10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

Bookmark

Background "What is Armitage?" (10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test)

"Armitage exists to help security professionals better understand the hacking process and appreciate what's possible with the powerful Metasploit framework. Security professionals who understand hacking will make better decisions to protect you and your information." I copy that paragraph from Fast and Easy Hacking FAQ, but in a simple way to explain what is Armitage, in my opinion it's tools that make you learning about Netowork Security, Metasploit, and NMap more easier because this tools make all of that tools(Metasploit, NMap) in visual way not a command line. Just a few click and you will know the flow of an attack happen in the network.

FYI : Read here for latest Backtrack 5 Armitage tutorial.

Requirement :

1. Backtrack 4r2

2. Armitage (apt-get install armitage from your Backtrack Box)

3. Java 1.6.0+

4. Metasploit 3.5+

5. Database (PostgreSQL, MySQL) –> In this tutorial we use MySQL; PostgreSQL usually used when you use Backtrack 4r1

 

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test:

If you still unfamiliar with Backtrack, you can read my previous post about 5 useful things in Backtrack Linux.

1. I assume you have already installing Armitage by using apt-get install armitage. The next step is update your metasploit to the latest version by using msfupdate command. This is needed to update our exploit database to the latest version.

v4L@bt:~# /pentest/exploits/framework3/msfupdate

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

2. The next step is enabling RPC Daemon for metasploit, in this case we will use SSL to interact with metasploit.

v4L@bt:~# /pentest/exploits/framework3/msfrpcd -f -U msf -P test -t Basic

The above command will start the msfrpcd with the user msf, password test, SSL listener, on the default port 55553.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

3. After setting up the MSRPC Daemon, the next step is turn on our database service (I will use MySQL)

v4L@bt:~# /etc/init.d/mysql start

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

4. The step 1-3 is the needed step to make sure Armitage running correctly without error. If everything is okay, the next step is run the Armitage inside /pentest/exploits/armitage/, so we need to change the directory first.

v4L@bt:~# cd /pentest/exploits/armitage/
v4L@bt:/pentest/exploits/armitage# ./armitage.sh

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

5. After the ./armitage.sh command, there's should appear new window to connect to MySQL and mysql msfrpcd. Make sure everything is correct and also check the Use SSL checklist. If everything is OK, click CONNECT.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

6. Here's the main window of Armitage, at the top of application there's a menu, on the left side there's auxiliary, exploits, and payload from metasploit, and at the bottom of application there's MSFConsole.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

7. The next step we need to add host(s). We also can use NMap to scan whole network or specific IP Address. In this case I will use "Quick Scan(OS Detect)" using NMap to find alive hosts in my network.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

My network address is 192.168.1.0/24 class C.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

You need to wait until the tasks completed. Usually it depends on scanning type, if you use intense scan will take more time than quick scan. Below is the picture when it finish doing the task.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

If the tools found alive hosts it will be shown like the picture below(also the OS).

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

8. From the previous image it shows that we need to find some attacks available for the listed hosts.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

You can use automated attack finder from armitage who will find the most suitable attacks for the hosts listed. you can choose both "by Port" or "by Vulnerability". If attack analysis has finished the application will inform you like the picture below.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

9. In this example I will try the MS08_067 vulnerability in Windows.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

The next step is the same when you use metasploit framework. If you confused in this steps, you can use automated exploitation (leave all the options default), then click LAUNCH and wait :-).

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

10. If the targeted hosts is vulnerable with the attack, the color will be changed into red, that's mean that we can breach into the computer.

10 Steps to Set Up Armitage in Backtrack 4 for Penetration Test

The next step is right click the hosts and as you can see on the above picture, I choose the command shell to interact with the victim. I think you should know what happen next when I click that option….PWNED. 🙂

I hope you found this tutorial useful, especially for you who want to tests your personal network from security breach by using metasploit. If there's any question or suggestion I welcome you to write on my comments below :-).

(Visited 1,026 times, 1 visits today)

Share this article if you found it was useful:

Blogger at hacking-tutorial.com. Love PHP, offensive security and web. Contact him at me[-at-]vishnuvalentino.com

See all posts by || Visit Website : http://www.vishnuvalentino.com