Armitage Kali Linux Complete Tutorial

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Why aren't we just using CS now?

👍︎︎ 1 👤︎︎ u/KenPC 📅︎︎ Apr 13 2018 🗫︎ replies

Captions

[Music] hello everyone and welcome to this video in this video we're going to be exploring armitage all right so we're actually going to be performing exploits on our vulnerable operating system which in this case is metasploitable too so i hope you're really really excited so you might be asking yourself what exactly is armitage well armitage is simply the graphical user interface for metasploit alright so the way you have nmap and zen map nmap being the command line interface and you have your zenmap which is the graphical user interface that is the same way so you have your metasploit console and armitage so armitage is the graphical user interface for metasploit all right so some of the advantages are it gives the user much better idea of what's going on so great ease of access and the user is able to understand how the scan process and how everything is being exploited and you just give the the user graphical representation of the scan and the exploitation technique all right so let's get started now by default metasploit uh sorry armitage can be found on the dock uh on candidates so if you just go to the little green head creature icon i'm not sure if that is the what it is uh but irregardless of that as you can see it is armitage or if you do not have it on your dock you can just go into applications and you can go into exploitation tools and you will find armitage there all right so just click on armitage and now it's going to prompt you to connect to the local host in a few seconds just give it a few seconds to start up and there we are it's going to prompt you to connect to the local host and the port just hit connect do not change anything here and once you hit connect it's going to prompt you to start the metasploit rpc server so just hit yes we want to do that and now it's going to start connecting to remote host and just give it a few seconds and we should be good with armitage all right so the great thing about armitage as i said is that the exploitation is is then uh the exploitation process is automated as well as uh you know the uh the setting of hosts the setting of targets but you know vulnerability analysis uh you know it also offers so you know functionality like that and we'll be looking at this when we'll be exploiting um our our metasploitable to virtual machine all right so as you can see armitage is loaded up and you might be a bit confused with the interface because you heard me tell you that it was a graphical user interface and now you're seeing a metasploit console here well don't worry about that the metasploit console there is is there to aid you in what's what exactly is going on all right so the first thing i'm going to start with is i'm going to start with this little toolbar up here this little toolbar is very very simply put so in armitage you can you can change settings like add a new connection you can check the preferences you can set the target view settings you can set the target view set the exploit rank you can use a sox proxy like we did in the proxy chains video we can look at the listeners so you can connect to or wait for you can set the l host the listening host if you want another listening host for example if you're running a kali linux on another computer and you want that computer to also listen to you you also have your scripts and you can close armitage in terms of the view this is just to edit the view when we look at hosts you can add your host so for example uh we'll add our meta exploitable to virtual machine here but we'll do that in a few seconds we have nmap scans which is awesome you can automate nmap scans directly from armitage you then have your metasploit scans which is awesome uh we then have your dns enumeration which we looked at in the information gathering section i hope you remember so everything can come together really really beautifully and this is why i really enjoy using armitage and you i'm sure you'll see why right you can then clear your database which is essentially just clearing yeah you know any of the left over scans uh that you had performed or exploits that you had performed you then have your attacks where you can find attacks on your target or your host and you have hail mary which is something we'll look at in a few minutes okay looking at the workspaces you can manage and show all your all your the workspaces you currently have in terms of help you have your homepage your tutorial scripts and your about section all right fantastic now let's get into the interface so the interface is sorted into three sections all right you have your your first section your second section and your third section all right so you can enlarge them and resize them uh depending on how you want them uh to be displayed so i usually like having mine uh like this because i like having to see what the console displays but as much as i like that i will be looking at the first section here in the first section essentially what is being displayed here is your pre-configured modules all right so you can also search for modules here uh you know in this little search bar so this is where you have all the modules sorted in terms of auxiliary exploits payloads and the post which we'll look at in a few seconds uh when it comes to the second the second interface here the second interface is used to display your active targets uh that we were able to exploit against all right so this is where all your active targets will be displayed in forms of computers we'll look at that again when we'll get started with metasploitable 2. as for the console this is your metasploit console and it'll be uh well your activity will be sorted in forms of tabs here again you'll be you look at exactly how that happens and essentially allows you to uh to run your meta printer or your console sessions simultaneously something really really awesome and i'm sure you'll appreciate it okay let's get started with your module section so as i said your modules essentially contain uh your all your modules uh in this section and they're sorted in terms of auxiliary exploits payloads and post and you can go through them so for example we have auxiliary you can look at the auxiliary scanners you have your scanners fuzzers uh you know your sniffers spoofers etc etc you have your exploits where your exploits are sorted in terms of their their platform that they're running on an operating system that they're running on for example you have android apple ios uh firefox free psd linux unix mac os x and windows you then have your payloads that are also sorted in terms of their platforms and the operating systems that they're currently that they are to be exploited on all right you then have your post which is also similarly sorted in terms of their uh their platforms and the operating systems that they are designed to be exploited on so let me just close every one of this and as i said you can also use the search uh the the search bar here to search for the metasploit uh modules all right now let's get started with some actual uh exploitation and we're going to start off with metasploitable too all right so what we're going to do is we're going to go into hosts all right now in hosts you can import hosts or you can add hosts we're not going to add a host yet and the reason is i'm going to use an nmap scan to also perform some information gathering while adding the host so what i'm going to do is i'm just going to go into nmap scan and i want to perform a quick scan that will detect the operating system that is running on our target or or our host for that matter so i'm gonna click on that and now