In this post, You will learn what is Armitage and how does it work and it is a full walkthrough on Armitage tool.
Below is the video format of the post, Do check it out ????????
What is Armitage ❓
Armitage is a graphical cyber attack management tool for Metasploit-framework that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework.
In simple Armitage give a flexibility to use Metasploit in GUI format.
Every pro hacker find Armitage as a very useful tool and they spend most of the times only in Armitage.
Armitage’s red team collaboration features allow your team to use the same sessions, share data, and communicate through one Metasploit instance.
If you want to learn Metasploit and grow into the advanced features, Armitage can help you.
Who Developed Armitage
According to my finding the first repo on Armitage was created by rsmudge and further forked and the code is developed and this below link is given in kali.org official site.
How to install Armitage
Before installing Armitage make sure you setup and start the database. If you have never runned the Armitage then you have to start with the below commands ????????
# Start the PostgreSQL Database systemctl start postgresql #Initialize the Metasploit Framework Database msfdb init #Start Armitage armitage
After enter the above command in a terminal h=just enter arbitrage in the terminal to run the software.
How to use Armitage
Here I have explained all the possible things we can do with armitage and if you have any doubts. Join the discord server and ask the question
I think the below image explains the interface more than enough. Once you open the armitage you could see the menus at the top.
And then the modules at the left, To learn more about metasploit modules [Click here]
Beside the modules we could see a blank box where we could see the target machine.
Down below we could see an another most important terminal, Whatever happens in armitage it will be displayed in terminal.
NMap Scan in Armitage
NMap scan in armitage is really awesome, You don’t have to enter the commands in console you just have to click on which scan you want to do.
Pretty much same like the Zenmap, Well If you don’t know about zenmap [ZENMAP] ???????? click here to learn more about that.
To do an NMap scan just hover on host menu and click on NMap scan then you can select the scan you wanted to do.
The results will appear on the below console.
You have figured what does MSF Scan means, The abbreviation of the MSF Scan is (Metasploit framework scan).
The MSF Scan quickly scan all the important ports from 0 – 65535 ports in a moment of seconds.
Multiple host scan
To import multiple host, Hover on hosts menu and then click on import host then select the file name.
Customising the host OS
To customise the host OS just click on the target and then hover on operating systems then select the OS you want to set for the particular target.
If you attacking multiple target from different OS then this is going to save your ass ????
There are two types of attack vector they are Haily Mary, Manual attack.
Hail Mary goes through all the exploit and payloads and then when it finds the perfect payload and the exploit then it run the exploit.
The Hail Mary attack take a lot of time to complete and that is why they added the manual attack where we can manually select the payload and exploit handler.
In the workspaces we could an another workspace and we can work there, Basically it is like open and another window.
If you are working on different projects and want to have 2 separate workspaces here in Armitage you have it.
In the view menu we could find the below options;
- Scripting Console
Console: In the console we could run the normal linux commands in it.
Credentials: If we done a brute force the credentials will appear on the credentials.
Downloads: If we have downloaded a payload or anything from the target machine will be available on the downloads.
Jobs: In jobs we could select the exploit handler, Payload name and the port.
Loot: We could find the data got from the target machine in the loot the detailed view will be in the view.
Script console: The script console allows us to create a custom script for the target in the console itself.
Reporting: We can extract the results in 2 formats they are activity logs and export data. Whatever you have done, The data’s will be exported.
In my opinion the Armitage tool is out of date and using it in this century is not flexible this is because many feature are out of date.
But if you are a beginner and want to learn metasploit then this tool is going to save your ass ????.
See you guys in next post.
Also Read: Metasploit full commands