Ethical Hacking and Penetration Testing Guide

Yüklə 22,44 Mb.

Pdf görüntüsü

səhifə	122/235
tarix	07.08.2023
ölçüsü	22,44 Mb.
	#138846

1 ... 118 119 120 121 122 123 124 125 ... 235

Ethical Hacking and Penetration Testing Guide ( PDFDrive )

Nessus and Autopwn
Example db_import/root/Desktop/report.nessus Once imported, you can run the following command to attack based upon a vulnerability: db_autopwn –x –p Armitage

Nessus and Autopwn
We have already discussed the different formats of Nessus reports in the “Vulnerability Assessment”
chapter (Chapter 5). If you would like to use
db _ autopwn
to fire up exploits based upon
vulnerabilities, what you need to do is save the nessus report in the .nessus format and use the
db _ import
command to import the nessus file.
Example
db_import/root/Desktop/report.nessus
Once imported, you can run the following command to attack based upon a vulnerability:
db_autopwn –x –p
Armitage
Armitage is the best GUI for Metasploit, and it’s frequently updated, unlike MSFGUI. The pur-
pose of developing armitage was, first of all, to create a user interface for attack management that
utilizes Metasploit. The second reason was to reduce the complexity of postexploitation attacks
such as Pivoting, which is used to attack a second host on the internal network by using an already
compromised host on that network, since we are not able to reach that host directly. It has other
great features such as importing scans from various enumeration vulnerability assessment tools.

190
◾
Ethical Hacking and Penetration Testing Guide
Another great feature of Armitage is that client side exploitation is a bit easier, which we will
discuss in the next chapter. However, for client side exploitation I would more prefer to use “Social
Engineering Toolkit” over Armitage.
Interface
This is how the interface for Armitage would look like:
1. The pane in “Green” highlights the modules present in Armitage, namely, auxiliary, exploit,
payload, and POST.
2. The pane in “Red” highlights the targets that we would attack via Armitage.
3. The pane in “Blue” highlights the tab screen, which is basically loaded with Metasploit. The
tab is the most important part of Armitage, where you will do most of your work.

Yüklə 22,44 Mb.

Dostları ilə paylaş:

1 ... 118 119 120 121 122 123 124 125 ... 235