Make Metasploit Easy With Armitage - Page 3
Taking control when an exploit is successful
When an exploit is successful and a host is compromised, the host's graphic turns red (with lighting marks through it for good measure.)
To take control, right click on the icon and select "Interact" to open an interactive shell to the compromised machine in the bottom panel of Armitage.
If the machine in question is running Microsoft Windows, you can start a Metasploit Meterpreter session, which gives you access to some powerful commands described in this guide to Meterpreter basics.
Pivoting
Hail Mary
The Metasploit framework has a feature called db_autopwn, which attempts to automate penetration testing very crudely by matching exploits in a database with open ports found on any discovered hosts, and launching all matching ones to see what happens. Armitage automates and refines db_autopwn using a feature called Hail Mary, found in the Attacks menu. Launching a Hail Mary starts the db_autopwn process, but matches exploits to suitable operating systems, and launches the "best" exploits first.
Hail Mary -- like db_autopwn is not the best way to test network security, but it's certainly quick, requires very little skill, and can give you a very quick idea of the scale of any security problems you might be facing.
Further information
There is far more to Armitage - and the Metasploit framework - than can be described here, but if you have never tried Metasploit before this introduction should be enough to get you started.
For more information and tutorials on Armitage visit www.fastandeasyhacking.com/
For more information on Metasploit visit the Metasploit homepage.