CANVAS
11 February, 2009 - 11:08 — RaT
Windows (requires Python & PyGTK)
Linux
MacOSX (requires PyGTK)
All other Python environments such as mobile phones and commercial Unixes (command line version only supported, GUI may also be available)
currently over 400 exploits, an average of 4 exploits added every monthly release
Immunity carefully selects vulnerabilities for inclusion as CANVAS exploits. Top priorities are high-value vulnerabilities such as remote, pre-authentication, and new vulnerabilities in mainstream software.
Exploits span all common platforms and applications
to provide maximum reliability, exploits always attempt to reuse socket
if socket reuse is not suitable, connect-back is used
subsequent MOSDEF session allows arbitrary code execution, and provides a listener shell for common actions (file management, screenshots, etc)
bouncing and split-bouncing automatically available via MOSDEF
adjustable covertness level
unique MOSDEF development environment allows rapid exploit development
CANVAS is a platform that is designed to allow easy development of other security products. Examples include Gleg, Ltd's VulnDisco and the Argeniss Ultimate 0day Exploits Pack.
Immunity's CANVAS makes available hundreds of exploits, an automated exploitation system, and a comprehensive, reliable exploit development framework to penetration testers and security professionals worldwide. To see CANVAS in action please see the movies at immunitysec.com
Supported Platforms and Installations
Exploits
Payload Options
Ability to make Custom Exploits
Development