Armitage is a great attack management tool for Metasploit. Armitage shows a graphical representation of your attack as you are putting it in motion. Armitage also allows for Red Teaming by allowing your team a way to collaborate an attack in the same Metasploit session.
In Backtrack 4 R2 start the MySQL service using the
service mysql start command if it is not already running. Then navigate to
/pentest/exploits/framework3. Be sure to update by using the
./armitage to start Armitage.
You will be presented with a connection screen where you should not need to change anything. Double check that the DB driver is mysql and that the connection string is
root:firstname.lastname@example.org:7175/<database name>. Press the Start MSF button to connect to the database and start Metasploit.
After the connection is complete you will see the following GUI.
Navigate to Hosts -> Nmap Scan -> Intense Scan. This acts just as it did in our Using Nmap for network intel gathering article.
Just as you can in Nmap you can enter a CIDR address, an address range, or a single address to scan.
When the scan is complete you are presented with a Scan Complete! message. A graphical representation of the target host(s) will appear on the screen.
Now we can look for known vulnerabilities for our targets based on available ports. Navigate to Attacks -> Find Attacks -> by port.
When the analysis is completed you will be presented with an Attack Analysis Complete message.
If an attack was found an attack menu will appear when you right click on your target. In our example we used the ms03_026_dcom attack as we have done in our other articles.
We are presented with our options which will need to be changed for your environment (external IP address in LHOST). Most targets will require that you select “Use a reverse connection” which will help bypass the local users firewall. Click the Launch to launch the exploit.
If successful, the target will turn red with bolts of electricity coming from behind.
Now, when you right click on the target you will be greeted with a Meterpreter (#) menu that will allow you to take advantage of your spoils.