Ethical Hacking and Penetration Testing Guide

Remote Exploitation
◾ 
191
Just click on the “Connect” button, and it will ask you if you would like to start msfrpc service. 
If it’s already started, it won’t ask. In a minute or so, Armitage would start.
Compromising Your First Target from Armitage
We have already learned to use Metasploit to exploit Windows SMB service with 
ms08 _ 067 _
netapi
service. Let’s perform the same task using armitage.
Enumerating and Fingerprinting the Target
The first step is of course gathering information about the target. Click on the “HOSTS” tab; 
under the “Nmap Scan,” you will see a bunch of available scans. You might be familiar with these 
scans as they are taken from the GUI version of nmap, that is, zenmap.
In this case, we choose the first one, which is “intense scan.” Next, a box would prompt asking 
us to choose targets that we would like to perform the scan against. In this case, I have chosen to 
scan the whole network, that is, 172.16.222.1–255.

192
◾ 
Ethical Hacking and Penetration Testing Guide
Once the scan is complete, it would look like this:
From the “targets” tab, we can see the icons representing the OS that we have found using 
Armitage.
MSF Scans
MSF scans are an alternative method we can use in Armitage to enumerate and fingerprint the 
target. MSF scans utilize metasploit’s auxiliary modules to perform target enumeration and fin-
gerprinting tasks.
Importing Hosts
We can also import hosts from Nessus, Nmap, and various other scanners. There is a decent list of 
scanners that we can import hosts from such as Nmap, Nessus, netxpose etc. To import hosts from 
your favorite scanners, click on the “host” tab at the top and then click on “import host” and finally 
select the appropriate file and click “Open”.

Remote Exploitation
◾ 

Yüklə 22,44 Mb.

Dostları ilə paylaş: