shutin Posted June 5, 2013 Share Posted June 5, 2013 Hey all, I remember seeing a Hak5 episode about this wifi pentesting tool called Silica that I wanted to check out. I went to their site and tried to figure out how to see a price or anything about it and came across this download page: http://www.immunityinc.com/downloads.shtml which has a link to the VM http://downloads.immunityinc.com/SILICA_VM.zip So I downloaded it and it boots up but it doesn't recognize a simple Alfa. It throws a bunch of weird errors like this: [ 43.954420] rtl8187: disagrees about version of symbol ieee80211_rts_duration[ 43.954421] rtl8187: Unknown symbol ieee80211_rts_duration (err -22) Anyone know what is up with this image? Is it a trial or something you have to pay to activate or what? I'd like to see what they were talking about in the episode, since they kept the damn screen hidden the whole time. Anyone get this to work? Thanks Quote Link to comment Share on other sites More sharing options...
barry99705 Posted June 9, 2013 Share Posted June 9, 2013 The activation is based of the wireless card you get when you buy silica. Unless you activate it with that wireless card, it's not going to work. From the poking around I did, it's missing a few directories, which probably get installed when you activate. Quote Link to comment Share on other sites More sharing options...
shutin Posted June 17, 2013 Author Share Posted June 17, 2013 Thanks for clarifying this. I believe Silica ships with a Ubiquity adapter (SR-71 maybe?). There shouldn't be anything too magical about "Activating" it. Perhaps you just need to spoof the MAC to match a Ubiquity dongle? I donno, I imagine software piracy is frowned upon here so I won't persue the topic any further but dang it, I really want to just demo the software. Quote Link to comment Share on other sites More sharing options...
barry99705 Posted June 17, 2013 Share Posted June 17, 2013 Pretty sure they track the mac address from their end and when you activate, it does a "software update" that adds the correct repository so the correct files get installed. Just a guess, but that's what I'm seeing from the activation scripts. Quote Link to comment Share on other sites More sharing options...
shutin Posted June 29, 2013 Author Share Posted June 29, 2013 I emailed the company and they told me the VM image is there strictly for the convenience of their paying customers to download it whenever they need it. I think they should add maybe a sentence or two to #@%$@#% illustrate that but eh. Anyone actually played with this thing and have any comments on it? The whole package seems geared toward noob LEOs or something. I don't know that I like the idea of someone who has no idea what they are doing pointing and clicking on wifi networks to exploit. They might develop a taste for it.. With the advent of wifite.py wifi cracking can't get any easier. Silica just employs a easy-breezy exploit functionality like serving up rotten java applets during the MITM portion, from what I understand of it. Quote Link to comment Share on other sites More sharing options...
GRMrGecko Posted October 18, 2013 Share Posted October 18, 2013 Thanks for clarifying this. I believe Silica ships with a Ubiquity adapter (SR-71 maybe?). There shouldn't be anything too magical about "Activating" it. Perhaps you just need to spoof the MAC to match a Ubiquity dongle? I donno, I imagine software piracy is frowned upon here so I won't persue the topic any further but dang it, I really want to just demo the software. It does infact seem to activate based on MAC Address. Looking up interfaceTrying to find interface index for iface: wlan0 Found MAC address: 00:c0:ca:69:3a:a4 for: wlan0 Found interface: wlan0 Verifying USB ID for interface wlan0 Failed matching USB ID of wireless card So... If we can spoof the MAC address to that of what it's wanting... We can get the software to download and use it with our devices. Quote Link to comment Share on other sites More sharing options...
GRMrGecko Posted October 18, 2013 Share Posted October 18, 2013 Got as far as getting it to work with my device, however now I need a username/password. https://auth.immunityinc.com/silica/verify_user is called. I am guessing they won't make it easy to spoof that as they likely have the downloads locked to username/password. Anyone know how much it is to purchase it? Quote Link to comment Share on other sites More sharing options...
Lockon Posted October 25, 2013 Share Posted October 25, 2013 I think it's about $2000 ~ $2500. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.