Finding and launching attacks
In the previous sections, we added a host to the Armitage console and performed a port scan and enumeration on it using NMAP. Now, we know that it's running a Debian-based Linux system. The next step is to find all the possible attacks matching our target host.
In order to fetch all the applicable attacks, follow these steps:
- Select the Attacks menu.
- Click on Find Attacks.
- Now, the Armitage console will query the backend database for all the possible matching exploits against the open ports that we found during our enumeration earlier, as in the following screenshot:
- Once the Armitage console finishes querying for possible exploits, you can see the list of applicable exploits by right-clicking on the host and selecting the Attack menu. In this case, we'll try to exploit the postgres vulnerability, as in the following screenshot: