Kali Linux Penetration Test 147 Armitage

Others 2022-04-27 11:32:44 views: 0

This article records the detailed process of learning and using Kali Linux 2018.1 and penetration testing. The tutorial is the course "Kali Linux Penetration Testing" in the Security Niu Classroom

Kali Linux Penetration Testing (Yuan Fanghong) Blog Record

1 Introduction

  • Open source free graphical front end

    • The author claims to be one of the many security experts who will not use metasploit (command line)
    • msf is command-line based and lacks an intuitive GUI

  • atmitage just invokes the exploitability of msf

    • Each gui operation of armitage can correspond to a command in msf

  • Red team teamwork simulation confrontation

    • Divided into two parts: client (armitage) and server (msfrpcd)
    • /usr/share/armitage/teamserver ip password

  • scriptable

  • Start method

    • service postgresql start
    • teamserver
      • Server: teamserver server IP connection password
      • Client: armitage
    • Stand-alone startup
      • armitage
      • gui start
      • 127.0.0.1:55553

  • discover host

    • Manually add IP hosts
    • Scan result import (nmap, nusses, openvas, nexpose, awvs)
    • Direct scan discovery (nmap, msf)
    • DNS enumeration discovery

  • Scan ports and services

    • Right click on the host

  • workspace

    • The goal of individual perspective is dynamically displayed and filtered, and the players of the same team can customize the workspace
    • Address-based work area division
    • Port-based work area division
    • Operating system-based workspace division
    • Label-based workspace division

  • generate payload

  • Actively acquire goals

    • ms08-067

  • passive acquisition target

    • browser_autopwn2

  • Meterpreter shell capability demonstration

  • menu capability

  • cortana script

  • last resort

    • attacks
      • find attacks #Automatic analysis matching exploit module
      • hail mary
      • Flood exploit code is executed, and the traffic characteristics are obvious and easy to be discovered.

  • armitage status

    • Maintenance is not timely, it is rumored that this project is abandoned
    • Still the only open source, free graphical front end for metesploit

  • Cobalt Strike

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=325569902&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com