Monthly Archives: July 2013

Combine Subterfuge with Armitage Adversaries Beware!



Subterfuge and Armitage make a Terrific Duo!

Okay… So you can harvest creds like a boss… What else can you do with Subterfuge? In this video we combine Subterfuge and Rafael Mudge’s Armitage to unleash the full power of Metasploit on our foes!

This video is a good example of how we like to use Subterfuge, but whether it’s Armitage, msfconsole, or a homegrown exploit Subterfuge can send victims your way. In today’s much more security conscious age you are far more likely to turn a client side exploit into a successful pentest then the remote code execution vulnerabilities that pervaded the past decade.

On Armitage

Armitage gets a lot of flack from some MSF power users, but personally I find its integration with Metasploit’s RPC to be the most convient way to interact with the msfconsole. Mudge has put a ton of work into Armitage over the past couple of years. The result is a sleek, capable tool that just gets the job done. Thanks Rafi!

 

Armitage

 

Checkout his site: Strategic Cyber

Attack Breakdown

Difficulty – Intermediate

Attack Methods – ARP Cache Poisoning, HTTPS Downgrade, Java Signed Applet (Browser Exploit)