Armitage (Cyber Attack Management Tool For Metasploit) Ver 01.19.12 Released

Armitage Ver 01.19.12 Released!!!

Earlier  couple of time we have discussed about Armitage. It is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you are new in Metasploit adn want to learn its advanced features then Armitage can only help you. Now, the author has released an updated version – Armitage version 01.19.12!

Official Change Log For Armitage 01.19.12:- 

• Data export now includes a sessions file. This lists all of the Metasploit sessions you had in your database. There’s some neat data here including which exploit was used, which payload, start time, and close time. You can calculate how much time you spent on your client’s boxes. Cool stuff.

• Fixed a potential dead-lock caused by mouse enter/exit events firing code that required a lock. Nice landmine to defuse.

• Fixed a weird condition with d-server detection. Sometimes (rarely) Armitage wouldn’t detect the d-server even when it’s present.

• Added check to d-server allowing one lock per/client. Client won’t reobtain a lock until it lets it go. This prevents you from opening two shell tabs for a shell session in team mode.

• Fixed an infinite loop condition when some Windows shell commands would return output with no newlines (e.g., net stop [some service]). Thanks Jesse for pointing me to this one.

• Data export now includes a timeline file. This file documents all of the major engagement events seen by Armitage. Included with each of these events is the source ip of the attack system and the user who carried out the action (when teaming is setup).

• Data export now exports timestamps with current timezone (not GMT)

• Fixed a nasty bug that’s been with Armitage since the beginning! I wasn’t freeing edges properly in the graph view. If you had pivots setup in graph view and used Armitage long enough–eventually Armitage would slow down until the program became unusable. At least it’s fixed now.

• Adjusted the d-server state identity hash combination algorithm to better avoid collissions.

• Armitage now displays ‘shell session’ below a host if the host info is just the Windows shell banner. 

The latest Armitage is installed with Metasploit 4.1.0+. If you want to use Armitage as a remote Metasploit client Then Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Armitage (Cyber Attack Management Tool For Metasploit) Ver 01.19.12 Released"https://www.voiceofgreyhat.com/2012/01/armitage-ver-011912-released-cyber.html</a>

Armitage (Graphical Cyber Attack Management Tool for Metasploit) 09.26.11 Released

Armitage 09.26.11 released.

Description:-
Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.

Official change log for Armitage 09.26.11:-

• Improved performance when launching exploits and other modules that open a new tab.

• Launching an exploit will only open a tab when fewer than four hosts are highlighted. If four or more are highlighted, then Armitage will use the old behavior of silently launching each exploit. [You're supposed to be able to attack hundreds of hosts at once--hence my desire to add this caveat]

• When launching an exploit in the background, Armitage will show a dialog indicating that the exploit was launched against X hosts.

• You may now drag and drop Armitage tabs to rearrange their order.

• Armitage “show all commands” option (for better exploit feedback) is now on by default.

• You may now right-click a screenshot/webcam shot to zoom in or out on the image. The zoom-level stays fixed (in case you refresh the image later)

• Added a menu to the X button in the tabs. Through this menu you may open the current tab in its own window or close all like tabs.

• Updated Hosts -> Import Hosts to reflect the current importable file types.

• Added View -> Reporting -> Export Data to dump most Metasploit tables into TSV and XML files suitable for parsing (by you!) into a report format of some sort.

• Armitage now encodes (-e x86/shikata_ga_nai -i 3) any Windows meterpreter payload generated from the module launcher dialog.

• [host] -> Meterpreter -> Access -> Duplicate now uses multi_meter_inject to launch Meterpreter into memory directly (rather than upload and execute a file)

• In teaming mode, Armitage will now automatically upload a file selected through the + option (e.g., USER_FILE +) to the Metasploit server and set the value in Metasploit accordingly.

• Modified error output for a failed Metasploit method to only display the method name and error message. Displaying a large input would cause Armitage UI to start flashing in some weird disco mode until a hard reset. Yeaah!

