SILICA 7.32 Release Notes
KRACK attack: bypassing WPA2 encryption
- SILICA can now perform a man-in-the-middle attack between a target
access point and the target devices that try to connect to the network.
When a vulnerable device tries to connect, SILICA will intercept the
packets and replay them in a way that will cause the device to install
an all-zero encryption key. SILICA will then carry-on with ssl-stripping
and ssl-spoofing attacks against the target device.
This module supported targets are wpa_supplicant 2.4 and 2.5, and was
tested on a stock Ubuntu 16.04.1 target.
Also included in this release:
- Updated certificates for Fake AP in radius mode.
- Compatibility fixes to the DHCP server.
Important Note:
To make the KRACK attack work, SILICA requires two
wireless cards, as the fake access point needs to be on a different
channel than the real Access Point. The additional card could be any
wireless card that supports packet injection, however, Immunity will
only support the Alfa AWUS052NH 802.11n Dual Band 2.4/5 GHz Wi-Fi USB
Demo:
Bypassing WPA2 encryption using the KRACK attack