SILICA 7.43 Release Notes
Known beacons attack
- Many modern operating systems are not vulnerable to standard "karma"
attacks as they passively scan for known open networks instead of
broadcasting probe requests. In the "known beacons attack", beacons
advertising ESSIDs from a list of known common network names are
broadcasted. This attack is effective because many operating system
default to auto-connecting to known open networks. This attack has
been implemented in SILICA as an enhancement to the "karma" module,
and it is launched from the "FakeAP settings" dialog box. There is a
predefined common ESSIDs list, and a custom list can be loaded from
the "PREFERENCES/Module Config" dialog box.
Improved Deauthentication Attack
- SILICA now supports deauthenticating all stations from a BSS even
when another module is running. The attack is launched from the
"Network Listing" tab, by selecting the "DoS: Deauthenticate All
Clients". The only limitation is that if the attack is launched while
another module is running, then the target network must be in the
same channel as the current wireless channel. This improvement is
specially intended to be used together with the FakeAP module.
Probe Requests MAC Randomization Handling
- MAC randomization in probe requests was introduced by operating
system vendors to enhance privacy. As a result, SILICA probe
visualizations were confusing after scanning for a certain period, as
too many MAC addresses were displayed. SILICA now groups together
probe requests in the FakeAP tab by ESSID and hide the MAC address by
default. In the "Neighborhood Graph" visualization, SILICA groups
together MAC addresses that had only proved the same ESSID. MAC
address that were seen in other interactions are still displayed
individually.
Demo: SILICA 7.43 - Known APs Attack & Improved Deauthentication Attack