Armitage

Description

Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Through one Metasploit instance, your team will:

  • Use the same sessions

  • Share hosts, captured data, and downloaded files

  • Communicate through a shared event log.

  • Run bots to automate red team tasks.

Armitage is a force multiplier for red team operations.

Example

Before starting armitage , we recommend to do this,

cyborg@cyborg:~$ sudo service metasploit stop
worker is stopped
metasploit is stopped
prosvc is stopped
nginx is stopped
/opt/metasploit/postgresql/scripts/ctl.sh : postgresql not running
cyborg@cyborg:~$ sudo service postgresql start

cyborg@cyborg:~$ sudo armitage 

Click Connect :

armitage Armitage

 

Start Metasploit :

start metasploit Armitage

 

Scan the range address :

Go to Hosts > msf scans .

 

scan armitage Armitage

 

Launch Hail Mary Attack 

Armitage has automatic exploitation feature called Hail Mary.

Armitage’s Hail Mary feature is a smart db_autopwn. It:

  • finds exploits relevant to your targets

  • filters the exploits using known information and then sorts them into an optimal order.

armitage hail mary Armitage

 

Manual Attack :

You can launch the attack manually like in this case , we are launching against 192.168.1.40 via browser :

armitage  attack Armitage

Victim’s Reaction : 

Making a victim to open a reverse connection url like in this case : http://192.168.1.10/HLDGlkzM

It can be achieved via iframe too .

Victim is now Cracked :  

See the red border around system ? , it shows it is now cracked .

armitage cracked Armitage

 

To Capture Screenshot : 

armitage screenshot Armitage

Captured Screenshot :

armitage successful Armitage

0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?