Armitage UI for Metasploit v04.24.11 Released

Armitage organizes Metasploit’s capabilities around the hacking process. There are features for discovery, access, post-exploitation, and manuver. This section describes these features at a high-level, the rest of this manual covers these capabilities in detail.

For discovery, Armitage exposes several of Metasploit’s host management features. You can import hosts and launch scans to populate a database of targets. Armitage also visualizes the database of targets–you’ll always know which hosts you’re working with and where you have sessions.

Armitage assists with remote exploitation–providing features to automatically recommend exploits and even run active checks so you know which exploits will work. If these options fail, you can use the Hail Mary approach and unleash db_autopwn against your target database.

For those of you who are hacking post-2003, Armitage exposes the client-side features of Metasploit. You can launch browser exploits, generate malicious files, and create Meterpreter executables.

Once you’re in, Armitage provides several post-exploitation tools built on the capabilities of the Meterpreter agent. With the click of a menu you will escalate your privileges, dump password hashes to a local credentials database, browse the file system like you’re local, and launch command shells.

Finally, Armitage aids the process of setting up pivots, a capability that lets you use compromised hosts as a platform for attacking other hosts and further investigating the target network. Armitage also exposes Metasploit’s SOCKS proxy module which allows external tools to take advantage of these pivots. With these tools, you can further explore and maneuver through the network.


  • Added a check to prevent jerk faces from entering an empty nick in collaborative mode.
  • Fixed a potential dead-lock condition with the screenshot/webcam shot tab.
  • Armitage -> Listeners -> Reverse now binds to
  • Host import now posts an event to the collab mode shared event log
  • Added an option to display an MOTD message to clients that connect to Armitage in the collaboration mode. Use -m or –motd before –server and specify a file, e.g.: armitage -m /path/to/motd.txt –server …
    Clients will see this message when they connect. 

  • Added Meterpreter -> Access -> Pass Session to send a meterpreter session to a handler set up on another host.
  • Armitage now sets ExitOnSession to false for multi/handlers started within Armitage.
  • Pivoting and ARP Scan dialogs now highlight first option by default.
  • Added a sanity check to the Route class to prevent malformed IPs from screwing up sorting.
  • Removed sqlite3 from the database options. I should have done this long ago–it has no place in Armitage.
  • Armitage now intercepts meterpreter “shell” command and opens a new tab with the cmd.exe interaction in it.


NJ Ouchn

"Passion is needed for any great work, and for the revolution, passion and audacity are required in big doses"