SILICA, a mobile pentesting gadget for $3600

[10goto10]

I came across a blog post discussing a $3600 handheld device that will automatically scan, exploit and snarf (look for interesting data like passwords) wireless networks. (This is not new, the device was released in 2006)

The vendor site: http://www.immunitysec.com/products-silica.shtml

A review: http://www.informit.com/guides/content.asp...&seqNum=247

Another review with pics: http://blogs.zdnet.com/security/?p=19

The actual system behind it is Immunity's CANVAS, which seems to be a Python script you can buy for $1450. I'm guessing this is a front-end, and the actual work is done by the usual suspects (nmap, tcpdump, etc.). I would love to have a look at CANVAS, but I'm not coughing up that $1450 for it.

I remember reading more about this when I was reading stuff about turning a Zaurus PDA into a homebrew SILICA device. I think some projects were set up to have similar "autopwn" capabilities but I lost sight of them. Any Hak5ers interested in building one of these together?

[stingwray]

From the screenshot on their website, looks to me like its running on a Nokia Internet Tablet (n770, n800, n810).

I'd could do this, but I lack both time and the device.

[metatron]

haha, what a waste of money.

[Razor512]

it is most likely a hoax or a scam

no one will waste money of the overpriced thing and if they did, they would be too ashamed to admit it

while the concept is good, adding a GUI to the free apps that do the cracking because command line can be pretty annoying especially when the same thing can be done with a single click (main reason why windows has a larger user base than linux)

but it is a major waste of money to pay for a GUI

[will-wtf]

the stuff of dreams... waste of monet though

[Zimmer]

This oddly reminds me of this thing called SCILA in a show called Prison Break on FOX. Huh weird. Oh and the thing in the tv show stool information from electronic devices.

[ls]

This oddly reminds me of this thing called SCILA in a show called Prison Break on FOX. Huh weird. Oh and the thing in the tv show stool information from electronic devices.

Yes i had the same idea, like what !!!?? does that really exists ?

and about canvas, I've used it in the past and it's really not worth the money

it is on bittorent but it's not even worth the download

[stingwray]

Your forgetting businesses. They will buy it, your also paying for support, not just the GUI and the knowledge that it will work.

it is most likely a hoax or a scam

no one will waste money of the overpriced thing and if they did, they would be too ashamed to admit it

while the concept is good, adding a GUI to the free apps that do the cracking because command line can be pretty annoying especially when the same thing can be done with a single click (main reason why windows has a larger user base than linux)

but it is a major waste of money to pay for a GUI

[runkittyrun]

I just got my n800 last week and I really like it so far, n770's are fairly reasonable priced, the pic of SILICA I saw was n770 with sticker over the nokia logo

personal my take on devices like this is that there will defiantly be a market for it even at 3.6k, I perceive law enforcement getting more and more automated security devices and large company need tools to do quick yet effect security audits, also compare the cost to that of yearly cost of an IT professional

all I know is I would enjoy seeing more gui's and security programs for the maemo environment

[Zimmer]

Who needs a 3600$ GUI

[Razor512]

your still paying for a GUI as you also have to pay for updates.

a gui is good to have though. why go through typing lots of confusing commands just to do 1 thing when the same thing could be done with a single click

[10goto10]

It's not even a GUI by definition -- but nevertheless.

The closest I came across are Errata's Ferret and WifiZoo. Combine this with wesside-ng/easside-ng and some automated bluesnarfing and you're coming close to having your own "SILICA" on a $0 budget (if you already have the hardware, ofcourse).

[786soul]

I'm just getting myself an N810 and an Alfa 500mW USB Adapter and BOOM im set for some fun =) for under 500 I may add :)

[metatron]

I'm just getting myself an N810 and an Alfa 500mW USB Adapter and BOOM im set for some fun =) for under 500 I may add :)

Fail, I have a Agenda VR3 (got it free), a modded LaFonera with a serial port (free) and a GSM modem (free), you could put that set up together for under $100. Ghetto hacking device ftw.

[StarchyPizza]

the "Fon" is a beast haha

[786soul]

Fail, I have a Agenda VR3 (got it free), a modded LaFonera with a serial port (free) and a GSM modem (free), you could put that set up together for under $100. Ghetto hacking device ftw.

LOL to make myself feel better I actually ended up getting both for $350. But what the heck I'm up for the fun of it, hobbies need some investment at some point. Hopefully one day the innovation part of my mind will kick in rather than the half-ass 'I'll just do what I know will work' part.

[Juan Jose Canario]

I have been working on SILICA for a year now. I currently write scripts for the software which i uploaded onto my own device. The device is also called the "hunter". It is very powerfull but has to be used apropriatly as it can cause alot of harm.

Juan Jose Canario

[DingleBerries]

Laptop + BackTrack + Knowing how to read + Knowing how to use google = Better than this

[VaKo]

I don't know, any old n00b with a cash float could make quite a tidy living with a device like this, especially if your charging several thousand for a network audit. The higher you go up the chain of command the less questions are asked and more money will be spent.

[DingleBerries]

Does it also asses web vulnerabilities? I.E. in the server, or a website? Also I highly doubt that it has the capacity to map a network like Nmap does.. I havent seen the .py they are using but i would indeed like to take a look at it.