Scribd Logo
Upload

Welcome to Scribd!

  • Armitage: Prerequisites

    Uploaded by

    weafareez
    72 views3 pages
    This document provides a tutorial on using the Armitage tool to hack a Metasploitable virtual machine installed on VirtualBox. It outlines 6 steps to launch Armitage on BackTrack Linux, perform Nmap scanning of the Metasploitable target, find exploits using Armitage's attack module, attempt privilege escalation using the "Hail Mary" option, and verify a successful compromise by gaining a root shell on the target system. The document warns that this tutorial is for educational purposes only and that unauthorized hacking can result in legal consequences.

    Original Description:

    backtrack education

    Original Title

    Armitage

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a tutorial on using the Armitage tool to hack a Metasploitable virtual machine installed on VirtualBox. It outlines 6 steps to launch Armitage on BackTrack Linux, perform Nmap scanning of the Metasploitable target, find exploits using Armitage's attack module, attempt privilege escalation using the "Hail Mary" option, and verify a successful compromise by gaining a root shell on the target system. The document warns that this tutorial is for educational purposes only and that unauthorized hacking can result in legal consequences.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    72 views3 pages

    Armitage: Prerequisites

    Uploaded by

    weafareez
    This document provides a tutorial on using the Armitage tool to hack a Metasploitable virtual machine installed on VirtualBox. It outlines 6 steps to launch Armitage on BackTrack Linux, perform Nmap scanning of the Metasploitable target, find exploits using Armitage's attack module, attempt privilege escalation using the "Hail Mary" option, and verify a successful compromise by gaining a root shell on the target system. The document warns that this tutorial is for educational purposes only and that unauthorized hacking can result in legal consequences.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as docx, pdf, or txt
    of 3

    Armitage

    *** WARNING : This tutorial is for education purpose only. It alert you to update your system once there is any patch or update available. Please do not hack any website, computer and/or network without authorization. Otherwise, you will be put into the jail. *** Prerequisites In order to complete this tutorial, you should have an Ubuntu or Windows system as host. Back|Track 4 R2 and Metasploitable as clients on VirtualBox 3.2. You can download Back|Track 4 R2 at here and Metasploitable at here. Metasploitable is an Ubuntu Server 8.04 that installed some applications with flaws that can be exploited. The network interfaces of Back|Track 4 R2 on VirtualBox 3.2 are "NAT and "Host Only (vboxnet0)". The network interface of Metasploitable is "Host Only (vboxnet0)". Step 0 : Run the Metasploitable on VirtualBox first. The IP address should be 192.168.56.101. The run Back|Track 4 R2 on VirtualBox the next and the IP address should be 10.x.x.x of eth0. Step 1 :

    On the Back|Track 4 R2, run the following command to make sure eth0 and eth1 are up and have their IPs. /etc/init.d/networking restart Step 2 : Run the following commands to launch Armitage. /etc/init.d/mysql start cd /pentest/exploits/armitage ./armitage.sh Step 3 : Select "Use SSL" and click "Start MSF". Then, "Using database driver mysql" message box will be displayed. Click "OK". Step 4 : Select "Host" -- "Nmap Scan" -- "Intense Scan, all TCP ports" Wait for the scanning complete. Step 5 : Select "Attacks" -- "Find Attacks" -- "by port". Wait for the scanning complete. Step 6 : Select "Attacks" -- "Hail Mary" -- "by port". Wait for the "Monitor" image to change to red colour. If so, the target is exploited. Then, right click on the "Monitor" image and select "Shell". To check if the target is privilege escalated by issuing "whoami" on the Shell. If it shows "root", you are successfully owned the target.

    Note: This tutorial is only for Educational Purposes, I did not take any responsibility of any misuse, you will be solely responsible for any misuse that you do. Hacking email accounts is criminal activity and is punishable under cyber

    crime and you may get upto 40 years of imprisonment, if got caught in doing so.

    You might also like