Armitage Kali Linux Complete Tutorial

HackerSploit · Beginner ·🛠️ AI Tools & Apps ·8y ago

Key Takeaways

This video tutorial covers the use of Armitage, a graphical user interface for Metasploit, to perform discovery and exploitation on target hosts, utilizing tools such as Nmap, Zenmap, and Metasploitable 2.

Full Transcript

[Music] hello everyone and welcome to this video in this video we're going to be exploring armitage all right so we're actually going to be performing exploits on our vulnerable operating system which in this case is metasploitable too so i hope you're really really excited so you might be asking yourself what exactly is armitage well armitage is simply the graphical user interface for metasploit alright so the way you have nmap and zen map nmap being the command line interface and you have your zenmap which is the graphical user interface that is the same way so you have your metasploit console and armitage so armitage is the graphical user interface for metasploit all right so some of the advantages are it gives the user much better idea of what's going on so great ease of access and the user is able to understand how the scan process and how everything is being exploited and you just give the the user graphical representation of the scan and the exploitation technique all right so let's get started now by default metasploit uh sorry armitage can be found on the dock uh on candidates so if you just go to the little green head creature icon i'm not sure if that is the what it is uh but irregardless of that as you can see it is armitage or if you do not have it on your dock you can just go into applications and you can go into exploitation tools and you will find armitage there all right so just click on armitage and now it's going to prompt you to connect to the local host in a few seconds just give it a few seconds to start up and there we are it's going to prompt you to connect to the local host and the port just hit connect do not change anything here and once you hit connect it's going to prompt you to start the metasploit rpc server so just hit yes we want to do that and now it's going to start connecting to remote host and just give it a few seconds and we should be good with armitage all right so the great thing about armitage as i said is that the exploitation is is then uh the exploitation process is automated as well as uh you know the uh the setting of hosts the setting of targets but you know vulnerability analysis uh you know it also offers so you know functionality like that and we'll be looking at this when we'll be exploiting um our our metasploitable to virtual machine all right so as you can see armitage is loaded up and you might be a bit confused with the interface because you heard me tell you that it was a graphical user interface and now you're seeing a metasploit console here well don't worry about that the metasploit console there is is there to aid you in what's what exactly is going on all right so the first thing i'm going to start with is i'm going to start with this little toolbar up here this little toolbar is very very simply put so in armitage you can you can change settings like add a new connection you can check the preferences you can set the target view settings you can set the target view set the exploit rank you can use a sox proxy like we did in the proxy chains video we can look at the listeners so you can connect to or wait for you can set the l host the listening host if you want another listening host for example if you're running a kali linux on another computer and you want that computer to also listen to you you also have your scripts and you can close armitage in terms of the view this is just to edit the view when we look at hosts you can add your host so for example uh we'll add our meta exploitable to virtual machine here but we'll do that in a few seconds we have nmap scans which is awesome you can automate nmap scans directly from armitage you then have your metasploit scans which is awesome uh we then have your dns enumeration which we looked at in the information gathering section i hope you remember so everything can come together really really beautifully and this is why i really enjoy using armitage and you i'm sure you'll see why right you can then clear your database which is essentially just clearing yeah you know any of the left over scans uh that you had performed or exploits that you had performed you then have your attacks where you can find attacks on your target or your host and you have hail mary which is something we'll look at in a few minutes okay looking at the workspaces you can manage and show all your all your the workspaces you currently have in terms of help you have your homepage your tutorial scripts and your about section all right fantastic now let's get into the interface so the interface is sorted into three sections all right you have your your first section your second section and your third section all right so you can enlarge them and resize them uh depending on how you want them uh to be displayed so i usually like having mine uh like this because i like having to see what the console displays but as much as i like that i will be looking at the first section here in the first section essentially what is being displayed here is your pre-configured modules all right so you can also search for modules here uh you know in this little search bar so this is where you have all the modules sorted in terms of auxiliary exploits payloads and the post which we'll look at in a few seconds uh when it comes to the second the second interface here the second interface is used to display your active targets uh that we were able to exploit against all right so this is where all your active targets will be displayed in forms of computers we'll look at that again when we'll get started with metasploitable 2. as for the console this is your metasploit console and it'll be uh well your activity will be sorted in forms of tabs here again you'll be you look at exactly how that happens and essentially allows you to uh to run your meta printer or your console sessions simultaneously something really really awesome and i'm sure you'll appreciate it okay let's get started with your module section so as i said your modules essentially contain uh your all your modules uh in this section and they're sorted in terms of auxiliary exploits payloads and post and you can go through them so for example we have auxiliary you can look at the auxiliary scanners you have your scanners fuzzers uh you know your sniffers spoofers etc etc you have your exploits where your exploits are sorted in terms of their their platform that they're running on an operating system that they're running on for example you have android apple ios uh firefox free psd linux unix mac os x and windows you then have your payloads that are also sorted in terms of their platforms and the operating systems that they're currently that they are to be exploited on all right you then have your post which is also similarly sorted in terms of their uh their platforms and the operating systems that they are designed to be exploited on so let me just close every one of this and as i said you can also use the search uh the the search bar here to search for the metasploit uh modules all right now let's get started with some actual uh exploitation and we're going to start off with metasploitable too all right so what we're going to do is we're going to go into hosts all right now in hosts you can import hosts or you can