Kali Linux provides us with several useful tools that we could use for penetration testing. Not forgetting one of its useful multi-function tools called Armitage. It is an attack management tools with Graphical User Interface that makes it easier for us to do penetration testing. Actually, It is more accurately a graphical interface for Metasploit framework. If you would like to know more about Metasploit framework. You can read What is Metasploit Project? by Margaret Rouse
In this post I will only show how to scan a range of network, the open port and the type of OS.
First, lets start our postgresql by typing service postgresql start command in terminal.
This will allow us to start armitage tools. Then start the armitage by clicking the armitage icon on the left side
or by searching armitage tools by clicking the show application icon and type armitage on the search text box.
Then a pop up will be shown like the picture below
click the connect button and then another pop up will appear. Just click the yes button.
Now, armitage application will appear as shown below
To start, we can click on the hosts button on the top, select nmap scan, and click on the intense scan.
A pop up will come up. In the pop up, type in a range of network that you want to scan or just simply enter an ip address that you want to scan. Then, if you have finished inputing the ip address, just click ok button.
At first, only my two of my machines were up, which is windows 10 and Linux virtual machine
but then, I decided to turn on my Donkey Docker machine which run on ip 192.168.0.23.
If you can see on the scanning list you would not see the 192.168.0.23 ip on the down state because it is on.
The next cool thing about armitage is that we can see the device on our graphical user interface as shown below.
After finished with the scanning, you could click on the attack button on the top to list all kind of possible attacks on the system.
click ok and it will start listing all of the possible attacks.
Now if you click the right button of your mouse, you would be able to see what kind of attacks you could perform, but it is only possibility, it will not guarantee that it will be successful.
If you like a more organized list you could see on the left site, there is a list of the possible exploit.
Aside from the possible attack, if we see on the terminal attached to the armitage application, we could analyse that my donkey docker is running on Linux Debian OS version 3.2 – 4.8 and there are two open ports which are port 22 and port 80. It also show many other details inside it such as the supported method for port 80 is GET, HEAD, POST, OPTIONS, and the http server header, and so on.
In conclusion, Armitage is an attack management tools that is useful not only for mapping detailed vulnerabilities analysis but also it makes it easier for us to see every possible exploit available. We could also run the exploit inside the Armitage GUI which makes it even more convenient for us.