Skip to main content

Metasploit (Armitage) start up

By RoCk StAr DeViL

Step 1: Download Armitage

The first step, of course, is to download Armtage. If you have BackTrack or the early versions of Kali, you probably don't have Armitage, but you can get it from Armitage's website.

Click on the download button and it will pull up the following webpage. Make certain that you download the Linux version.

Another download option includes using the command line tool aptitude. Just type the following to install it.

kali apt-get install armitage

In addition, you can also use the GUI-based tool in Kali, the "Add/Remove Software," and search for "Armitage."

Step 2: Start Metasploit

Once you have Armitage downloaded onto your system, the next step is to start Matsploit. Make certain the postgreSQL server is started by typing:

kali > service postgresql start

Now, start Metasploit by typing:

kali > msfconsole

Step 3: Start Armitage

Armitage uses a client/server architecture where Metasploit is the server and Armitage is the client. In essence, Armitage is a GUI client that I can interact and control the Metasploit server.

Start Armitage in Kali by typing:

kali > armitage

When you do so, you will see the following screen.

If you are running Metasploit from your "home" system, leave these default setting and click "Connect." If you want to run Armitage on a remote system, simply put the IP address of the system running Metasploit in the window asking you for the "Host."

Step 4: Start the RPC Server

Armitage connects to an RPC server in order to control Metasploit. You are likely to see the following screen after starting Armitage.

In some cases, it make take awhile to connect, such as in the screen below.

When Armitage finally connects to Metasploit's RPC server, you will greeted with the following screen.

Success! You are now running Metasploit from an easy to use GUI.

Step 5: Explore Armitage

Notice in the upper left-hand corner of the Armitage screen, you can see folders. These folders contain four types of Metasploit modules;

auxiliaryexploitpayloadpost

If you have read my earlier Metasploit tutorials, you know that this is how Metasploit organizes its modules. For the beginner, the exploit and payloadmodules are the most important.

We can expand the exploit modules directory by clicking on the arrow head to its right. When we do so, it expands and show us its contents.

It categorizes the exploits by the type of operating system (OS) they are designed for, such as Windows, BSD, Linux, Solaris, etc. Remember, exploits are specific to an operating system, an application, ports, services, and sometimes even the language. If we scroll to the Windows subdirectory and expand it, we see all the Windows exploits categorized by type.

Now, when we are looking for an exploit to use on a particular system with a particular vulnerability, we can simply point and click to find it.

Step 6: Hail Mary!

Nearly everything you can do with the Metasploit console, you can with Armitage. There is one thing though that you do with Armitage that you cannot do with msfconsole (at least without scripting). That one thing is to throw the Hail Mary! The Hail Mary is where Armitage will throw every exploit it has against a site to see whether any of them work.

Simply go to the "Attacks" menu at the top of Armitage and select "Hail Mary." When you click on it it warns you like in the screen below.

This wouldn't really be effective in a hacking environment as its far from stealthy. It will create so much "noise" on the target that you will likely be detected immediately, but in a lab or pentesting environment, it can be useful to try numerous attacks against a target a see which, if any, will work.

Armitage enables the aspiring hacker to quickly grasp the basics of Metasploit hacking and begin to use this excellent and powerful tool in very short order. We all owe Raphael Mudge a debt of gratitude for developing and giving away this excellent piece of software!

Comments

Post a Comment

plz add ur comment here

Popular posts from this blog

Wordpress hacking - How to install / run wpscan on windows xp / windows 7 / windows 10

By RoCk StAr DeViL
HOW TO RUN WPSCAN ON WINDOWS Byrockstardevil Requirements: rubyinstaller Development Kit for rubyinstaller curl DLL for windows : libcurl.dll 1 - install rubyinstaller you must have Ruby 2.2.3 version . download links here : http://rubyinstaller.org/downloads/ for more info : https://github.com/oneclick/rubyinstaller/wiki 2 - install Development Kit for rubyinstaller download link : http://rubyinstaller.org/downloads/ how to install : https://github.com/oneclick/rubyinstaller/wiki/Development-Kit if you face that problem  "unknown encoding name -  (ArgumentError)" just type "chcp 1252" in cmd and hit enter 3 - install libcurl.dll A - Download libcurl.dll from : http://www.confusedbycode.com/curl/ B - copy libcurl.dll copy  libcurl.dll into ruby bin folder or wpscan folder and make sure to add it to your PATH. I also added .DLL to PATHEXT ex : C:\Ruby21-x64\bin\ you can visit : http://www.computerhope.com/issues/ch000549.htm to know to set the p...
2 comments
Read more

Upcoming Book- Kali Linux Revealed: Mastering the Penetration Testing Distribution

By RoCk StAr DeViL
More exciting news! In the past year, Kali Linux Official Team has been working internally on an Official Kali Linux book – Kali Linux Revealed: Mastering the Penetration Testing Distribution . This is the first official Kali book from Offsec Press , and is scheduled for release on June 5th, 2017 . Kali Linux Revealed will be available in both hard copy and online formats. Keeping the Kali Linux spirit, the online version of the book will be free of charge, allowing anyone who wishes to hone their skills and improve their knowledge of Kali to do so at no cost. This book, together with our official Kali documentation site will encompass the body of knowledge for the Kali Linux Certified Professional   (KLCP) .
1 comment
Read more

Check Disk space in Kali Linux

By RoCk StAr DeViL
After installing Kali Linux on hard drive or on virtual machine, we may have come across with a warning message of " Low Disk usage ". It happens when we allocate insufficient disk space during partition for kali linux or else when we do a regular "update" and "upgrade" of patches or downloading softwares. Kali Linux comes with a graphical built-in tool, i.e. Disk Usage Analyzer . This tool helps you to check the disk space usage. There are other options too, to check usage as per file system. If you need to check from terminal(for non-gui users), then there are two classic commands available for every linux distros, i.e.  (a) df : Report file system disk space usage (b) du : Estimate file space usage df command is used to check free disk space. You can type df -h or df -k to list free disk space. It displays statistics about the amount of free disk space on the specified file system or on the file system of which file is a part. Values are displayed in...
Post a Comment
Read more