1
00:00:00,360 --> 00:00:03,420
Welcome to part nine of this module.

2
00:00:03,420 --> 00:00:12,270
It is now time to take a long and overdue look at Armitage originally developed by Rafael Mudge Armitage

3
00:00:12,360 --> 00:00:20,620
is a Java based graphical user interface that acts as a front end for the Met a spoilt framework.

4
00:00:20,910 --> 00:00:24,660
It is very much what zen map is to end map.

5
00:00:24,660 --> 00:00:32,800
It gives you a visual representation of what is going on when you're using Metis Boyd the gooey comes

6
00:00:32,800 --> 00:00:43,340
pre installed on all modern versions of Kali and is actually pinned to the taskbar right here by default.

7
00:00:43,340 --> 00:00:51,380
When you initially installed the operating system it is represented by this icon of green haired woman

8
00:00:51,860 --> 00:00:55,530
with what I take to be large paratrooper and ears.

9
00:00:55,550 --> 00:00:58,200
Well I've never had this confirmed to be a fact.

10
00:00:58,220 --> 00:01:05,510
I believe that the program name and icon design were inspired by an animated cyberpunk cartoon show

11
00:01:05,810 --> 00:01:10,320
of the same name that was released sometime in the 1990s.

12
00:01:10,340 --> 00:01:13,160
In any case it can also be found under applications

13
00:01:15,920 --> 00:01:17,720
exploitation tools.

14
00:01:17,810 --> 00:01:18,760
Armitage.

15
00:01:18,920 --> 00:01:24,300
So let's go ahead and load up Armitage and take a look at the interface.

16
00:01:24,320 --> 00:01:29,060
The first thing that will happen is that you'll be prompted with this little connection box.

17
00:01:29,060 --> 00:01:33,480
We're going to go ahead and leave all of this just as it appears now.

18
00:01:33,710 --> 00:01:36,320
So we'll just click connect.

19
00:01:36,320 --> 00:01:39,620
This is going to form a connection to the local host.

20
00:01:39,650 --> 00:01:45,620
We are then informed that a Metis Floyd our P.S. server is not running or not accepting connections

21
00:01:45,620 --> 00:01:46,130
yet.

22
00:01:46,310 --> 00:01:48,390
And we are asked if we wish to start one.

23
00:01:48,410 --> 00:01:50,860
We'll go ahead and answer yes to this question.

24
00:01:50,900 --> 00:01:53,820
Connecting will probably take you a few minutes.

25
00:01:53,960 --> 00:01:56,830
If you've never run Metis ploy before at all.

26
00:01:56,840 --> 00:02:01,060
This process is likely to take far longer the first time you do it.

27
00:02:01,100 --> 00:02:08,300
Virtual Box users should be aware that Armitage tends to be moderately demanding in terms of system

28
00:02:08,300 --> 00:02:15,530
resources it can run relatively smoothly even on a laptop with around 2 gigabytes of RAM.

29
00:02:15,680 --> 00:02:19,180
But I really wouldn't recommend pushing it any lower than that.

30
00:02:19,970 --> 00:02:26,030
Obviously it is possible to install Armitage and met a split on other distributions of Linux and for

31
00:02:26,030 --> 00:02:34,070
various reasons you might wish to do this on a very low spec platform such as for example a raspberry

32
00:02:34,070 --> 00:02:41,200
pi or a chip computer or possibly a very inexpensive virtual private server with very poor specs.

33
00:02:41,420 --> 00:02:42,320
And that's fine.

34
00:02:42,320 --> 00:02:50,750
You can do that but in such cases I would recommend the standard MSF console over the gooey now the

35
00:02:50,750 --> 00:02:57,090
great thing about Armitage is that the exploitation process is essentially automated.

