Armitage is an GUI Platform for Metaspoilt and in technical terms,it is
a script-able red team collaboration tool for Metasploit that visualizes
targets, recommends exploits, and exposes the advanced
post-exploitation features in the framework.It saves time and is very
powerful in commencing Metaspoilt attacks.
So Now about our attack today :
What Do We Need ?
Latest Metasploit framework.Oracle Java 1.7
Preferably Internet on LAN
Brains and Patience.
Now Lets Us Start Our Hack Today.
Step 1 -Open armitage on Backtrack 5:
By Going To : Backtrack > Exploitation Tools > Network Exploitation Tools > Metasploit Framework > armitage.
Step 2 : Connect Armitage:
Click on the connect Button .
Step 3 : Connecting Armitage :
Now use the patience part,and stretch your legs,it takes some time to connect.
Step 4 : Armitage Window :
It has 3 Panels -
Target Panel
Module Panel
Tabs Panel
Step 5 : Finding the alive host on the Network :
Now you will search for Host on you network,By Going to Hosts -> Nmap
Scan -> Quick Scan (OS detect).This will perform a quick scan to
detect the host and their operating systems and vulnerabilities.
Step 6 : Inputting The Scan Range :
Now You have to insert scan range,that is you LAN ip
range,Most preferably it would start with 192.168.0.- or 10.0.0.-.NOTE :
the ( - ) resembles the computers on LAN.
Start the Scan.
Step 7 : Scan Complete:
After the scan has completed,if their are any other PC's on your network on,then they would be visible in the Target Pane (the Big Black box on the upper right).Step 8 : Finding Attacks :
Now the Fun Parts starts,Click on Attacks tab in your toolbar and select
Find Attacks (Not hail mary,you might not be ready for that).Start the
scan and wait till it completes.
Step 9 : Set the vulnerability :
Right Click on the Host icon (windows pc) -> Select attacks -> smb -> ms08_067_netapi vulnerability .
Now a window should pop,Click on the check-box that says "Use a reverse connection" .
Start Attack
Step 10 : The Final Result :
So did the Host Icon Turn Red ? That Means YOU PASSED.
So You Did The Hacking Part Right,Now let us mess with the client.
Hack 1 - Opening Command Prompt :
Right click on the host -> Meterpreter1 ->Interact -> Command Shell
Now You are In Their Command Prompt,You can now
change,rename,delete,create files on their pc now.Search Google for some
powerful windows commands.
Hack 2 - Start an KEYLOGGER :
Click on the Meterpreter2 -> Explore -> Log Keystrokes.
Now you will receive what the victim is typing.
Hack 3 - Take An Screen Shot :
Click on the Meterpreter2 -> Explore ->Screenshot.
Now you can see what is on their Facebook wall or Google mail accounts.
Hack 4 -Browse Files :
Right click -> Meterpreter2 -> Explore > Browse Files .
Now you can interact with all the files on victim PC via a GUI.
Hack 5 - Get in His Webcam (my favorite part).
Right click -> Meterpreter2 ->Explore -> Webcam shot
Catch that guy making out ,and have fun with him later.
Post a Comment