© 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and...
-
Upload
kevin-burke -
Category
Documents
-
view
214 -
download
0
Transcript of © 2010 – MAD Security, LLC All rights reserved Team Operations Collaborate with Armitage and...
© 2010 – MAD Security, LLCAll rights reserved
Team OperationsCollaborate with Armitage and Metasploit
Overview
• Team Operations• Teaming Features• Architecture and Setup• Session Passing• Using External Tools• Team Organization
Team Operations
Armitage Teaming
• User Experience– Single user-like– Local control of Metasploit
• Teaming Features– Real Time Communication– Data Sharing– Session Sharing
Features: Event Log
Features: Data Sharing
Features: Session Sharing
Architecture
Setup
• Perform these steps on shared server…• Start Metasploit’s RPC daemon
– msfrpcd -U username -P password –f• Start Deconfliction server
– armitage --server attack_server_ip 55553 username password
• Connect clients!
Setup
Setup
Session Passing
• Inject meterpreter into memory• Point at any multi/handler
you like• Uses:
– Send session to a friend– Duplicate your access
Session Passing
• Inject meterpreter into memory• Point at any multi/handler
you like• Uses:
– Send session to a friend– Duplicate your access
Session Passing
• Inject meterpreter into memory• Point at any multi/handler
you like• Uses:
– Send session to a friend– Duplicate your access
External Tools
• In a team environment, not everyone will use Armitage– Everyone can still benefit from Armitage’s accesses
• Metasploit SOCKS proxy routes client traffic using pivot
• Web browsers may use a proxy server to connect
External Tools
External Tools
Team Organization
• Split team into roles– Attack– Multiple post-exploitation roles
• Distribute attacks• Centralize post-exploitation
Team Organization
• Use Armitage on big screen• Event log augments existing
communication channel• External tools may play too
(not everyone needs Armitage)
Summary
• Team Operations• Teaming Features• Architecture and Setup• Session Passing• Using External Tools• Team Organization