Armitage is a GUI frontend for Metasploit that makes it possible to use a mouse to attack and exploit systems.
In this article, I will provide a step-by-step guide on how to install and get Armitage up and running. This is intended to help students struggling with the Intro to C2 room on TryHackMe.
With Kali 2022.02, the installation of Armitage is very simple because it is a part of the Kali package repo, ready for quick and easy installation.
sudo apt install armitage
After the installation is completed everything you need to run Armitage can be called using global terminal commands on your attack box.
Armitage uses a central C2 (Command and Control) server that you can connect to using the Armitage GUI. If you run Armitage locally you start the teamserver, and make it listen for connections to an IP address you define yourself. Please note that you should not start the teamserver on an interface that is publically accessible. To access the teamserver port forwarding should be used.
sudo teamserver 127.0.0.1 mySuperPassword [*] Generating X509 certificate and keystore (for SSL) [*] Starting RPC daemon To use retry middleware with Faraday v2.0+, install `faraday-retry` gem [*] MSGRPC starting on 127.0.0.1:55554 (NO SSL):Msg... [*] MSGRPC backgrounding at 2022-06-04 17:51:03 -0400... [*] MSGRPC background PID 9455 [*] sleeping for 20s (to let msfrpcd initialize) [*] Starting Armitage team server
Initiate MSF database
Preapare the DB Armitage will use
sudo msfdb init [+] Starting database [+] Creating database user 'msf' [+] Creating databases 'msf' [+] Creating databases 'msf_test' [+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml' [+] Creating initial database schema To use retry middleware with Faraday v2.0+, install `faraday-retry` gem
Connect to teamserver, and start working
This will open a connection prompt. Type in the management IP address of your team server, and supply the password you just defined when starting the teamserver.
Please note that if you started the teamserver on a non-loopback eg. real IP address, you must use that IP address to connect. In other words, if you started a teamserver on 127.0.0.1, you must connect to that IP address. Please note that you cannot start teamserver on a public-facing IP address..
Connect to teamserver
After you clicked connect, you will be prompted with a question to start a Metasploit RPC server. Click "yes". After a short loading period, including a "Connection refused" status below the progress bar, Armitage will load.
Successfully loaded Armitage
Congratulations, you now a running instance of Armitage in your lab 🎉