Hey man, as long as the problem isn't me being an idiot and missing something obvious, it's all good

@HD, will do. Locally (work) I actually automate msploit (community) and Canvas to check, fix (if needed), Shavlik to oversee, OSSIM to mop it all up and make it pretty. I have it running across a /22 internally. So I'll do my monthly checks and balances starting next month using nothing but Metasploit Express. Well at least for as many hosts as I can (I'm on trial here - unless you want to give me a 1 day license *shmooze shmooze*)

You stated: "At the end of the day, CANVAS still got a shell on this system, where Metasploit Express did not, but the stability of the target network is often just as important as whether you get in during most engagements." True, sort of.

E.g., what you haven't seen is what is going on behind the scene in my version of the real world. I actually use metasploit for quick identifications of vulnerabilities and the possibility of exploitation on a more direct (targeted/focused) level then I do Canvas. I have more way flexibility with MSploit versus Canvas. However, few things, Dave and company (Immunity) have found some seriously cool stuff not available publicly (meaning, you're not going to find it on exploit-db, etc.). Also, I've yet to crash a machine to the point of it being unresponsive with Canvas. (This has been my experience) I'm well aware that certain exploits from ANY tool can be brutal, but to be honest, if I had to count machines I've tested in a one year span, I've easily hit up 400-600 machines with BOTH tools and none have caused a crash *yet*. This includes services AND machines. What I have noticed though, is when I do hooks (backdoor type stuff), sure I've had hangs, service restarts. But this was with both Canvas and Metasploit.

Now, comparison from my POV? Canvas is only used as what I consider "the last resort/big guns." For the most part I use Metasploit even though I generally prefer to do things manually (yup I like the punishment, learned this trick from a friend at KoreLogic) When I am using Metasploit - I'm doing so because it has some kick ass functions (pattern_create has saved me mucho time) I can't find with any other tool(s). Metasploit bundles a heck of a lot up for me.

Aside from that, I use metasploit more than Canvas since I go back and forth between msploit and WinBDG via byakugan (mushishi!) whereas I can't do that with (easily) Canvas. I know I could probably slap in Immunity Debugger but I feel more comfortable with WinDBG which moves Metasploit into my first choice. Because of byakugan, !exploitable and other slap ons. This is just me though.

Thank you for the videos!

We really appreciate that you take the time to share your knowledge/experience with us.


Also, if it is possible, it will be preferable to comment (voice instead of music) what you are doing.

Thanks again!