• 9,045
  • 91
  • +504
  • 696
How to Use Armitage on Backtrack 5 R2 to Hack Windows

How to Use Armitage on Backtrack 5 R2 to Hack Windows

Bookmark

Type : Tutorial (How to Use Armitage on Backtrack 5 R2 to Hack Windows)

Level : Medium

Target O.S : Windows XP SP0

Attacker O.S : Backtrack 5 R2

Long time I didn't wrote a tutorials about how to use Armitage…actually yesterday I have already wrote about How to Set Up Armitage on Backtrack 5 R2 and now I'm try to wrote a simple tutorial about step by step how to use Armitage to perform an attack.

In this tutorial I will scan the whole network of my lab PC(my own PC's) and mapping it using Armitage, and then set up a VNC viewer as my payload to view victim computer screen.

Once again I told you that this tutorial maybe didn't work if you have some antivirus in your victim PC, but the point I want to deliver here was the logic how to perform the attack by using this Armitage automatic exploitation tools.

Requirements :

1. Armitage 052112 I'm use this version (If you use Backtrack 5 R2 this package already there)

if you have problem to start using your Armitage, you can view the set up tutorial in this page(setup armitage in backtrack 5 R2).

Step by Step How to Use Armitage on Backtrack 5 R2 to Hack Windows:

1. For the first step, of course you need to start your Armitage. You can view the tutorial here about setup armitage on backtrack 5 r2

2. Choose Host → MSF Scans (You also can use Nmap scans)

How to Use Armitage on Backtrack 5 R2 to Hack Windows

and then enter your scan range address. You can use single IP address, or CIDR notation, or IP address range(e.g 192.168.1.100 – 192.168.1.110)

If there's other PC's on your network you also can view in this window as the result.

3. Armitage has automatic exploitation feature called Hail Mary. According to Armitage website :

If manual exploitation fails, you have the hail mary option. Attacks -> Hail Mary launches this feature. Armitage's Hail Mary feature is a smart db_autopwn. It finds exploits relevant to your targets, filters the exploits using known information, and then sorts them into an optimal order.

In this case I will use Hail Mary feature, even though you also can use manual exploitation for more specific targets.

How to Use Armitage on Backtrack 5 R2 to Hack Windows

4. After Hail Mary finish scans the hosts and found a vulnerable host on your network, it will show a red color PC image, but if you found nothing, then maybe you can try using a manual exploitation to exploit the target.

How to Use Armitage on Backtrack 5 R2 to Hack Windows

6. Because the program already do everything for us(for major vulnerability and known vulnerability) we just need to connect to meterpreter that ready to interact, you can choose Command Shell, Meterpreter Shell, or VNC. In this case, because the victim PC was also my personal PC, I will use VNC as my payload.

How to Use Armitage on Backtrack 5 R2 to Hack Windows

7. After choosing VNC desktop as a payload, there's a pop up window told us to run our VNC viewer to connect on our local address with specific port(written there).

How to Use Armitage on Backtrack 5 R2 to Hack Windows

8. Now open up a new terminal and type vncviewer command to open new vnc dialog window. I wrote down the information on vnc viewer window text box : 127.0.0.1:5930 and press enter while you finish (btw, I'm capture this event two times with two times trying, and I just realized that the port number was changed :-P )

How to Use Armitage on Backtrack 5 R2 to Hack Windows

9. There's your VNC window remoting a victim computer

How to Use Armitage on Backtrack 5 R2 to Hack Windows

Share this post if you found it useful :-)

Subscribe Now To Get Latest Hacking Tutorial on Your E-Mail

Share this article if you found this post was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com

  • http://www./hacking-tutorial/how-to-use-armitage-on-backtrack-5-r2-to-hack-windows/ daud

    bro it can only be used in lan ?or how to use in wan or internet cloud?

  • Thirteen

    Thanks!!

  • devil@rancy

    it would be better if u explain to use commands by terminal without softwares…
    go through this …..
    http://exploitthetechnology.blogspot.in/2012/06/target-windows-7-metasploit.html

  • devil@rancy

    good blog dude………keep rocking

  • Justin

    If you need to see what your kid is doing on a windows 7 computer and you know their password to login:
    right click their computer in armitage and login>psexec
    then just login with the username and pass and you will a have a meterpreter session going,
    then continue this tut at the vncviewer part

    • http://www.vishnuvalentino.com v4L

      #Justin
      thanks for adding.

  • Peter

    point 4. After Hail Mary finish scans the hosts and found a vulnerable host on your network, it will show a red color PC image but it isnt.

    i see:
    Exploit running as background job.
    [*] Started reverse handler on 192.168.1.3:12022
    [*] Automatically detecting the target…
    [*] Fingerprint: Windows 7 Enterprise – (Build 7600) – lang:Unknown
    [*] We could not detect the language pack, defaulting to English
    [-] Exploit failed [no-target]: No matching target

    Where is the problem? sorry for my english

    • http://www.vishnuvalentino.com v4L

      #Peter
      since armitage is a tool created by human, sometimes they can do false alarm. It’s good if you not just use armitage, but try to use other tools to scan the host destination to match the armitage report with your own scan, so the validity become 85%-90%.

  • lazo

    hi dear i using btr3 when the pc turn color to red but i dont know how to access the pc ? i mean using cam screen shot ….