it's gonna prompt you to enter your host ip address or your target ip address or the range if you want to scan your entire network in this case what i'm going to do is i'm just going to get the ip address for matches floatable 2 which as you can see here is 192.168.1.106 so we're just going to enter that right now excellent so once we hit enter it's going to perform the nmap scan and it's going to detect what operating system is running now as i said here the activities are going to be sorted out in terms of tabs so your console is still open and your end map scan is still ongoing here or it's it's just started and you can run them both simultaneously which is fantastic right so the scan is done and it should give you a prompt here saying the scan is complete voila so uh it's going to give you an option here saying use attacks find the text to suggest applicable exploits for your targets interesting so i'm gonna hit okay and what do we have here well we have a little cute little penguin here to represent linux so we know it is running uh linux 2.6 and the kernel is not specified more than that all right so you know you can see the services and the ports that are the ports and the services running on these ports uh with the nmap scan so we were able to get information about our target and now we we understand what operating system is running on it and we can see the services running on the ports in the previous video we looked at exploiting the ftp protocol or the ftp port with the ft the f uh the vs ftpd uh back door and how did we do that all right the first thing we did is we know that it exists as an exploit so we're going to go into our modules and i'm going to show you exactly how to find it so we're going to go into exploits and we're going to go into unix because it is a unix uh it is a unix exploit and once i click into unix we're going to then select the protocol which in this case is the ftp protocol right here and we're going to expand that and voila you have your svsftpd 2.3.4 backdoor so if you want to uh if you want to execute this what we do is we just double click it all right and once we double click it it's going to give you the options that we used in the previous or we used in the metasploit console options like setting your r host and the r port so by default the l host which is your listening host which is your ip address uh is default is set by default so 192.168.1.107 and the default listening port is also set uh by default all you have to do is just enter your r host which in this case is 192.168.1.16 and we will exploit the backdoor using the ftp service so 192.168 0.1.106 and once you're ready you can just hit launch alright and it's going to launch the exploit so just give it a few seconds and it's going to open up a new tab over here the exploit tab just give it a few seconds here and there we are found shell command shall open and voila we have back door access now you might have noticed something also very very interesting the linux computer here is now surrounded by lightning or electricity and is turned red now this means that we have successfully exploited this system in one way or another right so this is fantastic everything is automated really really well but now you might be asking i want to exploit more things with metasploitable what can i do now all right tell me what i can do so what we're going to do is we're going to close up this menu here and what uh the awesome thing as i said is the automation but before that i'm just going to um well if i look at the shell that's running uh if i right click sorry about that if i right click on the target we can see that it gives us options to log into the default network services now that is something just uh you know very very common once you've cracked them if if the cracking process is possible you can then log into things like the ftp protocol the http mysql ssh you get the idea now the shell that we created which is what we the exploit that we used allows us to interact with it we can then upload we can pass the session we can post modules and we can disconnect so uh let's say we wanted to interact with it so if we wanted to interact with it it's going to open up a shell for us and again we can list the files on the server the metasploitable 2 uh you know virtual machine which is considered to be a server because it does run some web applications and voila you have access to the root folder so let's see if we change directory to the home directory and we list the files in there we have the msf admin so let's also change directory into that msf admin and we can list the files in there we have the vulnerable so cd vulnerable whoops cd vulnerable cd vulnerable and if we list there we have the uh we have the the web services that are running so you have mysql the samba uh tiki wiki etc etc so i'm just going to close the shell because we're done with that exploit let's look at how to exploit or how to find exploits automatically now so i'm going to close that shell and i'm just going to right click and i'm going to go to the shell one and i'm going to disconnect because we're done with that exploit right so once it's disconnected it's going to remove the little uh icon that denoted the fact that the operating system of the computer was uh was exploited now you might be asking well how do we you know how do we exploit it automatically or how do we find exploits automatically well we go into attacks and we find attacks all right so now it's going to find attacks that you can run on the operating system or the computer in this case our target host which is the metasploitable 2 virtual machine so as you can see it's gonna it's gonna query the exploits and just give it a few seconds to go through all of them and once it's done it's gonna give you all a list of the compatible exploits that you can use or exploits that can actually exploit a vulnerability on your uh on on your on on the operating system or the target that you've chosen so if we right click now and we go into attack you can see that it's listed all the services uh that we can crack so if we go to ftp we have the vs fdpd back door here we have the pure ftp bash execution here you can also check for exploits again you have your telnet you have your http vulnerabilities so these are all vulnerability or exploits that you can run on this virtual machine so if we go to for example something like the web app we can um let's let's get something more practical sorry about that if we go into the mysql so we only have one exploit for the mysql database so if we click on this uh payload if we load it and uh let's see if everything is set correctly the our host the ros there we are that that's okay so we're just gonna launch or let's see if we can get any information right so it's going to start the exploit in a new tab i'm just going to close the old tab so it's going to start the exploit process just give it a few seconds here and there we are it's going through a process for some reason the mysql function system execution is not available so yeah this exploit did not work now this is what i was talking about now it is going to work you

Info

Channel: HackerSploit

Views: 174,591

Rating: undefined out of 5

Keywords: hackersploit, hacker exploit, armitage, armitage android hack, armitage parrot os, armitage kali linux tutorial, tutorial, kali linux, kali, armitage kali linux 2017, armitage kali linux 2018, armitage kali linux problem, armitage kali linux 2018.1, armitage kali linux, armitage kali linux android, armitage kali linux windows 7, kali linux tutorial, kali linux 2018, kali linux install, kali linux 2018.1, kali linux tools, kali linux android

Id: JALmoY4LuT8

Channel Id: undefined

Length: 14min 48sec (888 seconds)

Published: Thu Apr 12 2018