Image 1 of 10
Penetration testing firm Immunity has started shipping Silica, a wireless handheld pen-testing device capable of finding — and exploiting — security vulnerabilities.
The palm-sized PDA tucked away in Justine Aitel’s pocketbook just might be the most scary device on display at this year’s RSA security conference. [See Ryan Naraine’s report.] Aitel is roaming the hallways here with Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform.
Silica is the brainchild of Aitel’s Immunity Inc., a 10-employee penetration testing outfit operating out of Miami Beach, Florida. It runs a customized version of CANVAS, the company’s flagship point-and-click attack tool that features hundreds of exploits, an automated exploitation system, and an exploit development framework.
PDA form factor
Silica now runs on the Nokia 770 but Immunity plans to expand the range of supported devices.
Powered by Linux
Silica runs a customized installation of Debian/Linux running kernel 2.6.16 with preemptive scheduling.
Bluetooth support planned
Currently Silica supports 802.11 (Wi-Fi). The product roadmap calls for support for Bluetooth wireless connections and Ethernet via USB.
Touch screen application launch
Once a network connection is established with a wireless access point, the user can use the touch-screen interface to launch Silica.
Connect to available networks
Silica scans for available Wi-Fi networks, then connects and starts scanning for vulnerable targets.
Attack, or prompt first?
Available networks can be scanned in two modes — Attack mode or the “prompt before scan” mode. Both can be enabled at the same time.
Attack node prompt
The user can manually confirm the use of “attack node,” which fires exploits at vulnerable targets on the wireless network.
Three-button user interface
The application comes with a three-button user interface: Scan, Stop and Update.
A progress bar should display what is happening on the device. Optionally, the user may check the two bottom status boxes to find out more details about the scan. rn
rnrnSee also: Ryan Naraine’s report from RSA 2007, Wi-Fi hacking, with a handheld PDA.