Now! You have one more reasons to add Metasploit in your Pentest Toolkit. You just can?t ignore Metasploit anymore just because it does not give you user interface like commercial frameworks available out there like Core Impact and Immunity Canvas.
I know most people think, that using Armitage makes them feel like a script kiddy. It may be so, but you just can?t afford not to get your hands dirty on industry?s Most Recognized and Most Respected Exploitation Framework i.e Metasploit. I am sure, when you have Armitage in your hands, you will definitely find some good reasons to love it.
- Post Exploitation
- Armitage provide several Host Management features available in Metasploit.
- You can import hosts and launch scans to buildup a database of possible targets and visualize them on the screen, working with visualizations is more interactive when you right click on them and configures the options and settings according to your network environment.
- Armitage assists by providing features like automatically recommending exploits and even runs active checks so you know which exploits will work and which will not.
- If these options fail, you can use the Hail Mary approach and unleash the power of db_autopwn against your possible targets.
- Armitage provides several post-exploitation tools built on the capabilities of the Meterpreter agent, so in a way it extends the capability of traditional Meterpreter.
- With the click of a menu you can escalate your privileges, dump password hashes to a local credentials database, browse the file system like local user, and launch command shells.
- Armitage aids the process of setting up pivots, a capability that lets you use compromised hosts as a platform for attacking other hosts and further investigating the target network which you may find only on commercial available exploit frameworks.
- Armitage also exposes Metasploit's SOCKS proxy module which allows external tools to take advantage of these pivots.
- With these tools, you can further explore and maneuver through the network.
- Java 1.6.0+
- Metasploit 3.5+
- Armitage requires you to know the Username, Password, Hostname, and Database before connecting.
- To invoke armitage you have to start the Metasploit RPC daemon first: cd /pentest/exploits/framework3
- And type ./msfrpcd -f -U msf -P test -t Basic
- This will start msfrpcd with the user msf, password test, SSL listener, on the default port 55553.
- Once you have a database, navigate to the folder containing the Armitage files and type: ./armitage.sh
Exploring Armitage User Interface:
- The targets panel shows all hosts in the current workspace.
- Armitage represents each target as a computer with its IP address and other information about it below the computer.
- The computer screen shows the operating system the computer is running.
- The modules panel lets you launch a Metasploit auxiliary module, throw an exploit, or generate a payload.
- Click through the tree to find the desired module. Double click the module to bring up a dialog with options.
Demonstration! (Operating System: Fedora 13)
- Ctrl Plus – zoom in
- Ctrl Minus – zoom out
- Ctrl 0 – reset the zoom level
- Ctrl A – select all hosts
- Escape – clear selection
- Ctrl C – arrange hosts into a circle
- Ctrl S – arrange hosts into a stack
- Ctrl H – arrange hosts into a hierarchy. This only works when a pivot is set up.
- Ctrl R – refresh hosts from the database
- Ctrl P – export hosts into an image
References for this article: