Here we are going to look at basic Armitage usage. To get started startup Armitage.

For this you will need another OS to scan against, in this example, we use Windows 7.

armitage

A new window will appear, we want to leave everything as it is and select “Connect”.

Another window will appear, here we want to click yes to start the Metasploit RPC server.

It will say it is connecting and also say that the connection is refused. However,  ignore this and let it finish. Armitage should then start.

Now we can start to search for hosts on the network, we do this by using the built-in Nmap scan feature. This can be found under “Hosts” > “Nmap Scan” from here you can choose what type of scan that you want to use. For this, we will use the “Intense Scan”.

We will be presented with an input window which we need to put the IP range that we want to scan with the size of the network. For example 10.0.3.0/24 which will scan 256 hosts.

This is will finish and give us the hosts that are on the network, it will attempt to identify what the host is and assign an icon to better identify what you are working with.

Once you have found what host you might want to scan further, you can right click that host and select “Services” This will give you a list of services that the Nmap scan had found running on that host. This information can be critical to find out what ports/services are running for you to further investigate.

If you haven’t seen anything popping out at you or don’t think it is vulnerable you can go to the “Attacks” tab and select “Find Attacks” this will run through Metasploit modules to see if any viable attack vectors for the host that you have chosen.

If there is then you will get an extra entry (Attack) when you right click your host. From here you can see what attacks to use.