36
00:02:57,260 --> 00:03:04,160
If the Mets point console seemed needlessly confusing or obtuse this graphical interface is meant to

37
00:03:04,160 --> 00:03:10,370
be a kind of easy mode whereby you can accomplish with a few mouse clicks what would otherwise require

38
00:03:10,370 --> 00:03:14,120
complex and somewhat arcane commands.

39
00:03:14,120 --> 00:03:19,880
Perhaps you now ask asking yourself why the heck didn't we just start off with this instead of waiting.

40
00:03:19,880 --> 00:03:25,610
Knee deep in the Met a spoiled and that is because having an understanding of what you're doing is important.

41
00:03:26,180 --> 00:03:32,150
Even though Armitage can make things seem very easy you will run into occasional issues while using

42
00:03:32,150 --> 00:03:32,620
it.

43
00:03:32,870 --> 00:03:41,150
You may for example need to make changes to the options and settings on the fly and if you just rely

44
00:03:41,150 --> 00:03:47,420
on a script to do everything for you then you'll never really progressing your skill beyond the limits

45
00:03:47,420 --> 00:03:49,360
of that script.

46
00:03:49,480 --> 00:03:51,440
OK so what is going on here.

47
00:03:51,440 --> 00:03:54,590
First off we have three windows.

48
00:03:54,590 --> 00:03:59,370
You'll notice that the MSF console is visible in the bottom window.

49
00:03:59,390 --> 00:04:02,590
This is literally just MSF console.

50
00:04:02,810 --> 00:04:09,620
If you type a command down here that would work normally in a normal MSF console that you open in a

51
00:04:09,620 --> 00:04:10,840
terminal window.

52
00:04:10,840 --> 00:04:17,780
It'll operate the same way you'll also see all the text based output down here in this window as well

53
00:04:18,230 --> 00:04:26,480
such as for example the results of your scans the large empty window at the top is where the graphical

54
00:04:26,510 --> 00:04:33,760
aspect of her graphical user interface comes into play as we'll see demonstrated in a moment.

55
00:04:33,770 --> 00:04:41,990
Finally you have your categories here on the left auxiliaries exploits payloads and post.

56
00:04:42,080 --> 00:04:50,610
Please note that you can resize these windows just by clicking and dragging them on the edge like so.

57
00:04:51,080 --> 00:04:54,200
I generally tend to leave them the default size.

58
00:04:54,230 --> 00:05:03,070
Also notice that much like Sparta the bottom console window is separated into discrete tabs in this

59
00:05:03,070 --> 00:05:07,930
way it is much easier to manage multiple sessions or scans all at once.

60
00:05:08,050 --> 00:05:12,930
Nothing about Armitage is different from anything you've learned so far.

61
00:05:13,060 --> 00:05:19,370
Only the way in which information is presented and how you go about interacting with the system.

62
00:05:19,390 --> 00:05:24,200
Now let's walk through this toolbar real quick under Armitage.

63
00:05:24,220 --> 00:05:26,740
You can form a new connection.

64
00:05:26,740 --> 00:05:32,500
Change your preferences set the target view set the exploit rank.

65
00:05:32,560 --> 00:05:40,990
Use a SoCs proxy set the listeners so that you can connect to or wait for set the L host or another

66
00:05:40,990 --> 00:05:42,590
listening host.

67
00:05:42,640 --> 00:05:48,910
If for example you are running Cally on another computer and you want that computer to listen as well.

68
00:05:48,910 --> 00:05:52,240
Finally you have your scripts and the option to close.

69
00:05:52,270 --> 00:05:55,780
Armitage view is very straightforward.

70
00:05:55,940 --> 00:06:04,110
That is just to essentially edit your view hosts is also what you would expect in a moment we're going

71
00:06:04,110 --> 00:06:12,100
to add hosts to add in our midst Floyd able to virtual machine as a target for Armitage.

72
00:06:12,120 --> 00:06:18,060
This is also where you would manually add in whatever targets you want to attack that don't automatically

73
00:06:18,060 --> 00:06:23,190
pop up when you scan such as for example a remote target.

