Immunity SILICA wireless kit is a lightweight, hand-held wireless penetration testing product produced by ImmunitySec. it tests the network with a unique test tool, supports 802.11a/B/g/n networks and Bluetooth-based Ethernet networks. I was lucky enough to get a trial package of this tool, a full hand-held device, and tried it on my wireless network.
I. kit content
The trial kit includes an 8 gb usb flash drive, a wireless Nic of the Atheros, and an external enhanced antenna. The USB flash drive is a virtual machine copy containing Ubuntu, which contains the Immunity SILICA application (which leaves a lot of customization space for you ).
Ii. Test process
2.1 Immunity Silica wireless signal detection
I connected the Atheros Nic to my Windows 7 host, copied the virtual machine in the USB flash drive to the hard disk, and then started the VM using the VMware Player, the Immunity SILICA program window is automatically displayed. At the same time, Immunity SILICA automatically scans wireless network signals.
Figure 1
Click the stop icon in the main window to end the wireless network signal scanning process. The information obtained by the scan includes the SSID name, MAC address and vendor information of the Wireless AP, signal strength, wireless channel, Authentication Encryption Method, and AP type (figure 2 ).
Figure 2
2.2 Immunity Silica's wireless key restoration Function
The most notable item is the Recovered Key. According to official information, Immunity SILICA can restore Wireless authentication and encryption passwords such as WEP and WAP1/2. I have to try it out. It is easy to find that the SSID of the AP used by the author is dlinkhome. channel is 1 and WPA is used.
Figure 3
First, select my AP, right-click, and select Discover Key. The program starts to automatically decrypt the password. If you are lucky, the password will automatically appear in the Discover Key of the corresponding AP.
2.3 Immunity Silica Wireless Network Scanning
After waiting for half a day, there was no password. Maybe my AP is safe (I know it is quite difficult to crack WPA ). I simply select Edit Key (Figure 3) and enter my password to see what else I can do (figure 4 ).
Figure 4
After entering the password, I right-click my AP and find that the menu has changed. 5:
Figure 5
Next I will try Network Probe. The Log option in the main window shows the running status of the program. After that, you can find the detailed Report in the Program Report directory (Figure 6). The situation of the AP and Its terminal is still very accurate. This information should be available to Immunity CANVAS (a professional penetration testing tool.
Figure 6
2.4 Imminity Silica capture wireless network Cookies
When I select Passive session hijacking, the program automatically calls out the WireShark data packet capture tool to collect wireless network data packets. In my environment, a cookie viewer is captured. 7:
Figure 7
According to official instructions, if the cookie information contains logon authentication information, you can directly use this information to access the page content to be logged on. Other attacks, such as Attack and MITM, are said to be powerful, but they are not tested one by one due to the limitations of the author's environment.
Evaluation summary:
I am very impressed with the automation of this wireless security tool, and many operations require almost no manual operation. In other words, if a wireless network can be easily restored by Immunity SILICA to obtain important information and successfully attacked, the security of the wireless network is very worrying, it deserves the attention of managers.
In short, I think Immunity SILICA is still a tool that allows users to customize freely. It makes full use of the open source operating system as a platform and works seamlessly with the CANVAS testing framework, it is a powerful tool to ensure or audit the security of wireless networks and is worthy of recommendation.