Immunity Canvas on OSX

If you are using linux (especially backtrack) or windows, running immunity canvas should be easy. But if you’re using Mac OSX, probably it will become a problem at first time. Immunity also packaged canvas for OSX application, so all you have to do is point and click the application. However, sometimes (most of the time in my case) it’s better to run it from command line to see what’s going on during application loading, during processing the exploit, processing payload, processing 3rd party exploit pack, etc. And AFAIK, running VisualSploit is only possible through command line.

Immunity already build a custom dependency needed to run canvas on OSX, this include GTK for OSX, python, and PyGTK. Everything you need to run canvas on OSX. The custom build package can be downloaded from here. We can just extract the directory into /Applications.

Here’s how-to run canvas framework from console,

$ /Applications/CANVAS_OSX/bin/python /Volumes/Myth/Exploit/canvas/CANVAS_6.59/Contents/Resources/CANVAS/runcanvas.py
[+] Required version of Python found: 2.5.2
[+] ALL dependencies satisfied!
No readline imported.
[C] Discovered interfaces: [['vmnet1', '172.16.136.1', '255.255.255.0'], ['vmnet8', '172.16.30.1', '255.255.255.0'], ['en1-ipv6', 'fe80::22:68ff:fee7:56de', 'ffff:ffff:ffff:ffff::'], ['en1', '192.168.2.100', '255.255.255.0'], ['lo0-ipv6', 'fe80::::1', 'ffff:ffff:ffff:ffff::'], ['lo0', '127.0.0.1', '255.0.0.0']]
Setting CANVAS session to: default
Using 'Reports/default' as base data output directory
Initializing exploit pack: My Exploit Pack, Private Version
Loading 1024cms_rfi ... [ ok ]
Loading 3comtftp ... [ ok ]
Loading BuildCallbackTrojan ... [ ok ]
Loading BuildHTTPCallback ... [ ok ]
Loading CLOUDBURST ... [ ok ]
Loading CVE_2004_1329 ... [ ok ]
Loading CVE_2006_4842 ... [ ok ]
Loading CVE_2007_4003 ... [ ok ]
Loading CVE_2007_4513 ... [ ok ]
...
Loading VAASeline_Control ...
==== No module named rfb ====
Please see /libs/VAASeline/README for instructions on how to get the dependencies
[ ok ]
...
Loading facedetection ... Cannot import opencv - this is required for facerecognition
[ ok ]
...
Local GUI Queue listening on port 6110
No country exclude list loaded
[*] CANVAS Started [*]
...

As always, loading from console is much better since we can see everything there. Usually we’ll see some error occurred when loading specific stuff like exploit because it depend on other software to be installed, we can use this way to debug and satisfy mentioned dependency later.

And here’s to run VisualSploit,

$ /Applications/CANVAS_OSX/bin/python VisualSploit/main.py
No readline imported.
[C] Discovered interfaces: [['vmnet1', '172.16.136.1', '255.255.255.0'], ['vmnet8', '172.16.30.1', '255.255.255.0'], ['en1-ipv6', 'fe80::22:68ff:fee7:56de', 'ffff:ffff:ffff:ffff::'], ['en1', '192.168.2.100', '255.255.255.0'], ['lo0-ipv6', 'fe80::::1', 'ffff:ffff:ffff:ffff::'], ['lo0', '127.0.0.1', '255.0.0.0']]
Setting CANVAS session to: default
Using 'Reports/default' as base data output directory
Local GUI Queue listening on port 7824

And here’s the GUI sample of VisualSploit on OSX,

VisualSploit on OSX
VisualSploit on OSX

Immunity Canvas sometimes sluggish to be run on OSX, we have to several times moving the GUI to make some text become readable again after scrolling or anything. But still, if you’re OSX fanboy and use this framework for research or working, running canvas using native way is much better than running it on top of vmware :).

Advertisements

2 thoughts on “Immunity Canvas on OSX

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s