74
00:06:23,190 --> 00:06:29,280
If you are attempting to use Armitage remotely please see the prior video on port forwarding and make

75
00:06:29,280 --> 00:06:32,230
sure that you are configured properly for that.

76
00:06:32,280 --> 00:06:38,810
We also have built in and map scans as is the case in standard MSF console.

77
00:06:38,880 --> 00:06:43,750
If you watch the videos on any map these options should be familiar to you.

78
00:06:43,770 --> 00:06:49,500
We won't be going into detail on what these mean here such as the differences between an intense scan

79
00:06:49,770 --> 00:06:50,910
or a quick scan.

80
00:06:51,030 --> 00:06:54,690
So please see that video if you have any questions about it.

81
00:06:54,690 --> 00:07:00,670
MSF is our medicine Lloyd scans and there's DNS enumeration offered as well.

82
00:07:00,690 --> 00:07:07,710
Finally you can clear your database which is essentially just removing any leftover scans or machines

83
00:07:07,710 --> 00:07:09,890
that will show up in the graphical part of the window.

84
00:07:09,900 --> 00:07:11,400
Again we'll see this in a moment.

85
00:07:11,400 --> 00:07:16,920
Next up we have a tax which lets you find a tax on your targets or host.

86
00:07:16,920 --> 00:07:24,200
Hail Mary is something that we'll look at later workspaces allows you to switch between all the workspaces

87
00:07:24,310 --> 00:07:31,540
you currently have very useful and a large pen test where there are multiple systems at play and finally

88
00:07:31,540 --> 00:07:35,300
help which is hopefully self-explanatory.

89
00:07:35,320 --> 00:07:41,140
Now another thing to mention about the interface that a lot of people tend to miss is this little search

90
00:07:41,140 --> 00:07:43,830
bar under the folders display.

91
00:07:44,170 --> 00:07:49,630
It allows you to search the framework for particular exploits and what have you exactly like the search

92
00:07:49,630 --> 00:07:56,440
command in the normal MSF console or module section is exactly the same as MSF console.

93
00:07:56,440 --> 00:08:05,740
If we go through them real quick you can see the directory structure follows the basic structure that

94
00:08:05,740 --> 00:08:08,170
we've seen displayed so far.

95
00:08:08,170 --> 00:08:16,050
You have your auxiliaries your scanners your father's sniffers spoof furs et cetera et cetera.

96
00:08:16,060 --> 00:08:22,630
Here we have our exploits sorted as always by the operating system exploits pertaining specifically

97
00:08:22,630 --> 00:08:26,050
to windows would be stored in the windows folder.

98
00:08:26,050 --> 00:08:30,910
Linux in the Linux folder Firefox Android and so on and so forth.

99
00:08:31,000 --> 00:08:36,860
And here we have our payloads payloads are of course sorted by platform and operating system.

100
00:08:37,000 --> 00:08:41,290
And of course last but not least we have our post right.

101
00:08:41,290 --> 00:08:48,950
Hopefully this all seems very familiar and you are impatient to get started so let's get started as

102
00:08:48,950 --> 00:08:55,250
I said our target for this demonstration is going to be our trusty met a split able to virtual machine.

103
00:08:55,640 --> 00:09:03,110
If you're following along please load that up and use the I f config command within met a split to grab

104
00:09:03,110 --> 00:09:05,910
its network address like so.

105
00:09:06,530 --> 00:09:15,470
So here we can see in my case the network address is 10 0 0 0 dot 15 and yours will very likely be different.

106
00:09:15,470 --> 00:09:21,290
Also keep in mind that a split able to is just for testing purposes and because it's an easy target

107
00:09:21,800 --> 00:09:25,690
you can do this against a Windows box or whatever else you like.

108
00:09:25,760 --> 00:09:31,460
You just won't find quite as many vulnerabilities and you might not find any if the system is well maintained

109
00:09:31,790 --> 00:09:33,160
and fully up to date.

