Scribd
Upload
16 views10 pages

Eh Lab 9

The document outlines a lab exercise at Yarmouk University focused on using the Armitage tool to gain access to a remote Windows 10 machine from a Kali Linux host. It details the prerequisites, lab scenario, and step-by-step tasks required to perform the exploitation, including scanning for hosts, creating a malicious payload, and interacting with the compromised system using Meterpreter. The lab aims to teach students about ethical hacking practices and post-exploitation techniques.

Uploaded by

tch.mustafasmadi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
16 views10 pages

Eh Lab 9

The document outlines a lab exercise at Yarmouk University focused on using the Armitage tool to gain access to a remote Windows 10 machine from a Kali Linux host. It details the prerequisites, lab scenario, and step-by-step tasks required to perform the exploitation, including scanning for hosts, creating a malicious payload, and interacting with the compromised system using Meterpreter. The lab aims to teach students about ethical hacking practices and post-exploitation techniques.

Uploaded by

tch.mustafasmadi
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 10

Ethical Hacking Lab

Yarmouk University
Faculty of IT
Lab #9

Lab Title: Gain Access to a Remote System using Armitage

Lab objectives:

 we will use the Armitage tool to gain access to the remote target machine.

Requisites

Windows 10 / 7 machine.

Armitage https://www.kali.org/tools/armitage/

Lab Scenario:

Armitage is a scriptable red team collaboration tool for Metasploit that visualizes targets, recommends exploits,
and exposes the advanced post-exploitation features in the framework. Using this tool, you can create sessions,
share hosts, capture data, downloaded files, communicate through a shared event log, and run bots to automate
pen testing tasks.

Lab tasks:
Note :: In this task, we will use the Kali (10.10.10.1) machine as the host system and the Windows 10
(10.10.10.10) machine as the target system. Please Review your ip configurations

Note :: assure that Windows machine is turned on

Note : you should shutdown windows firewall


1- In the Terminal window, type service postgresql start and press Enter to start the
database service.

2- Click Applications in the top-left corner of Desktop and navigate to Exploitation Tools -->
Metasploit Framework --> armitage to launch the Armitage tool.
3- The Connect… pop-up appears; leave the settings to default and click the Connect button.

4- The Start Metasploit? pop-up appears; click Yes.


5- The Progress… pop-up appears. After the loading completes, the Armitage main window appears,
as shown in the screenshot.

6- Click on Hosts from the Menu bar and navigate to Nmap Scan --> Intense Scan to scan for live
hosts in the network.

7- The Input pop-up appears. Type a target IP address (here, 10.10.10.10) and click OK.
8- Observe that the target host (10.10.10.10) appears on the screen, as shown in the screenshot.

9- Now, from the left-hand pane, expand the payload node, and then navigate to windows -->
meterpreter; double-click meterpreter_reverse_tcp.

10- The windows/meterpreter_reverse_tcp window appears. Scroll down to the LPORT Option, and
change the port Value to 444. In the Output field, select exe from the drop-down options; click
Launch.
11- The Save window appears. Select Desktop as the location, set the File Name as
malicious_payload.exe, and click the Save button. ( you can set any name.exe)

12- Now, switch to the Terminal window, type


cp/root/Desktop/malicious_payload.exe /var/www/html/share/,
and press Enter to copy the file to the shared folder.
Type service apache2 start and press Enter to start the Apache server.
13- Switch back to the Armitage window. In the left-hand pane, double-click
meterpreter_reverse_tcp.
14- The windows/meterpreter_reverse_tcp window appears. Scroll down to LPORT Option and
change the port Value to 444. Ensure that the multi/handler option is selected in the Output field;
click Launch.

15- switch to the Windows 10 machine and open any web browser (here, Mozilla Firefox). In the
address bar place your mouse cursor, click http://10.10.10.13/share and press Enter. As soon as
you press enter, it will display the shared folder contents, as shown in the screenshot.
16 - Click malicious_payload.exe to download the file. Open File - Security Warning window
appears; click Run.

16- switch to the Parrot Security machine. Observe that one session has been created or opened in the
Meterpreter shell, as shown in the screenshot, and the host icon displays the target system name
(WINDOWS10). ( it may vary depends on your machine )
17- Right-click on the target host and navigate to Meterpreter 1 --> Interact --> Meterpreter Shell.
18- A new Meterpreter 1 tab appears. Type sysinfo and press Enter to view the system details of
the exploited system, as shown in the screenshot.

19- Right-click on the target host and navigate to Meterpreter 1 --> Explore --> Browse Files.

20- A new Files 1 tab and the present working directory of the target system appear. You can observe
the files present in the Download folder of the target system.
Using this option, you can perform various functions such as uploading a file, making a
directory, and listing all drives present in the target system.

21- Right-click on the target host and navigate to Meterpreter 1 --> Explore --> Screenshot
22 - A new Screenshot 1 tab appears, displaying the currently open windows in the target system.

Similarly, you can explore other options such as Desktop (VNC), Show Processes, Log Keystrokes,
and Webcam Shot.
You can also escalate privileges in the target system using the Escalate Privileges option and
further steal tokens, dump hashes, or perform other activities.

You might also like