Friday, April 11, 2014

Introduction To Armitage in Kali : Hack without one line of code

Fast and easy hacking, that's what the official Armitage website is named as. And fast and easy hacking it is. It is not recommended starting your life as a penetration tester with Armitage. But after you know the basics of metasploit (which you do now), you can take a look at this great tool. And I've started to assume you have Kali Linux installed.




Installing Metasploit

Now metasploit is not distributed with Kali Linux (it was distributed with backtrack though). However, Kali has it on its repositories, and it can be easily downloaded and installed by executing-
apt-get install armitage
It will check dependencies and download the required file and install Armitage for you.  After its done, you can start armitage by using the following code-
service postgresql start
 service metasploit start
armitage
 You will get a screen like this. Let the settings be as they are, and click connect. You'll get a prompt like this (most of the time)
Now you'll see Armitage making some connection for you. For a short while it might show failure messages (Connection Refused), but after some time Armitage will start.
And you'll end up with a windows somewhat like this
Now while I do believe that the developer has succeeded in making a tool which permits me to say - "I'll take my leave, you can handle stuff from here", but I'd still go on for a while, helping you know some basic stuff before I take my leave.

Armitage Basics

Now the tough coding (honestly there wasn't anything tough about that) that you had to do with Metasploit, becomes as easy as a click on Armitage. Better yet, you can see exactly what line of code is actually executed when you do something with your mouse. As a start, you should do a quick scan with OS detect.
And while it does ask you to enter some stuff now, it is going to be pretty easy, you just have to follow the example given by armitage with some modification.
First do your old ifconfig on a new terminal to find you IP
ifconfig
 Notice that most of the time, the first 6 digits are 192.168. You have to figure out the next 3 digits. After that, you can enter the ip into the armitage window. Look at the sample it had provided, just copy that, and, replacing the 1 with 154 as in my case. You final code should be 192.168.154.0/24. The 0/24 means it'll look at all the IPs from 192.168.154.1 to 192.168.154.256. Actually it scans IP from 192.168.xxx.0 through 192.168.xxx.255. Most of the time, you'll find your host in this range, however, to include all IP from 192.168.0.0 to 192.168.255.255, you may use 192.168.0.0/16.
This is the automatically generated code after clicking OK.


Now, after a few seconds, you will see the following message, and it tells you exactly what you're supposed to do next.
Now a couple of computers with respective OS icons will show up on your screen. As expected, you'll have to go to Attacks -> Find attacks. There's no rocket science here, and I'm not putting any more screenshots. After that, right click on the computer you want to hack, and you'll see an attack option. Select whichever you want to try, enter the requisites (you learnt how to do Information gathering in the previous Metasploit tutorials). Everything will be quite easy, except for the fact that the exploits in attack section will be possible exploits, that might or might not work. If you're expecting a click to hack you a Windows 7 machine, then that's just not happening. It might work with an unpatched XP machine, a ms03_026_dcom might do the trick, or the netapi one. Good luck with playing around with this tool. And here's the official Armitage website (media section link, useful vids and pics there) where you might find some more guidance, though the tool doesn't need any.

19 comments:

  1. 192.168.xxx.0/24 will scan from xxx.0 through xxx.255, not 1-256. Also, xxx.0 is the network ID, xxx.255 is the broadcast address, so you'll only ever find any results from xxx.1 through xxx.254.

    ReplyDelete
    Replies
    1. Thanks for pointing it out Brian. I'm making the corrections.

      Delete
    2. well those two addresses are reserved.. one for router(network address) and another for broadcasting....

      Delete
  2. service start postgresql should be service postgresql. Also I was getting an error that could only be fixed by starting metasploit as well. Could probably throw that in there?

    The problem I'm experiencing now is that I can't ping any other pcs on my LAN. I get a destination host unreachable. I have a dummy comp I'm trying to push around but armitage doesn't see it at all. :/ Know a fix for this?

    ReplyDelete
    Replies
    1. Just disable the FW on the target you're trying to ping.

      Delete
  3. i dont have the attack menu when i right click a host.
    pls help me :/

    ReplyDelete
    Replies
    1. your kali instance can't communicate properly with the target. if you can't ping it you can't attack it in this case. just disable the FW on target and try to ping it after that. they you'll run the scan again and the attack menu will appear.

      Delete
    2. your kali instance can't communicate properly with the target. if you can't ping it you can't attack it in this case. just disable the FW on target and try to ping it after that. they you'll run the scan again and the attack menu will appear.

      Delete
  4. You Should More Explain About This Topic!
    Explain More...

    ReplyDelete
  5. i tried using it in my lab but it says database already created and it shows me the older setup how do i create a new database?

    ReplyDelete
  6. please help!!!! when i start quick scan with os detect i got the machines detected but not os ( all the monitors are black screen )

    ReplyDelete
  7. i start the scan and it will not show any pc except 192.168.1.1? and that pc have a linux cover so im confused between if that is the router or my own pc? im running kali linux on my main pc tho!?
    hope you will help me!!!!

    ReplyDelete
    Replies
    1. Type ifconfig on your terminal to find out your ipv4 address. 192.168.1.1 is usually the router address, your PC would have some other address (usually 192.168.1.x, x>1)

      Delete
  8. HI , I click on Attacks > Find Attacks , A window appear with this message " Attack Analysis Complete ... / You will now see an 'Attack' menu attached to each host in the Targets windows. " but ... i don't show this " menu detached " ... can you help me please , thanks

    ReplyDelete
  9. Hi Shashwat Chaudhary. Really a great article on Armitage. You explained nicely and pointed out that we've free tools comes prebuilt on Kali Linux which are great but we search the web to find out best tools to exploit systems instead of using the tools comes by default on Kali Linux. Thank you.

    ReplyDelete
  10. I like your post. It is good to see you verbalize from the heart and clarity on this important subject can be easily observed.. personal injury attorney greensburg

    ReplyDelete
  11. That is very helpful for increasing my knowledge in this field. Commercial Insulation Pennsylvania

    ReplyDelete
  12. My research was based on a thorough analysis of the quality of online homework help services offered by each company and their response time to customer queries.

    ReplyDelete

© Kali Tutorials, 2016. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to Shashwat Chaudhary and Kali Tutorials with appropriate and specific direction to the original content.
Bitcoin: 1B5aLqJcMW7zznffTxQwta8JTZsxBDPguC