110
00:09:33,320 --> 00:09:46,850
In any case we can go up to the hosts and click Add hosts then put in our a split able to virtual machines

111
00:09:46,910 --> 00:09:53,170
IP but instead lets performing and map scan and see if it comes up by itself.

112
00:09:53,180 --> 00:10:01,700
So we're going to hosts and map and we'll select a quick scan with operating system detection.

113
00:10:01,700 --> 00:10:09,440
Now we're being prompted to enter a single IP address or a range of IP is if we wish to scan our entire

114
00:10:09,440 --> 00:10:10,260
network.

115
00:10:10,330 --> 00:10:13,890
We are on the network already so we know our own networks IP.

116
00:10:14,090 --> 00:10:18,530
In this case it's going to be 10 dot 0 0 dot 15.

117
00:10:18,530 --> 00:10:25,740
Yours will vary yours maybe something like 1 92 dot 168 dot one dot something.

118
00:10:25,790 --> 00:10:39,140
In either case to scan a range we type 10 dot 0 0 0 1 slash 24 but we don't need to scan the whole network

119
00:10:39,140 --> 00:10:43,250
right now so we'll just field our target address since we already know it.

120
00:10:43,520 --> 00:10:45,040
When you're ready click OK.

121
00:10:45,140 --> 00:10:48,530
Once we can enter the end map scan will begin.

122
00:10:48,530 --> 00:10:53,930
This is exactly the same type of scan you've seen done elsewhere.

123
00:10:53,930 --> 00:10:57,020
It is just taking place within Armitage.

124
00:10:57,020 --> 00:11:04,430
The output is going to appear in the bottom window under its own specific tab and in a moment you should

125
00:11:04,430 --> 00:11:10,600
see a computer image pop up in the top window with a small penguin on the screen.

126
00:11:10,640 --> 00:11:15,680
Once the scan is done you'll be prompted telling you that the scan is complete and reminding you that

127
00:11:15,680 --> 00:11:24,170
you can use the attacks tab find attacks to suggest applicable exploits for your target click OK.

128
00:11:24,260 --> 00:11:31,260
So if we hover our mouse over the penguin we can see that the target is running Linux.

129
00:11:31,260 --> 00:11:35,520
Two point six and the kernel is not specified.

130
00:11:35,520 --> 00:11:41,470
The Penguin is a kind of shorthand that shows you it is a Linux machine you are dealing with.

131
00:11:41,490 --> 00:11:46,020
If it was a Windows computer you'd see a Windows icon represented.

132
00:11:46,020 --> 00:11:53,760
If we scroll up to evaluate our end map results in one of the previous videos we exploited the V as

133
00:11:53,820 --> 00:11:57,570
f TPD backdoor to gain access.

134
00:11:57,570 --> 00:11:59,190
How did we do that.

135
00:11:59,190 --> 00:12:02,680
Well we knew that it exists as an exploit.

136
00:12:02,730 --> 00:12:06,450
So let's go to our exploits folder and see if we can find it.

137
00:12:08,710 --> 00:12:18,170
So we'll just click on exploits and we'll recall that it was a Unix exploit FTB.

138
00:12:18,340 --> 00:12:21,350
And here we go from here we just double click.

139
00:12:22,340 --> 00:12:26,920
Now it's going to present us with a window that lets us set the options for the exploit.

140
00:12:26,960 --> 00:12:36,680
Exactly as you did in previously with the MSF console options like setting the R host an R port by default

141
00:12:36,770 --> 00:12:43,640
the L host is the listening host and is your computer's network IP address the El port is the listening

142
00:12:43,640 --> 00:12:50,690
port and this is an important number to remember if you're using port forwarding in this case we don't

143
00:12:50,690 --> 00:12:57,320
need to worry about changing anything but you may need to set the R host it might not be done automatically

144
00:12:57,770 --> 00:12:59,380
if that is the case.