To Download Armitage 09.26.11 Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Armitage (Graphical Cyber Attack Management Tool for Metasploit) 09.26.11 Released"https://www.voiceofgreyhat.com/2011/10/armitage-graphical-cyber-attack.html</a>

"Busting Windows With Backtrack 5 R1 & Metasploit Framework 4.0" An Exclusive Article by Rahul Tyagi

"Busting Windows With Backtrack 5 R1 & Metasploit Framework 4.0" An Exclusive Article written by famous ethical hacker Rahul Tyagi.

The Article Contents:- 

• Backtrack 5 R1 Overview

• Brief of MSF 4.0

• Vulnerabilities, Exploits & Payloads

• MSF 4.0 Console Mode

• Exploiting Windows With Armitage 

• Starting the Party With Armitage

• Hard Facts That They Don't Reveal 

To download the article Click Here

-News Source (Rahul Tyagi)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">"Busting Windows With Backtrack 5 R1 & Metasploit Framework 4.0" An Exclusive Article by Rahul Tyagi"https://www.voiceofgreyhat.com/2011/10/busting-windows-with-backtrack-5-r1.html</a>

Security Onion Live DVD For Intrusion Detection Systems

The  Security Onion LiveDVD is a bootable DVD that contains software used  for installing, configuring, and testing Intrusion Detection Systems. It  is based on Xubuntu 10.04 and contains Snort, Suricata, Sguil, Squert,  Xplico, nmap, metasploit, Armitage, scapy, hping, netcat, tcpreplay, and  many other security tools.

Official Change Log for Security Onion 20110909:-

• The “IDS Rules” menu now has a new entry called “Add Local Rules” which will open /etc/nsm/rules/local.rules for editing using the “mousepad” GUI editor.  You can then add any rules that you want to maintain locally (outside of the downloaded VRT or Emerging Threats rulesets).

• A new menu called “IDS Config” was added with a new menu entry called “Configure IDS engine(s)”.  This will list all of the IDS engines on your system and allow you to choose one to configure.  It will then open the proper config file for whatever IDS engine you’re running.  After you save and close the config file, it will offer to restart the IDS engine for you.

For more information & to see their official blog release Click Here

To download Security Onion Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Security Onion Live DVD For Intrusion Detection Systems"https://www.voiceofgreyhat.com/2011/09/security-onion-live-dvd-for-intrusion.html</a>

Famous Framework Metasploit v4.0.0

The Metasploit Framework is a penetration testing toolkit, exploit development platform, and research tool. The framework includes hundreds of working remote exploits for a variety of platforms. Payloads, encoders, and nop slide generators can be mixed and matched with exploit modules to solve almost any exploit-related task.

New Exploit Modules:

VSFTPD v2.3.4 Backdoor Command Execution
Java RMI Server Insecure Default Configuration Java Code Execution
HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow
Mozilla Firefox nsTreeRange Dangling Pointer Vulnerability
Black Ice Cover Page ActiveX Control Arbitrary File Download
Microsoft Office Visio VISIODWG.DLL DXF File Handling Vulnerability
MicroP 0.1.1.1600 (MPPL File) Stack Buffer Overflow
Lotus Notes 8.0.x – 8.5.2 FP2 – Autonomy Keyview
RealWin SCADA Server DATAC Login Buffer Overflow
Siemens FactoryLink vrn.exe Opcode 9 Buffer Overflow
Iconics GENESIS32 Integer overflow version 9.21.201.01
Siemens FactoryLink 8 CSService Logging Path Param Buffer Overflow
Sielco Sistemi Winlog Buffer Overflow
Blue Coat Authentication and Authorization Agent (BCAAA) 5 Buffer Overflow
HP OmniInet.exe Opcode 20 Buffer Overflow
HP OmniInet.exe Opcode 27 Buffer Overflow
Citrix Provisioning Services 5.6 streamprocess.exe Buffer Overflow
Lotus Notes 8.0.x – 8.5.2 FP2 – Autonomy Keyview

New Post-Exploitation Modules:

