Comments (4)
One option: consider incorporating it as a module into Metasploit. Armitage
blindly works off of Metasploit's importing capabilities. If you get it
accepted into the MSF tree and it's a useful thing for most cases, I'd be happy
to investigate adding it to the right spot in the UI.
Original comment by [email protected]
on 19 Feb 2011 at 12:37
from armitage.
Perhaps a similar project to this already exists. I'm sure I'm not the first to
imagine something like this, but here it goes:
What if we were to use valid, and normal network requests to perform "stealth"
network scans? Things like blindly sending null session authorization
attempts, http, ftp, etc. Just traffic that might not have been included in
IDS rules. Remember, we don't need to authenticate, authentication failures
can serve as a "return ping" so to speak, though obviously even mass
authentication failures would set off alarms, so perhaps even a "super stealth"
scan would be useful in cases where it's expected that the client has effective
log monitoring implemented.
Obviously, this could provide some false positives and wouldn't be the scan to
use if a comprehensive list of network devices was desired, but that's not the
point. I find that it's very easy to get a client's attention if I'm sitting
on their DC with admin access within minutes of booting up and plugging in on a
pen test. I know that Armitage will help me make this happen faster for me,
but for the greatest effect, I don't want to make any unusual noise on the
network unless absolutely required before I begin exhaustive scans.
Just an idea, and perhaps I should post this someplace outside your issue
tracker so I can collect some comments/input advice. Just curious to hear your
input and interest for now.
Original comment by [email protected]
on 23 Feb 2011 at 12:04
from armitage.
So what you're planning to do is generate legitimate looking traffic and using
the results of that generated traffic to tell if a host is up or not? That
could work. I think the best place for it though is a Metasploit module.
Armitage is just a dumb UI that adds a few collaboration features and tools to
launch existing modules.
Original comment by [email protected]
on 23 Feb 2011 at 12:30
from armitage.
We can continue this discussion via email, Twitter, or your blog. I'm just
closing this as it's not directly related to Armitage development.
Original comment by [email protected]
on 23 Feb 2011 at 12:31
- Changed state: Invalid
from armitage.
Related Issues (20)
- Metasploit Framework Exception: Invalid Module HOT 1
- ' HOT 1
- Error while unpacking main files HOT 1
- use full date format in the tar-ball name
- Java runtime error in armitage when using escalation HOT 11
- Hosts view not updating HOT 4
- stdapi error HOT 2
- Missing action parameter
- Console prompt garbage after executing clear command HOT 2
- Error loading Armitage HOT 1
- Certain Cortana Scripts fail when launched via java, works fine from inside Armitage
- Metasploit Windows HOT 1
- Metasploit 3.6.0 HOT 2
- Bug HOT 1
- RPC on latest metasploit
- Custom EXE failed HOT 2
- PHP Hack HOT 1
- Invalid Login HOT 1
- how can I start armitage on windows? HOT 3
- incorrectly imported host port data From Netsparker.xml
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from armitage.