145
00:12:59,510 --> 00:13:08,180
Just double click set it to whatever you want in my case it's already set and press enter.

146
00:13:08,180 --> 00:13:11,200
Now that we're ready we'll just click the launch button.

147
00:13:11,240 --> 00:13:13,070
This will take a few seconds.

148
00:13:13,100 --> 00:13:22,300
Armitage is now going to launch the exploit and a new dedicated tab will be opened pertaining specifically

149
00:13:22,300 --> 00:13:23,830
to the exploit.

150
00:13:23,830 --> 00:13:25,720
Here on our lower console window

151
00:13:28,940 --> 00:13:30,360
and there we go.

152
00:13:30,620 --> 00:13:32,110
We have backdoor access.

153
00:13:32,120 --> 00:13:33,500
Easy is that.

154
00:13:33,500 --> 00:13:41,000
Notice that the icon of the Linux computer is now surrounded by lightning bolts and has turned red.

155
00:13:41,000 --> 00:13:45,120
This means that we have successfully exploited the system in some way.

156
00:13:45,800 --> 00:13:46,430
Okay great.

157
00:13:46,460 --> 00:13:49,190
We have access but so what.

158
00:13:49,190 --> 00:13:53,860
Nothing about this really seems that different from MSF console.

159
00:13:53,870 --> 00:13:55,670
What can we really do here.

160
00:13:55,670 --> 00:14:02,450
Well the big advantage here is the automation of attacks and this is both Armitage's greatest strength

161
00:14:02,510 --> 00:14:04,410
and greatest weakness.

162
00:14:04,490 --> 00:14:11,120
It is a great strength because with just a few mouse clicks you can find all of the chinks in our target's

163
00:14:11,120 --> 00:14:18,860
armor and exploit them and a weakness because if you rely solely on automation as ESP as has been said

164
00:14:19,850 --> 00:14:28,360
your skills do not improve and you can't handle any hiccups that might happen so if we right click on

165
00:14:28,360 --> 00:14:36,910
our target we can see that it gives us options to log in to the default network services.

166
00:14:36,910 --> 00:14:44,680
If the cracking process is possible you can then log into things like the FCP protocol HDP my sequel

167
00:14:44,680 --> 00:14:46,330
et cetera et cetera.

168
00:14:46,420 --> 00:14:53,740
Now the shell that we have created which is the exploit that we just used allows us to interact with

169
00:14:53,740 --> 00:15:01,640
the computer we can upload files past the session post modules or disconnect.

170
00:15:01,780 --> 00:15:03,840
Let's go ahead and interact with it.

171
00:15:03,910 --> 00:15:10,480
Now the shell that we have created which is the exploit that we used allows us to interact directly

172
00:15:10,480 --> 00:15:13,740
with the computer as though we were sitting in front of it.

173
00:15:13,750 --> 00:15:20,950
That is to say our target we can upload files we can delete files we can do whatever we want.

174
00:15:21,070 --> 00:15:29,730
For example will print the working directory which is route we can list the files in the root directory

175
00:15:31,900 --> 00:15:33,730
we can change to the home directory

176
00:15:36,580 --> 00:15:44,800
we can switch into MSF ad men Saeedi vulnerable unless for list files and we can see the web services

177
00:15:44,800 --> 00:15:46,560
that are currently running.

178
00:15:46,570 --> 00:15:52,150
OK I'm going to close the shell because hopefully this is clear and maybe it's a little repetitive

179
00:15:59,440 --> 00:16:00,700
upon disconnection.

180
00:16:00,700 --> 00:16:04,560
The lightning bolts around the computer icon will be removed.

181
00:16:04,720 --> 00:16:08,340
This denotes the fact that it is no longer being exploited.

182
00:16:08,350 --> 00:16:17,200
Now if we go up to attacks and click find attacks it is literally going to do all the work for us at

183
00:16:17,200 --> 00:16:18,530
completion.

184
00:16:18,580 --> 00:16:26,920
It will tell us the attack analysis is complete and we'll see new options in the attack menu attached

185
00:16:26,920 --> 00:16:29,830
to each host and the target window.

186
00:16:29,830 --> 00:16:35,590
We just have to give it a second to complete we can see that the attack analysis is complete so we'll

187
00:16:35,590 --> 00:16:36,700
click OK.

188
00:16:36,760 --> 00:16:45,640
If we right click now we can pull up the newly added attack tab which shows us all the compatible exploits

189
00:16:45,640 --> 00:16:49,780
that Armitage is found for us that should work against our target.

190
00:16:49,780 --> 00:16:55,780
Now please notice that this is not a complete list in fact it doesn't even show us the exploit that

191
00:16:55,780 --> 00:16:58,320
we literally just used.

192
00:16:58,400 --> 00:17:05,990
We can go down to more and sometimes we can find it.

193
00:17:07,100 --> 00:17:12,860
However it's not listed so we're going to go ahead and click check exploits

194
00:17:16,250 --> 00:17:22,290
and as we can see in the lower window it is now checking against a wide range of possible exploits one

195
00:17:22,290 --> 00:17:26,760
at a time switching between them and automatically setting our options.

196
00:17:26,760 --> 00:17:32,490
This may of course take some time and it's not necessary to sit here and watch the process however has

197
00:17:32,490 --> 00:17:34,580
more possibilities are found.

198
00:17:34,710 --> 00:17:38,040
These should appear in your attack menu.

199
00:17:38,040 --> 00:17:44,280
The point that I wish to drive home here is that while the find attacks option is very handy and can

200
00:17:44,280 --> 00:17:51,010
save you a lot of time it's usually not 100 percent effective at finding all possible attack vectors.

201
00:17:51,150 --> 00:17:56,070
You'll probably come up with something good and that may serve your immediate purpose but it's not a

202
00:17:56,070 --> 00:18:03,180
replacement for a full blown reconnaissance scan such as such as we did with any map in the information

203
00:18:03,180 --> 00:18:04,560
gathering phase.

204
00:18:04,600 --> 00:18:09,630
And keep in mind that we can also scan an individual target by right clicking and clicking scan.

205
00:18:09,630 --> 00:18:14,740
This will open up a dedicated tab and this is going to run through a large number of scanners as well.

206
00:18:14,760 --> 00:18:21,240
One after another back to back in an automated information gathering process it will take some time

207
00:18:21,240 --> 00:18:25,070
to finish and the information will be displayed on the bottom of the screen.

208
00:18:25,070 --> 00:18:28,770
In this tab as we can see there are nine scans to go.

209
00:18:28,770 --> 00:18:36,550
So while this is working we'll go up to hosts and we're going to perform an end map scan once again

210
00:18:37,690 --> 00:18:39,160
same as before.

211
00:18:39,160 --> 00:18:42,900
Quick scan with operating system detection.

212
00:18:43,000 --> 00:18:51,570
And this time we're going to select a range of IP addresses so in my case it's 10 not 0 0 dot 1.

213
00:18:51,570 --> 00:18:58,560
If your network address were something like one ninety two dot 168 dot 1 dot 0 you'd probably enter

214
00:18:58,560 --> 00:19:00,720
one ninety two dot 168.

215
00:19:00,720 --> 00:19:02,070
Dot one dot one.

216
00:19:02,310 --> 00:19:09,930
In either case we then do slash 24 to show that we're scanning for up to 24 other connected machines

217
00:19:10,490 --> 00:19:18,440
and we will click OK and this will begin the end map scan and with luck it will further populate our

218
00:19:18,440 --> 00:19:19,520
target window.

219
00:19:19,520 --> 00:19:23,100
We should see more machines pop up in a moment.

220
00:19:23,150 --> 00:19:30,890
Some will be unclear as to what operating system they're using and others should denote the operating

221
00:19:30,890 --> 00:19:36,910
system with an icon either Linux Windows Mac OS et cetera.

222
00:19:37,150 --> 00:19:41,120
And this will further populate our target window so we'll click OK.

223
00:19:41,120 --> 00:19:45,040
And now we can see that several war machines have popped up.

224
00:19:45,050 --> 00:19:51,800
We have our Linux machine two different windows machines and a number of unidentified machines on the

225
00:19:51,800 --> 00:19:52,550
network.

226
00:19:52,580 --> 00:19:59,360
So as you can see this is a very useful tool particularly when you're auditing a very large network

227
00:19:59,720 --> 00:20:03,870
with a lot of different computer systems and you want to pin test a lot of them.

228
00:20:03,920 --> 00:20:09,020
You can scan them one by one automatically with dedicated tabs.

229
00:20:09,050 --> 00:20:16,310
And it will run each set of scans one after another after another as you can see one scan to go if we

230
00:20:16,310 --> 00:20:21,070
scroll up to scans scans to go three four five et cetera et cetera.

231
00:20:21,080 --> 00:20:26,870
We can check exploits in an automated way against each target.

232
00:20:26,930 --> 00:20:32,690
We can simply click on a target and we can click the scan option.

233
00:20:32,690 --> 00:20:40,530
We can attempt to find attacks against that target.

234
00:20:40,690 --> 00:20:46,270
There may or may not be any but you can try this with every single machine that pops up in the display

235
00:20:47,110 --> 00:20:57,460
and chances are that you're going to find at least one or two exploits on a few machines that will pop

236
00:20:57,460 --> 00:21:02,950
up on a large network that will give you purchase on the network and then you can pivot from there and

237
00:21:02,950 --> 00:21:07,470
start exploiting other machines and so on and so forth.

238
00:21:07,480 --> 00:21:15,130
So as you can see this is a very useful tool for large networks but it can lead to laziness and the

239
00:21:15,130 --> 00:21:17,790
automation is not perfect.

240
00:21:17,860 --> 00:21:24,250
These scans don't always find all the best exploits that are possible against a target as you may have

241
00:21:24,250 --> 00:21:30,130
noticed this Linux machine which has met a split able to we saw a great many exploits for it but the

242
00:21:30,130 --> 00:21:36,700
one that we use to gain a direct shell access it didn't come up in the menu which means that while the

243
00:21:36,700 --> 00:21:39,920
system is very nice it's far from perfect.

244
00:21:40,000 --> 00:21:43,250
In any case that about covers it.

245
00:21:43,330 --> 00:21:50,740
Armitage is really a great tool to make use of and it makes Metis Floyd much easier particularly again

246
00:21:50,740 --> 00:21:54,810
when you're using it against a lot of machines on a network all at once.

247
00:21:54,820 --> 00:21:59,970
You need to keep everything neatly organized and arranged into tabs.

248
00:21:59,980 --> 00:22:06,040
It keeps your running sessions organized as well so you could have multiple shells or more turf fritters

249
00:22:06,070 --> 00:22:12,580
open all at once and it won't get horribly confusing having to switch back and forth in a text based

250
00:22:12,580 --> 00:22:14,920
prompt anyway as always.

251
00:22:14,950 --> 00:22:20,980
Never use anything demonstrated in these videos against any target or targets that you do not have written

252
00:22:20,980 --> 00:22:27,730
permission from the owner to penetration test be conscientious and lawful and all that you do practice

253
00:22:27,730 --> 00:22:33,430
this a bit on your own against your own vulnerable virtual machines and you should find that the once

254
00:22:33,430 --> 00:22:38,680
confusing better split framework and Armitage really do become second nature.

255
00:22:38,680 --> 00:22:41,460
So I hope you enjoy it and I'll see you next time.

256
00:22:41,470 --> 00:22:41,890
Thank you.