Winlogon Lockout Credential Keylogger
Windows Gather Microsoft Outlook Saved Password Extraction
Windows Gather Process Memory Grep
Windows Gather Trillian Password Extractor
Windows PCI Hardware Enumeration
Windows Gather FlashFXP Saved Password Extraction
Windows Gather Local and Domain Controller Account Password Hashes
Windows Gather Nimbuzz Instant Messenger Password Extractor
Windows Gather CoreFTP Saved Password Extraction
Internet Download Manager (IDM) Password Extractor
Windows Gather SmartFTP Saved Password Extraction
Windows Gather Bitcoin wallet.dat
Windows Gather Service Info Enumeration
Windows Gather IPSwitch iMail User Data Enumeration

New Auxiliary Modules:

John the Ripper Password Cracker Fast Mode
Microsoft Windows DNSAPI.dll LLMNR Buffer Underrun DoS
Kaillera 0.86 Server Denial of Service
2Wire Cross-Site Request Forgery Password Reset Vulnerability
SIPDroid Extension Grabber
MSSQL Password Hashdump

Notable Features & Closed Bugs:-

Feature #4982 – Support for custom executable with psexec
Feature #4856 – RegLoadKey and RegUnLoadKey functions for the Meterpreter stdapi
Feature #4578 – Update Nmap XML parsers to support Nokogiri parsing
Feature #4417 – Post exploitation module to harvest OpenSSH credentials
Feature #4015 – Increase test coverage for railgun
Bug #4963 – Rework db_* commands for consistency
Bug #4892 – non-windows meterpreters upload into the wrong filename
Bug #4296 – Meterpreter stdapi registry functions create key if one doesn’t exist
Bug #3565 – framework installer fails on RHEL (postgres taking too long to start)

Armitage integrates with Metasploit 4.0 to:-

Take advantage of the new Meterpreter payload stagers
Crack credentials with the click of a button
Run post modules against multiple hosts
Automatically log all post-exploitation activity
Revision Information:
Framework Revision 13462

Several import parsers were rewritten to use Nokogiri for much faster processing of large import files. Adding to Metasploit’s extensive payload support, Windows and Java Meterpreter now both support staging over HTTP and Windows can use HTTPS. In a similar vein, POSIX Meterpreter is seeing some new development again. It still isn’t perfect nor is it nearly as complete as the Windows version, but many features already work. Java applet signing is now done directly in Ruby, removing the need for a JDK for generating self-signed certificates. The Linux installers now ship with ruby headers, making it possible to install native gems in the Metasploit ruby environment.

Another flexibility improvement comes in the form of a consolidated pcap interface. The pcaprub extension ships with the Linux installers as of this release and support for Windows will come soon. Modules that used Racket for generating raw packets have been converted to Packetfu, which provides a smoother API for modules to capture and inject packets.

To download Metasploit Framework v4.0.0 Click Here

For more information abous MSF click here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Famous Framework Metasploit v4.0.0"https://www.voiceofgreyhat.com/2011/08/famous-framework-metasploit-v400.html</a>

Armitage 04.24.11!!

rmitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you.“

This is the change log:

• Added a check to prevent jerk faces from entering an empty nick in collaborative mode. 
• Fixed a potential dead-lock condition with the screenshot/webcam shot tab.
• Armitage -> Listeners -> Reverse now binds to 0.0.0.0.
• Host import now posts an event to the collab mode shared event log
• Added an option to display an MOTD message to clients that connect to Armitage in the collaboration mode. Use -m or –motd before –server and specify a file, e.g.:

armitage -m /path/to/motd.txt --server ...

Clients will see this message when they connect.
• Added Meterpreter -> Access -> Pass Session to send a meterpreter session to a handler set up on another host.
• Armitage now sets ExitOnSession to false for multi/handlers started within Armitage.
• Pivoting and ARP Scan dialogs now highlight first option by default.
• Added a sanity check to the Route class to prevent malformed IPs from screwing up sorting.
• Removed sqlite3 from the database options. I should have done this long ago–it has no place in Armitage.
• Armitage now intercepts meterpreter “shell” command and opens a new tab with the cmd.exeinteraction in it.

Download Armitage 04.24.11 (armitage042411.zip/armitage042411.tgz) here.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Armitage 04.24.11!!"https://www.voiceofgreyhat.com/2011/04/armitage-042411.html</a>