need: write access to a SAMBA share,
and named pipes should be enabled in the SAMBA server. This module
was tested on Samba 4.1.6 (x86-64 and i386) on Ubuntu.
Improved post-exploitation module for Linux.
- After a Linux host is exploited, the post-exploitation module will now
extract saved WiFi credentials from the Network Manager, and screenshots
will be taken and saved in BMP format.
Improved logging and status information.
- A status information table shows information about current and past
actions started by the user. An error log tab was also added. Important
log entries are now shown in a different color.
Important bug fix:
- Issue with the card not being detected in some OSX hosts was fixed.
Demo:
Samba Server Exploitation