Push-Button Pen TestingBy CWNP On 09/03/2009 - 7 Comments
Push-Button Pen Testing: That's my phrase. I came up with it yesterday. It's a whole new class of automated hacking...uh, I mean penetration testing...products. I got to see Silica-U from Immunity yesterday. This thing is slick. They finally ported it over from a Nokia N810 Internet tablet to a desktop Linux version (which I got to see running on my favorite Linux distribution - Ubuntu). It worked just as described. No longer do you have to remember WEP keys, WPA passphrases, LEAP usernames and passwords (in a future release). Isn't that great?
If you want to break WEP, WPA1/2-PSK, or to perform any number of other attacks...uh, I mean tests, it's all built-in and all automated. Instead of having to run a series of utilities, taking the output from one and piping it into another and another until you can get the final result, all of that is built right into Silica. Immunity has taken many of the latest/greatest Wi-Fi and L3-L7 "network auditing" (wink, wink) utilities and put them into a single tool that's as simple to operate as pushing the EASY, uh...I mean "START" button.
Is it fast? It's shockingly fast. Have you ever been at an airport, coffee shop, or hotel and thought to yourself, I could totally MAC spoof that bozo...uh, unsuspecting lamer...next to me, but then realized that you didn't bring everything you need, and it would take literally 15 minutes of sniffing, analyzing, noting, configuring, rebooting, and testing to MAC spoof the guy? Then I bet you thought, "totally not worth the effort." With Silica, even though it's not a prescribed use of the product (for obvious reasons), MAC spoofing takes about 1 minute and you don't have to change anything anywhere. Obviously I'm not saying you should steal Internet access at the airport, hotel, or anywhere else. That's a big no-no. I'm just saying that you could literally MAC spoof someone (for pen testing reasons of course) just that fast due to all of the automation in Silica. That's just one simple example.
Have you ever said to yourself, "you know, I seem to have forgotten my next door neighbor's PSK?" With Silica, give it a couple of minutes and you'll have it. And what's better, once past the wireless connectivity...it gets better. Have you ever thought to yourself, "I just can't seem to remember the IPs, ports, services, and passwords to everything on his entire network?" Gosh, me too. With Silica, you don't have to worry about writing everything down any longer. Isn't that great? Silica is also a memory aid.
Updates are especially cool. It's just like Anti-Virus software. The single Update button updates the application, the attack database (L2-L7), and everything. This thing is in a class by itself.
What if you were an SE working for a WIPS or Wi-Fi manufacturer, and your customer said, "you know, I think this here WEP stuff is pretty nice, and we don't think anybody around these parts could crack this stuff." You whip out your shiny new Silica, push "start", and then say, "Well Mr. Smith, it looks like your WEP key of 'OurNetworkIsSafe' has now been exposed. Would you like us to explain how 802.1X/PEAP-MSCHAPv2 with CCMP/AES and Role Based Access Control can better secure your network?"
I'm just sayin'...
Follow me at www.twitter.com/DevinAkin