• 168 | Chapter 5: Automated Exploits
    		•

    Learning Kali Linux




    Download 22,59 Mb.
    Pdf ko'rish
    bet157/225
    Sana14.05.2024
    Hajmi22,59 Mb.
    #232856
    1   ...   153   154   155   156   157   158   159   160   ...   225
    Bog'liq
    learningkalilinux

    Metasploit | 167

    The target of the attack shown in 
    Example 5-18
    is Metasploitable 2.
    This is a Linux system that is deliberately vulnerable. Several vul‐
    nerabilities can be targeted using Metasploit, so it makes an ideal
    system to play with. You can download it as a VM image in
    VMware’s format, which can be imported into other hypervisors if
    needed.
    Armitage
    If you prefer GUI applications because your fingers get tired of all the typing, fear
    not. A GUI-based application sits on top of 
    msfconsole
    . You will get all the functional‐
    ity that you would with 
    msfconsole
    except you will be performing some of the actions
    using the graphical elements of Armitage. You can see the main window of Armitage
    in 
    Figure 5-1
    . You will notice icons at the top right of the window. These represent the
    hosts that Metasploit knows about as a result of doing the 
    db_nmap
    scan as well as
    the vulnerability scan. Either of these activities would result in the target being in the
    database, and as a result, it would show up in Armitage.
    Figure 5-1. Main Armitage window
    You’ll also notice that at the bottom of the window is a text box with the 
    msf>
    prompt. This is the same prompt that you would see if you were running 
    msfconsole
    from the command line, because you are really in 
    msfconsole
    . You can type the same
    commands that we have been talking about. Additionally, you can use the GUI. In the
    168 | Chapter 5: Automated Exploits

    upper-left column, you will see a list of categories. You can drill through them, just as
    you would with any set of folders. You can also use the search edit box to perform the
    same search of modules that we did previously.
    Using exploits in Armitage is easy. Once you have found the exploit you want to use,
    such as the RMI exploit used in the preceding example, you drag the entry from the
    list on the left side onto one of the icons on the right. I took the 
    multi/misc/
    java_rmi_server
    exploit and dropped it onto 192.168.86.147, which is my Metasploit‐
    able 2 system. You’ll be presented with a dialog box of options. Rather than having to
    fill in the 
    LHOST
    variable as we had to earlier, Armitage takes care of that for us.
    Figure 5-2
    shows the dialog box with the variables necessary to run the exploit. You’ll
    also see a check box for a reverse connection. If the target system is exposed to exter‐
    nal networks, you may be able to do a forward connection. This depends on whether
    you can connect to the payload after it launches.
    Firewalls, network address translation, and other security measures
    can make this part challenging. If you attempt a forward connec‐
    tion, your target needs to be open on the service port that you are
    exploiting. The port associated with the payload also needs to be
    accessible. If you use a reverse connection, the problem switches to
    your end. Your host and the port you will be listening on need to be
    accessible from your target.
    Figure 5-2. Exploit launch in Armitage

    Download 22,59 Mb.
    1   ...   153   154   155   156   157   158   159   160   ...   225




    Download 22,59 Mb.
    Pdf ko'rish