add hosts we're not going to add a host yet and the reason is i'm going to use an nmap scan to also perform some information gathering while adding the host so what i'm going to do is i'm just going to go into nmap scan and i want to perform a quick scan that will detect the operating system that is running on our target or or our host for that matter so i'm gonna click on that and now it's gonna prompt you to enter your host ip address or your target ip address or the range if you want to scan your entire network in this case what i'm going to do is i'm just going to get the ip address for matches floatable 2 which as you can see here is 192.168.1.106 so we're just going to enter that right now excellent so once we hit enter it's going to perform the nmap scan and it's going to detect what operating system is running now as i said here the activities are going to be sorted out in terms of tabs so your console is still open and your end map scan is still ongoing here or it's it's just started and you can run them both simultaneously which is fantastic right so the scan is done and it should give you a prompt here saying the scan is complete voila so uh it's going to give you an option here saying use attacks find the text to suggest applicable exploits for your targets interesting so i'm gonna hit okay and what do we have here well we have a little cute little penguin here to represent linux so we know it is running uh linux 2.6 and the kernel is not specified more than that all right so you know you can see the services and the ports that are the ports and the services running on these ports uh with the nmap scan so we were able to get information about our target and now we we understand what operating system is running on it and we can see the services running on the ports in the previous video we looked at exploiting the ftp protocol or the ftp port with the ft the f uh the vs ftpd uh back door and how did we do that all right the first thing we did is we know that it exists as an exploit so we're going to go into our modules and i'm going to show you exactly how to find it so we're going to go into exploits and we're going to go into unix because it is a unix uh it is a unix exploit and once i click into unix we're going to then select the protocol which in this case is the ftp protocol right here and we're going to expand that and voila you have your svsftpd 2.3.4 backdoor so if you want to uh if you want to execute this what we do is we just double click it all right and once we double click it it's going to give you the options that we used in the previous or we used in the metasploit console options like setting your r host and the r port so by default the l host which is your listening host which is your ip address uh is default is set by default so 192.168.1.107 and the default listening port is also set uh by default all you have to do is just enter your r host which in this case is 192.168.1.16 and we will exploit the backdoor using the ftp service so 192.168 0.1.106 and once you're ready you can just hit launch alright and it's going to launch the exploit so just give it a few seconds and it's going to open up a new tab over here the exploit tab just give it a few seconds here and there we are found shell command shall open and voila we have back door access now you might have noticed something also very very interesting the linux computer here is now surrounded by lightning or electricity and is turned red now this means that we have successfully exploited this system in one way or another right so this is fantastic everything is automated really really well but now you might be asking i want to exploit more things with metasploitable what can i do now all right tell me what i can do so what we're going to do is we're going to close up this menu here and what uh the awesome thing as i said is the automation but before that i'm just going to um well if i look at the shell that's running uh if i right click sorry about that if i right click on the target we can see that it gives us options to log into the default network services now that is something just uh you know very very common once you've cracked them if if the cracking process is possible you can then log into things like the ftp protocol the http mysql ssh you get the idea now the shell that we created which is what we the exploit that we used allows us to interact with it we can then upload we can pass the session we can post modules and we can disconnect so uh let's say we wanted to interact with it so if we wanted to interact with it it's going to open up a shell for us and again we can list the files on the server the metasploitable 2 uh you know virtual machine which is considered to be a server because it does run some web applications and voila you have access to the root folder so let's see if we change directory to the home directory and we list the files in there we have the msf admin so let's also change directory into that msf admin and we can list the files in there we have the vulnerable so cd vulnerable whoops cd vulnerable cd vulnerable and if we list there we have the uh we have the the web services that are running so you have mysql the samba uh tiki wiki etc etc so i'm just going to close the shell because we're done with that exploit let's look at how to exploit or how to find exploits automatically now so i'm going to close that shell and i'm just going to right click and i'm going to go to the shell one and i'm going to disconnect because we're done with that exploit right so once it's disconnected it's going to remove the little uh icon that denoted the fact that the operating system of the computer was uh was exploited now you might be asking well how do we you know how do we exploit it automatically or how do we find exploits automatically well we go into attacks and we find attacks all right so now it's going to find attacks that you can run on the operating system or the computer in this case our target host which is the metasploitable 2 virtual machine so as you can see it's gonna it's gonna query the exploits and just give it a few seconds to go through all of them and once it's done it's gonna give you all a list of the compatible exploits that you can use or exploits that can actually exploit a vulnerability on your uh on on your on on the operating system or the target that you've chosen so if we right click now and we go into attack you can see that it's listed all the services uh that we can crack so if we go to ftp we have the vs fdpd back door here we have the pure ftp bash execution here you can also check for exploits again you have your telnet you have your http vulnerabilities so these are all vulnerability or exploits that you can run on this virtual machine so if we go to for example something like the web app we can um let's let's get something more practical sorry about that if we go into the mysql so we only have one exploit for the mysql database so if we click on this uh payload if we load it and uh let's see if everything is set correctly the our host the ros there we are that that's okay so we're just gonna launch or let's see if we can get any information right so it's going to start the exploit in a new tab i'm just going to close the old tab so it's going to start the exploit process just give it a few seconds here and there we are it's going through a process for some reason the mysql function system execution is not available so yeah this exploit did not work now this is what i was talking about now it is going to work you

Original Description

Hey guys! HackerSploit here back again with another video, in this video, we will be looking at how to use Armitage for discovery and exploitation. ⭐Help Support HackerSploit by using the following links: 🔗 NordVPN: https://nordvpn.org/hacker Use the link above or the code below for 77% Off your order Promo Code: hacker I Hope you enjoy/enjoyed the video. If you have any questions or suggestions feel free to ask them in the comments section or on my social networks. 🔗 HackerSploit Website: https://hsploit.com/ 🔗 HackerSploit Android App: https://play.google.com/store/apps/details?id=com.hsploitnews.hsploit&hl=en 🔹 Support The Channel NordVPN Affiliate Link: https://nordvpn.org/hacker Patreon: http://patreon.com/hackersploit 🔹 Get Our Courses Get a special discount on our courses: The Complete Deep Web Course 2018: https://www.udemy.com/the-complete-deep-web-course-2017/?couponCode=DWCBP2017 🔹 SOCIAL NETWORKS - Connect With Us! ------------------------------- Facebook: https://www.facebook.com/HackerSploit/ Instagram: https://www.instagram.com/alexi_ahmed/ Twitter: https://twitter.com/HackerSploit Patreon: http://patreon.com/hackersploit -------------------------------- Thanks for watching! Благодаря за гледането Kiitos katsomisesta 感谢您观看 Merci d'avoir regardé Grazie per la visione Gracias por ver شكرا للمشاهدة دیکھنے کے لیے شکریہ देखने के लिए धन्यवाद
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from HackerSploit · HackerSploit · 0 of 60

