/
 
download
 
media
 
manual
 
faq
 
contact
Armitage Documentation

These instructions assume that you're using Armitage 11.13.11 or later. If you have a Start MSF button, then you're using an older version of Armitage. The old getting started page is still available.

Prerequisites

If you use msfupdate to update Metasploit, beware that Armitage is no longer compatible with Metasploit base installations before 4.0. msfupdate does not count. Armitage has new dependencies that did not ship with Metasploit before 4.0.

If you use BackTrack Linux, you must use BackTrack Linux 5r1 to enjoy Armitage.

If you use Windows, you must install Java 1.6 for Armitage to run.

You may need to install the latest version of Metasploit to use Armitage.

How to start Armitage

Step 0. Make sure you're root or a system administrator user.

Step 1. Start Armitage

On Windows navigate to the program group Metasploit -> Framework and click Armitage.

On Linux, type armitage in a terminal. Do not type ./armitage from the Metasploit folder.

Step 2. Click Connect

Step 3. Click Yes

Step 4. Wait

Metasploit's RPC server will start in the background. It's not instant. You will see a connection refused message again and again. This is Armitage checking if the server is ready yet.

Troubleshooting Guide

Here's a quick guide to the errors you may see and what they mean:

1. authentication error

Metasploit's RPC server is running but you have provided the wrong username or password for it. Click Cancel and check your username and password again.

If you don't know the username and password, then find the msfrpcd (Linux) process that is running and kill it. On Windows, you'll want to kill any ruby.exe or rubyw.exe processes. Once msfrpcd is killed, you may start Armitage again and this problem will be gone.

2. connection refused - Armitage never connects!

It's possible that you don't have enough RAM. I've seen the Metasploit RPC daemon die on startup from lack of memory. Or, maybe you didn't click Yes when Armitage asked if you wanted it to start Metasploit's RPC daemon.

3. Couldn't launch MSF. Cannot run program "msfrpcd": error=2, No such file or directory

Either Metasploit is not installed or your environment is not setup correctly. You probably did not use the full setup Metasploit installer and that is why. Install Metasploit with the full setup installer.

4. Could not connect to database: Connection Refused

Your database is not running. Armitage and Metasploit require a Postgresql database to work.

Windows Users

Reboot your computer.

Linux Users

Try to start the database with:

/etc/init.d/framework-postgres start

or:

/etc/init.d/metasploit-postgres start

If you see:

bash: /etc/init.d/framework-postgres: No such file or directory

and:

bash: /etc/init.d/metasploit-postgres: No such file or directory

Then congratulations! The script to start the database was not installed. This is the result of a change to the latest Metasploit installer. If you don't opt to start Metasploit as a service, Metasploit won't start your database on bootup. To create a database startup script and fix this issue:

echo 'exec /opt/metasploit-4.1.4/postgresql/scripts/ctl.sh "$@"' >/etc/init.d/framework-postgres

chmod +x /etc/init.d/framework-postgres
/etc/init.d/framework-postgres start
update-rc.d framework-postgres defaults

These commands require super-user privileges. Use sudo /bin/bash to give yourself a root shell.

NOTE: You will need to modify the /opt/metasploit-4.1.4 path to reflect where you installed Metasploit on your system.

You should be all set now. Your database is running and it will start when you reboot your host too.

If you see:

bogus data in lock file "postmaster.pid"

Then you need to delete some files. Try:

rm /opt/metasploit/postgresql/data/postmaster.pid
rm /opt/metasploit/postgresql/.s.PGSQL.7337
rm /opt/metasploit/postgresql/.s.PGSQL.7337.lock
/etc/init.d/metasploit-postgres start

You're not the first to experience this problem, there's a nice thread on the BackTrack forum about it. If some other error came up, I recommend using Google to find and remedy it.

NOTE: You will need to modify the /opt/framework path to reflect where you installed Metasploit on your system.

5. Could not connect to database: ERROR relation "workspaces" does not exist

Your database is not initialized yet. Armitage can't do this. Run msfconsole once. This will intialize the database for you. You shouldn't see this error again.

6. javax.net.ssl.SSLKeyException: RSA premaster key error

You're using Metasploit pre-4.0. I wasn't making the 4.0 requirement to feel good. It's real. The Java shipped with Metasploit pre-4.0 did not include the libraries necessary for SSL to function. You need to remove Metasploit and reinstall it with a modern installer.

7. You must start Armitage's deconfliction server

If you choose to connect to a remote Metasploit instance, you must have Armitage's deconfliction server running on the remote host. If you're seeing this when connecting to Metasploit locally, click Ok, start Armitage, and make sure you're connecting to 127.0.0.1

8. I do not have permission to read: /opt/metasploit/config/database.yml Run me as root please

To connect to Metasploit's database, Armitage must be able to read the database.yml file created by Metasploit. This file is installed so that only root may read it. Start Armitage with root privileges.

If you connect Armitage to a *remote* Metasploit instance (with a deconfliction server setup), then Armitage will not require root privileges.

Assumptions

For these instructions and troubleshooting steps to work several assumptions must hold:

  1. You installed Metasploit using the full install that includes all of the dependencies.
    OR:
    You're using a Linux distribution (e.g., BackTrack 5r1) that set up Metasploit using the full install.
  2. You're using Metasploit on a supported platform (Windows or Linux)
  3. You followed the instructions for installing Metasploit on your platform.

What's Next?

Now that Armitage is running, I recommend exploring the rest of this site. You'll find videos, screencasts, and articles on the Media page. Reading the manual is a must as well. Check out the frequently asked questions page if you encounter a problem. If you don't find answers on this site, use the contact page to learn where to get help.

© 2010-2012 Raphael Mudge
Connect: Twitter | Facebook | LinkedIn | IRC