Today I had a great half-day training on Metasploit and Armitage organized by our local OWASP Austin chapter and hosted by Microsoft. What I learned today was so interesting that I can't resist to share it here.
Raphael Mudge - Designer of Armitage
Metasploit is an open source penetration testing framework. It contains a database of exploits, payloads and post modules. The goal of the training was to find an exploit on a remote machine, run a payload through this exploit and execute a post module (which is what you can do after taking control over the victim's machine). Of course, you can find more detail about it on wikipedia.
Metasploit is a command line tool. To make it easier (and funnier), Raphael Mudge designed Armitage, which is a user interface for Metasploit. Here is how it looks like:
When a machine on the network is comprised, Armitage illustrates it as a monitor wrapped into thunder lights. Perfect for a hacker movie:D
Here are the materials we had for this training:
- The training slides are available here
- The exercises sheet is available at here
- Metasploit - http://www.metasploit.com/download/
- Metasploitable - http://blog.metasploit.com/2010/05/introducing-metasploitable.html
- VM Ware player - http://www.vmware.com/
When I first started Armitage, it could not connect to the database. I had to kill all ruby processes and reconnect again.Once Armitage started, you may be asked to enter your IP address. If you dont you can always set it later by running the following command in the console; it will set a global variable.
setg LHOST 10.10.10.10
Here are some interesting resources for further reading: