SILICA 7.32 Release Notes

IMMUNITY SILICA

Redefining wireless assessments

IMMUNITY

SILICA

SILICA 7.32 Release Notes

KRACK attack: bypassing WPA2 encryption

SILICA can now perform a man-in-the-middle attack between a target access point and the target devices that try to connect to the network. When a vulnerable device tries to connect, SILICA will intercept the packets and replay them in a way that will cause the device to install an all-zero encryption key. SILICA will then carry-on with ssl-stripping and ssl-spoofing attacks against the target device. This module supported targets are wpa_supplicant 2.4 and 2.5, and was tested on a stock Ubuntu 16.04.1 target.

Also included in this release:

Updated certificates for Fake AP in radius mode.
Compatibility fixes to the DHCP server.

Important Note:

To make the KRACK attack work, SILICA requires two wireless cards, as the fake access point needs to be on a different channel than the real Access Point. The additional card could be any wireless card that supports packet injection, however, Immunity will only support the Alfa AWUS052NH 802.11n Dual Band 2.4/5 GHz Wi-Fi USB

Adapter which can be obtained here:
- https://store.rokland.com/products/alfa-awus052nh-802-11n-dual-band-2-4-5-ghz-wi-fi-usb-adapter
- https://www.amazon.com/Alfa-Long-Range-Dual-Band-Wireless-External/dp/B00V5KSIZS

Demo:

Bypassing WPA2 encryption using the KRACK attack

SILICA VIDEOS

See SILICA in action by watching the latest videos from Vimeo.

VIEW full SILICA Video collection

For product questions or purchase information

please contact us

866-524-4782 *

imu.sales@appgatedotcom

LATEST IN

IMMUNITYMEDIA

TWITTER

VIDEOS

Visit @immunityinc on Twitter