Former NSA dude Dave Aitel (no, I didn’t know him when I was there) has developed a wireless handheld hacking device called Silica. His company, Immunity expects to sell the device for about $3000. Based on the descriptions it sounds like a wireless, portable version of Immunity’s Canvas product or Core Security’s Impact. Silica can check for and exploit about 150 vulnerabilities, automatically.
According to Aitel, “[You can] tell Silica to scan every machine on every wireless network for file shares and download anything of interest to the device. Then just put it in your suit pocket and walk through your target’s office space,”.
Interesting device to say the least.
–Chris
September 4th, 2006 at 9:10 am
How kind of him…does this mean we now need to monitor who walks around our office who might seemingly be in for an interview etc?
September 4th, 2006 at 10:45 am
Pretty much. This thing is $3000 so that greatly reduces the number of people that would have it. However, how long will it be before someone builds the same thing using Metasploit??? That’s when it becomes more of a concern.
It will be interesting to see if Core Security releases such a tool.
–Chris