Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

8/10/2006
09:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

A Portable Hacker Helper

Immunity's new penetration testing tool looks like a PDA, enabling white hat hackers to do their work on the sly

Immunity, Inc. has built a new hand-held penetration testing tool that resembles a PDA, enabling penetration testers to crack enterprise defenses without raising as much suspicion as they did with laptops.

The Linux-based Silica tool -- slightly bigger than a SideKick PDA -- will ship in October, says David Aitel, CTO of Immunity, who announced the tool today on his message board and on Immunity's Website. "The idea is that you [the pen tester] can put it in a pocket and walk around and do what you need to do," he says. Silica supports 802.11 and Bluetooth wireless, as well as a USB connection to Ethernet LANs.

Lugging around a laptop can be tricky for penetration testing and social engineering firms, which often make clandestine visits to their clients in order to test their defenses.

"Rather than [carrying around] laptops, being mobile and moving freely is a big deal, especially when you're trying to punch a hole in a guy's network," says Steve Stasiukonis, vice president and founder of Secure Network Technologies, which performs pen testing and social engineering services. "[Clients] start to wonder why you're in the parking lot all the time," especially when you have to charge a laptop with a dead battery, Stasiukonis says.

Silica is a mini, hardware-based version of Immunity's Canvas penetration testing software, which ships with a variety of exploits and vulnerabilities. Canvas competes with Metasploit, a popular, free penetration testing tool. (See Metasploit 3.0 Makes Splash at Black Hat.)

"With the ability to put Canvas in the palm of your hand, you can do things like sit at Starbucks next to the CEO you're pen-testing," says Aitel.

Canvas can accomplish some of the same exploits with a laptop and wireless card, "but it's difficult to hide, and you'd look like a big dork walking through the room with it," Aitel says.

Silica also lets a pen tester plug into a USB port, ostensibly to copy a file but also to do other types of pen-testing on the sly. It currently uses Canvas exploits but will eventually do Bluetooth attacks as well, Aitel says.

Silica can automatically scan all machines on a wireless LAN for file shares and downloads, Aitel says. It also can automatically penetrate a machine and make it connect via HTTP/DNS to an external listening post based on Immunity's Canvas Professional. A pen tester could even leave it on a user's desk, where it can hack into anything, he says.

Immunity hasn't yet set pricing for Silica, and the product is still in beta.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Immunity Inc.
  • Secure Network Technologies Inc. Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    The Security of Cloud Applications
    Hillel Solow, CTO and Co-founder, Protego,  7/11/2019
    Where Businesses Waste Endpoint Security Budgets
    Kelly Sheridan, Staff Editor, Dark Reading,  7/15/2019
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Building and Managing an IT Security Operations Program
    As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
    Flash Poll
    The State of IT Operations and Cybersecurity Operations
    The State of IT Operations and Cybersecurity Operations
    Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2019-13643
    PUBLISHED: 2019-07-18
    Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The attack begins by storing a new stream message containing an XSS payload. The stored payload can then be triggered by clicking a malicious link on the...
    CVE-2019-13644
    PUBLISHED: 2019-07-18
    Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tag_number$ tag summary page.
    CVE-2019-13645
    PUBLISHED: 2019-07-18
    Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$file_id$ attachment editing.
    CVE-2019-13646
    PUBLISHED: 2019-07-18
    Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query.
    CVE-2019-13647
    PUBLISHED: 2019-07-18
    Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing.