Friday, December 28, 2018

 Exploit a Vulnerable System using Armitage

Exploiting systems.

A most searched term amongst the popular Ethical hacking terms. You are probably wondering what Armitage is! 

That's funny because you are searching on the web to get the best tools to exploit systems but you are not exploring the tools comes with Kali Linux.

Armitage is nothing but the GUI version of Metasploit. It gives the user a much better idea about what's going on instead of typing complicated codes and leave it to Metasploit.

The best thing about Armitage is, its exploitation process is automated. Choosing exploits to execute, setting up hosts, running vulnerability analysis is just a job of few clicks.

Start the Armitage

Armitage can be found in the 'Applications> Exploitation tools'. But by default, it comes pinned on the dock.

To start Armitage, just click on it and wait for a few seconds to prompt you to connect to the local host. In the prompt don't change anything and click on the 'connect'.
Exploit a Vulnerable System using Armitage

Once you click on connect, another prompt will appear asking you to start the Metasploit RPC server, just click on 'yes'.
Exploit a Vulnerable System using Armitage

Now it will take some time to connect to the remote host and will open up the Armitage interface.
Exploit a Vulnerable System using Armitage

Okay, the interface is loaded. The interface is a little bit confusing if you are using Armitage for, the first time. The interface above is the GUI and the console is going to show you what codes are running during the automated exploitation process to give you the full idea what's going on.

The first section shows the preconfigured modules. You can see the modules are sorted in the terms of the auxiliary, exploit, payload, and the post and at the left side in the black area, it shows the active targets. We will look at that later.

Gathering the Target Information

To perform the exploitation process we're using the Metasploitable2 machine. The first step is we're going to use the  Nmap scan to detect the OS of the system to be exploited by going to the Hosts> Nmap Scan> Quick Scan (OS detect) at the toolbar.
Exploit a Vulnerable System using Armitage

Detecting the OS is important because we're going to use the modules depending on the OS. When will go to the Hosts> Nmap Scan> Quick Scan, it will open up a prompt asking to enter your target IP address. Put the IP and run the Nmap scan. After a few seconds, it will complete the scan and you will get the required details as you are seeing below.
Exploit a Vulnerable System using Armitage

In our case, we used the Metasploitable 2 machine IP address. It prompts a message when you complete your scan successfully and now you should see a computer icon with a little penguin in it in the first section which represents Linux. That means the machine is running Linux.

Initiating the Exploitation Process

Using the Nmap we got to know what operating system and services running on the target machine. 

Now we are going to exploit the FTP protocol as an example. To do that we will go to the exploits>Unix>ftp. in the modules section. Here we got the 'vsftpd 2.3.0 backdoor'. This is what we are going to execute.
Exploit a Vulnerable System using Armitage

To execute it, simply double click on it and it will give you the options to set Lport, Lhost, and Rhost. Here the Lport and Lhost come set by default. You just need to set the Rhost. In our case, we will set the Metasploitable2 machine local IP.
Exploit a Vulnerable System using Armitage

Once you set up all, just click on 'launch'. Just give it a few seconds to launch and it will open a new tab in the console.
Exploit a Vulnerable System using Armitage

Here we've found shell and the command shell is opened. We got the backdoor access. Now you see the computer icon in the first section is surrounded by lightning. That means we've successfully exploited the system.

Wasn't it easy? That's why many people like using the GUI version of Metasploit.

If you want to exploit more things in the system, how can you do that?

Just right-click on the computer icon and here you can see some options. The first option is 'login'  which allows us to login to the default network services but this is possible if you able to crack them. The second one is 'shell 1' we created gives the options to interact, upload, pass the session, post modules, and disconnect.
Exploit a Vulnerable System using Armitage

So, if we want to interact with it,  we will click on the 'interact' and it will open up a shell. Here we can get the files list of the Metasploitable2 machine. Okay, we got access to the root folder. Now we can change the directory to wherever we want.

So, if we navigate to the home directory and list the files there-

cd home
ls

We got the 'msfadmin' folder here. And if we change the directory the msfadmin-

cd msfadmin
ls

We got the 'vulnerable'. Now change the directory to vulnerable and there we found the vulnerable services running on the machine.
Exploit a Vulnerable System using Armitage

Okay, we finished the task. Now let's look at how to find exploits automatically.

Automating finding Exploits process

Close the shell we opened before by right-clicking on the computer icon, then shell 1> disconnect.

Now if you look at the computer icon, you will see the lightning is gone. Now at the toolbar, go to Attacks> Find attacks. It will find attacks that you can run on the target machine.
Exploit a Vulnerable System using Armitage

Just give it a few seconds to complete. Once it completed, it will give you a list of all the compatible exploits you can run on the target machine.
Exploit a Vulnerable System using Armitage

Now, if you right-click on the computer icon, in the 'Attack' section you can see a list of all the services running on the target machine that we can crack. Now you can decide what exploit you are gonna execute!

Conclusion:

Armitage gives the users a much better comfort ness rather than typing lines of codes. Because of its simple interface, it is easy to use for beginners.

Armitage comes free and prebuilt in Kali Linux. We don't need to search the web for tools to find exploits.

Hope you liked it. Let us know in the comment box what exploit did you use and if you are facing any problem while using the tool, explain it in the comment box. Have a good hacking journey and don't get caught.

Comments 0

Thanks for visiting us. Please Do comment with a valid name. Don't comment as Unknown.
(Warning: Do not spam in the comment box. Repetitive comments will not be moderated.)
EmoticonEmoticon