If you have a question--ask.
Type hosts in the Metasploit Framework console. If you see hosts there, but not in Armitage, you have this issue. There are three possible causes:
The first (possible) cause is you are using the Metasploit Framework's workspaces (the workspace command). Armitage is not compatible with the Metasploit Framework's concept of workspaces. You must leave this at default and not change it.
The second potential cause is that Armitage is not using the same database configuration as the Metasploit Framework. This is driven by the database.yml file in your Metasploit Framework environment. Type db_status in a Metasploit Framework console and verify that this is the same database Armitage uses (go to Armitage -> Preferences and find the connect.db_connect.string value).
The third potential cause is that Metasploit made two default workspaces for you. Why? I don't know. This messes up things with Armitage though. Type workspace. If you see two workspaces with the name default, then this bit you. To fix it, type: workspace -D and restart Armitage.
Switch from OpenJDK to Oracle's Java environment. The OpenJDK implementation of Java has occasional bugs that affect the Armitage experience negatively. Random artifacts when updating UI components is not uncommon in the OpenJDK. As of this FAQ update, there is a bug in the OpenJDK packaged for Debian distributions (Kali Rolling!) that slowly consumes CPU/memory until the application crashes.
If you experience graphical or performance issues, change over to Oracle's Java and see if that resolves your issue.
Armitage is not distributed with Kali Linux. It is in the Kali Linux repository though. To install it, type:
apt-get install armitage
Make sure the database is running. Use:
service postgresql start
Next, you may need to ask Kali to recreate the Metasploit framework database:
service metasploit start
service metasploit stop
Sometimes you need to do the above after an msfupdate as well.
Kali Linux comes with Java 1.6 and 1.7 pre-installed. Unfortunately, it defaults to Java 1.6 which has a few issues. You'll need to tell Kali Linux to use Java 1.7 by default. Here's how:
32-bit Kali Linux:
update-java-alternatives --jre -s java-1.7.0-openjdk-i386
64-bit Kali Linx:
update-java-alternatives --jre -s java-1.7.0-openjdk-amd64
You have an old version of Metasploit installed. The msfupdate command updates the Ruby source code but it does not update the dependencies Metasploit and Armitage rely on.
Reinstall Metasploit. If you're a BackTrack Linux user--you must move over to Kali Linux. BackTrack Linux is no longer supported.
The best thing to do is search for a blog post written in poor English. The older the better. Try everything in this blog post and then email the developer telling him his software is broken. This is the right course of action--every time!
Actually, no. If you're stuck, read the Armitage startup troubleshooting guide. This same information is available if you click Help from the Setup dialog. It covers every startup error I have seen (with screenshots)
Nothing. You're using the latest version of Armitage. The Start MSF button has been taken away. The Connect button now intelligently detects whether Metasploit is running locally or not. If Metasploit is not running, Armitage will ask you if you want it to start Metasploit. I suggest pressing Yes.
You probably asked Metasploit GUI to start the Metasploit RPC server without SSL. Good job, Tiger! Armitage expects msfrpcd to listen for an SSL connection. An SSL client can't connect to a non-SSL server. It doesn't work.
Start Armitage and click Connect. This is all you need to do. Armitage will prompt you and ask if you want it to start Metasploit's RPC server.
I've seen a few videos and blogs misinform users that they should use msfgui to start Metasploit and then connect Armitage. I've never advised anyone to take this approach. I don't know where it came from. Let this be a lesson for you, read the official documentation and ignore the riff-raff.
No. I do not provide support for setting up Metasploit, its dependencies, and configuring your environment on MacOS X or Windows.
I get this question, worded in this way, a lot. First, Armitage is a front-end that provides a workflow and collaboration tools on top of Metasploit. The correct question is: does Metasploit have attacks that work against Windows 7 and Windows Vista?
The answer is yes. Remote exploits against modern Windows versions are very rare. If you're hoping for this, please put these days behind you. Microsoft has a lot of smart people and they've put a lot of work into reducing mistakes that lead to exploitable conditions. They have also added mitigations to their software to make it harder to turn a programmer's mistake into an attack.
Attackers do what works and they have moved on. Now, to break into a modern system, you need to attack the applications the user is running and not the operating system. Client-side attacks against Internet Explorer, Firefox, Adobe Reader, Adobe Flash, Apple QuickTime, and Java are very common. Metasploit is the cutting edge of what's publicly available in this space.
Once you get a foothold, it's up to you to think like an attacker and use your position to gain access to other systems. There are resources available for your learning. I suggest that you go study them. If you're really serious about learning these ideas then invest in yourself and take a class.
On Windows and MacOS X you have to click in the editbox to focus the input area and type. This is a known issue. The editbox is at the bottom of the tab. Just click in it until you see a blinking cursor.
setg LHOST [your IP address]
That's it. Armitage uses this value to tell reverse connect attacks where to connect to. You do not need to reset Armitage's listener when you change this value.
Start with something that you know is exploitable. I recommend downloading the Metasploitable virtual machine. Hacking this will give you confidence that yes, exploits work and yes, you're probably using Metasploit correctly.
Not all exploits work in all situations. Remember that you're sending code to a system that is meant to trigger a flaw. If a firewall is on, then maybe the data isn't getting to the service. Maybe you're running a version of the software that no longer has the flaw.
Metasploit is not a magic key into other systems. Knowing what to use in different situations is a skill and it comes with experience.
Armitage automatically arranges the hosts in the targets area by default. You can turn this behavior off. Make sure no host is selected and right-click inside the targets area. Go to Auto Arrange -> None.
These are harmless. They're debug output for me to read. I was too lazy to remove them. They always have
Warning: some message here at file.sl:##. The scary "Warning" text is from the
warn function in the language I used to write
Armitage. Ignore it.
There are no restrictions in the software. I recommend experimenting with virtual machines on a private test network. If you choose to use this tool against an internet host, make sure you have a letter of permission from the system's owner.
There are a lot of resources on both Armitage and Metasploit available to you. Here's a recommended order for you:
As a penetration tester, I find tools give me about 15% of what I need. The rest of my work is problem solving, system administration, and luck. If you want to learn how to hack, don't neglect these skills either. Here are a few other recommended items:
If you get through all of the above and you want to take things to the next level:
If you want my views on the hacking process and how to do it, then ask your organization to invite me to teach a course at your location. I have materials, labs, and an exercise for a threat emulation course. I've given this course several times now and my students have taken a lot from it.
I've met too many security professionals who don't know how to use Metasploit. Sadly, I was one of them. I've always felt Metasploit could use a non-commercial GUI organized around the hacking process. So, I made Armitage
Armitage exists to help security professionals better understand the hacking process and appreciate what's possible with the powerful Metasploit framework. Security professionals who understand hacking will make better decisions to protect you and your information.
Yes. Feel free to embed any of the screenshots or videos into your article or blog post. If you'd like higher resolution images, I'll provide PSD files of the key Armitage graphics on request. Contact me and I'll do my best to respond quickly.