Hacking With Armitage. Want to hack in GUI, Don’t Want codes anymore?
Let start with the basic first.
What Is Armitage ?
In one line it is a GUI of Metasploit and you will Definitely like it if you hate codes.
Armitage is a tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.
It is a force multiplier for red team operations.
It organizes Metasploit’s capabilities around the hacking process. There are features for discovery, access, post-exploitation, and maneuver.
What Is Metasploit
Metasploit is a console driven application. Anything you do in Armitage is translated into a command Metasploit understands.
Metasploit presents its capabilities as modules . Every scanner, exploit, and payload is available as a module.
Meterpreter is an advanced agent that makes a lot of post-exploitation functionality available to you. Armitage is built to take advantage of Meterpreter.
Now the Installation part,
If you are a regular pentester then I’ll suggest you Kali Linux as it comes with Metasploit installed 😀
This is a good option if you want to get up and running with Armitage quickly.
You can also
Use the MSF Installer Script created by DarkOperator.
This option will setup an environment that uses Git for updates.
You can install Armitage in kali using this :
kali apt-get install armitage
Starting The Metasploit
Once you have Armitage on your system, you can start Metasploit
Type these code in a Terminal :
service postgresql start
This will start the postgreSQL server.
Now Start the Metasploit, type this :
Armitage uses a client/server architecture where Metasploit is the server and Armitage is the client. In essence, Armitage is a GUI client that you can interact and control the Metasploit server.
Type this in a Terminal :
You’ll see a pop-up now! Just click on Connect .
Starting The RPC Server For Armitage
Armitage connects to an RPC server in order to control Metasploit.
Click on Yes
It may take some time, when it finally connects, you’ll see the Armitage screen.
Now navigate to :
Hosts > Nmap Scan > Quick Scan (OS Detect)
From here armitage will scan a range or a sigle IP Address of your choice then present it in the black window. Right click the target and click Scan.
Notice in upper left hand corner, you’ll see folders where you can see Metasploit modules.
Expand the Exploit modules directory by clicking on the arrow head to its right.
It categorizes the exploits by the type of OS they are designed for, Remember, exploits are specific to an operating system, an application, ports, services, and sometimes even the language.
When you want to use an exploit on a particular system with a particular vulnerability, you can simply point and click to find the Exploit.
Click on any Exploit and this will bring up an attack confirmation window, now click Launch.
When you get success, you can see a red computer with electrical jolts, It indicates a compromised host.
The Hail Mary is where Armitage will throw every exploit it has against a site to see whether any of them work.
To launch it go to the Attacks menu at the top of armitage, and select Hail Mary.
When you will launch it, it will give you a warning cause you’ll not be stealthy anymore now!
But it can be useful to try numerous attacks against a target to check if any work or not in a pentesting lab!
If you liked this, share it with your friends!
Also subscribe to our newsletter to get updates 🙂