← Previous Next →
1 How To Install Kali Linux 2.0 On Virtual Box
How To Install Kali Linux 2.0 On Virtual Box
HackerSploit
2 100 Subscriber Q&A! - How I Learned Ethical Hacking
100 Subscriber Q&A! - How I Learned Ethical Hacking
HackerSploit
3 BlackArch Linux Review - Better Than Kali Linux?
BlackArch Linux Review - Better Than Kali Linux?
HackerSploit
4 How to Access the Deep Web Safely | Deep Web Starter Guide 1.0
How to Access the Deep Web Safely | Deep Web Starter Guide 1.0
HackerSploit
5 Wireshark Tutorial for Beginners - Installation
Wireshark Tutorial for Beginners - Installation
HackerSploit
6 Wireshark Tutorial for Beginners - Overview of the environment
Wireshark Tutorial for Beginners - Overview of the environment
HackerSploit
7 Wireshark Tutorial for Beginners - Capture options
Wireshark Tutorial for Beginners - Capture options
HackerSploit
8 Wireshark Tutorial for Beginners - Filters
Wireshark Tutorial for Beginners - Filters
HackerSploit
9 Complete Ethical Hacking Course - Become a Hacker Today - #1 Hacking Terminology
Complete Ethical Hacking Course - Become a Hacker Today - #1 Hacking Terminology
HackerSploit
10 Complete Ethical Hacking Course #2 - Installing Kali Linux
Complete Ethical Hacking Course #2 - Installing Kali Linux
HackerSploit
11 Parrot OS 3.5 Review | The Best Kali Linux Alternative
Parrot OS 3.5 Review | The Best Kali Linux Alternative
HackerSploit
12 Nmap Tutorial For Beginners - 1 - What is Nmap?
Nmap Tutorial For Beginners - 1 - What is Nmap?
HackerSploit
13 Katoolin | How To Install Pentesting Tools On Any Linux Distro
Katoolin | How To Install Pentesting Tools On Any Linux Distro
HackerSploit
14 Nmap Tutorial For Beginners - 2 - Advanced Scanning
Nmap Tutorial For Beginners - 2 - Advanced Scanning
HackerSploit
15 Nmap Tutorial For Beginners - 3 - Aggressive Scanning
Nmap Tutorial For Beginners - 3 - Aggressive Scanning
HackerSploit
16 Zenmap Tutorial For Beginners
Zenmap Tutorial For Beginners
HackerSploit
17 How To Setup Proxychains In Kali Linux - #1 - Stay Anonymous
How To Setup Proxychains In Kali Linux - #1 - Stay Anonymous
HackerSploit
18 How To Setup Proxychains In Kali Linux - #2 - Change Your IP
How To Setup Proxychains In Kali Linux - #2 - Change Your IP
HackerSploit
19 How To Change Mac Address In Kali Linux | Macchanger
How To Change Mac Address In Kali Linux | Macchanger
HackerSploit
20 How To Setup And Use anonsurf On Kali Linux | Stay Anonymous
How To Setup And Use anonsurf On Kali Linux | Stay Anonymous
HackerSploit
21 Ubuntu 17.04 "Zesty Zapus" Review - Bye Unity
Ubuntu 17.04 "Zesty Zapus" Review - Bye Unity
HackerSploit
22 VPN And DNS For Beginners | Kali Linux
VPN And DNS For Beginners | Kali Linux
HackerSploit
23 Tails OS Installation And Review - Access The Deep Web/Dark Net
Tails OS Installation And Review - Access The Deep Web/Dark Net
HackerSploit
24 Steganography Tutorial - Hide Messages In Images
Steganography Tutorial - Hide Messages In Images
HackerSploit
25 The Lazy Script - Kali Linux 2017.1 - Automate Penetration Testing!
The Lazy Script - Kali Linux 2017.1 - Automate Penetration Testing!
HackerSploit
26 Best Linux Distributions For Penetration Testing
Best Linux Distributions For Penetration Testing
HackerSploit
27 Netcat Tutorial - The Swiss Army Knife Of Networking - Reverse Shell
Netcat Tutorial - The Swiss Army Knife Of Networking - Reverse Shell
HackerSploit
28 Gaining Access - Web Server Hacking - Metasploitable - #1
Gaining Access - Web Server Hacking - Metasploitable - #1
HackerSploit
29 Web Server Hacking - FTP Backdoor Command Execution With Metasploit - #2
Web Server Hacking - FTP Backdoor Command Execution With Metasploit - #2
HackerSploit
30 How To Install Kali Linux On VMware  - Complete Guide 2018
How To Install Kali Linux On VMware - Complete Guide 2018
HackerSploit
31 Q&A #1 - Best Cyber-security Certifications?
Q&A #1 - Best Cyber-security Certifications?
HackerSploit
32 Terminator - Kali Linux - Multiple Terminals
Terminator - Kali Linux - Multiple Terminals
HackerSploit
33 Shodan Search Engine Tutorial - Access Routers,Servers,Webcams + Install CLI
Shodan Search Engine Tutorial - Access Routers,Servers,Webcams + Install CLI
HackerSploit
34 Q&A #2 - Mr Robot?
Q&A #2 - Mr Robot?
HackerSploit
35 Metasploit Community Web GUI  - Installation And Overview
Metasploit Community Web GUI - Installation And Overview
HackerSploit
