Silica -- a wireless hacking tool

Silica — a wireless hacking tool

By ryan naraine February 6, 2007, 10:58 AM PST

Image
1
of 10

Justine Aitel

Penetration testing firm Immunity has started shipping Silica, a wireless handheld pen-testing device capable of finding — and exploiting — security vulnerabilities.

The palm-sized PDA tucked away in Justine Aitel’s pocketbook just might be the most scary device on display at this year’s RSA security conference. [See Ryan Naraine’s report.] Aitel is roaming the hallways here with Silica, a portable hacking device that can search for and join 802.11 (Wi-Fi) access points, scan other connections for open ports, and automatically launch code execution exploits from a built-in exploit platform.

Silica is the brainchild of Aitel’s Immunity Inc., a 10-employee penetration testing outfit operating out of Miami Beach, Florida. It runs a customized version of CANVAS, the company’s flagship point-and-click attack tool that features hundreds of exploits, an automated exploitation system, and an exploit development framework.

PDA form factor

Silica now runs on the Nokia 770 but Immunity plans to expand the range of supported devices.

Powered by Linux

Silica runs a customized installation of Debian/Linux running kernel 2.6.16 with preemptive scheduling.

Bluetooth support planned

Currently Silica supports 802.11 (Wi-Fi). The product roadmap calls for support for Bluetooth wireless connections and Ethernet via USB.

Touch screen application launch

Once a network connection is established with a wireless access point, the user can use the touch-screen interface to launch Silica.

Connect to available networks

Silica scans for available Wi-Fi networks, then connects and starts scanning for vulnerable targets.

Attack, or prompt first?

Available networks can be scanned in two modes — Attack mode or the “prompt before scan” mode. Both can be enabled at the same time.

Attack node prompt

The user can manually confirm the use of “attack node,” which fires exploits at vulnerable targets on the wireless network.

Three-button user interface

The application comes with a three-button user interface: Scan, Stop and Update.

Making progress

Image: Nick Heath / TechRepublic

Making progress

A progress bar should display what is happening on the device. Optionally, the user may check the two bottom status boxes to find out more details about the scan. rn

rnrnSee also: Ryan Naraine’s report from RSA 2007, Wi-Fi hacking, with a handheld PDA.

Image: Nick Heath / TechRepublic

By ryan naraine

Account Information

Contact ryan naraine

Your message has been sent
|
See all of ryan's content

Cybersecurity demands and the stakes of failing to properly secure systems and networks are high. While every organization’s specific security needs form a unique and complex blend of interconnected requirements, numerous security fundamentals almost always apply to each of these groups. It stands to reason that cybersecurity pros who effectively identify network and systems risks ...

In this guide from TechRepublic Premium we’re going to explore the various things you can do with a Linux server. We won’t leave out any steps, so you won’t have to refer to another tutorial to complete the process. The only step we will leave out is the installation of Linux, as we’ll assume you ...

If you want to deploy applications into a Kubernetes cluster, be warned — it’s not the easiest task. There are a lot of moving pieces that go into these scalable containers. Don’t you wish you had a complete roadmap, from start to finish, to walk you through the process of deploying the Kubernetes cluster, deploying ...