36 Linux Expl0rer - Forensics Toolbox - Installation & Configuration
Linux Expl0rer - Forensics Toolbox - Installation & Configuration
HackerSploit
37 QuasarRAT - The Best Windows RAT? - Remote Administration Tool for Windows
QuasarRAT - The Best Windows RAT? - Remote Administration Tool for Windows
HackerSploit
38 Metasploit For Beginners - #1 - The Basics - Modules, Exploits & Payloads
Metasploit For Beginners - #1 - The Basics - Modules, Exploits & Payloads
HackerSploit
39 Metasploit For Beginners - #2 - Understanding Metasploit Modules
Metasploit For Beginners - #2 - Understanding Metasploit Modules
HackerSploit
40 Kali Linux Quick Tips - #1 - Adding a non-root user
Kali Linux Quick Tips - #1 - Adding a non-root user
HackerSploit
41 Metasploit For Beginners - #3 - Information Gathering - Auxiliary Scanners
Metasploit For Beginners - #3 - Information Gathering - Auxiliary Scanners
HackerSploit
42 Spectre Meltdown Vulnerability  - How To Check Your System
Spectre Meltdown Vulnerability - How To Check Your System
HackerSploit
43 Metasploit For Beginners - #4 - Basic Exploitation
Metasploit For Beginners - #4 - Basic Exploitation
HackerSploit
44 ARP Spoofing With arpspoof - MITM
ARP Spoofing With arpspoof - MITM
HackerSploit
45 WordPress Vulnerability Scanning With WPScan
WordPress Vulnerability Scanning With WPScan
HackerSploit
46 Generating A PHP Backdoor with weevely
Generating A PHP Backdoor with weevely
HackerSploit
47 Nikto Web Vulnerability Scanner - Web Penetration Testing - #1
Nikto Web Vulnerability Scanner - Web Penetration Testing - #1
HackerSploit
48 How To Install Kali Linux On Windows 10 - Windows Subsystem For Linux
How To Install Kali Linux On Windows 10 - Windows Subsystem For Linux
HackerSploit
49 Stacer - System Optimizer And Monitoring Tool For Linux
Stacer - System Optimizer And Monitoring Tool For Linux
HackerSploit
50 Kali Linux 2018.1 - Kernel Updates & Patches
Kali Linux 2018.1 - Kernel Updates & Patches
HackerSploit
51 MITM With Ettercap - ARP Poisoning
MITM With Ettercap - ARP Poisoning
HackerSploit
52 Password Cracking With John The Ripper - RAR/ZIP & Linux Passwords
Password Cracking With John The Ripper - RAR/ZIP & Linux Passwords
HackerSploit
53 How To Detect Rootkits On Kali Linux - chkrootkit & rkhunter
How To Detect Rootkits On Kali Linux - chkrootkit & rkhunter
HackerSploit
54 Channel Updates - How To Post Questions & Video Suggestions
Channel Updates - How To Post Questions & Video Suggestions
HackerSploit
55 Web App Penetration Testing - #1 - Setting Up Burp Suite
Web App Penetration Testing - #1 - Setting Up Burp Suite
HackerSploit
56 Web App Penetration Testing - #2 - Spidering & DVWA
Web App Penetration Testing - #2 - Spidering & DVWA
HackerSploit
57 Cl0neMast3r - GitHub Repository Cloning Tool
Cl0neMast3r - GitHub Repository Cloning Tool
HackerSploit
58 Kali Linux On Windows 10 Official - WSL - Installation & Configuration
Kali Linux On Windows 10 Official - WSL - Installation & Configuration
HackerSploit
59 DoS/DDoS Protection - How To Enable ICMP, UDP & TCP Flood Filtering
DoS/DDoS Protection - How To Enable ICMP, UDP & TCP Flood Filtering
HackerSploit
60 Web App Penetration Testing - #3 - Brute Force With Burp Suite
Web App Penetration Testing - #3 - Brute Force With Burp Suite
HackerSploit

This video tutorial teaches viewers how to use Armitage, a graphical user interface for Metasploit, to perform discovery and exploitation on target hosts. It covers various tools and techniques, including Nmap scans, vulnerability analysis, and automated exploitation. By following this tutorial, viewers can gain hands-on experience with Armitage and improve their skills in penetration testing and vulnerability assessment.

Key Takeaways
  1. Connect to the local host in Armitage
  2. Start the Metasploit RPC server
  3. Automate the exploitation process
  4. Set the target view settings
  5. Use a Sox proxy
  6. Perform a quick scan using Nmap to detect the operating system running on a target host
  7. Exploit the vsftpd 2.3.4 backdoor using the ftp service
  8. Obtain backdoor access to the target system
  9. Close the menu and automate the exploitation process
💡 Armitage provides a graphical user interface for Metasploit, making it easier to perform discovery and exploitation on target hosts, and automate the exploitation process.

Related AI Lessons

Up next
How to Open HPL Files (HP-GL Plotter)
File Extension Geeks
Watch →