03 April 2020

Setup a Web User Interface for Metasploit - Installation & Overview

Today we are going to configure a graphical user interface for Metasploit.

As human beings, we don't like the same flavor every day. If we talk about ethical hacking, a maximum of tools work on command lines. It's a fun thing but some times it becomes boring when we have to repeat the same command lines over and over again. Most of the kids interested in an ethical hacking deal with the Windows operating system. At the first and then they shift themselves to the Linux environment and now the biggest problems they face.

"Memorizing command lines!"

They even can't remember the basic command lines. They face a lot of difficulties to run their machine smoothly without errors. Linux environment doesn't offer so many graphical user interface options as Windows does, But we can do something ourselves to enjoy GUI in the Linux environment. For instance, we have Armitage as a GUI version of Metasploit but it also deals with command lines.

Here we are going to discuss configuring a web user interface of Metasploit called Kage. Because Metasploit is the primary tool beginners get to know. And as Metasploit deals with many command lines, they (beginner) can't memorize them.

So, Let's get into the tutorial and see how can we configure it in Kali Linux (2020.1). First, Fire up your Kali Linux system » Go to "Github" » Download the Kage beta app image.
Now open up the terminal and go to the directory where you have downloaded the tool and run it by these commands:
$ sudo chmod +x Kage.0.1.1-beta_linux.AppImage
$ sudo ./Kage.0.1.1-beta_linux.AppImage
It will start the GUI version of Metasploit. In the login screen, you will see a power button. Click on that.
It will connect it to the Metasploit database. After reaching the progress bar to the Done click on cancel and login to the dashboard.
In the dashboard, Select the payload type; Set the listening-host & listening-port; Then click on create to form a new job (session).
In the next section Payload Generator; Again set the payload name, host and port. If you want to work it over WAN (internet) set the static IP address and any unused forwarded port. Now choose the extension of the payload. Here we want to work it on Windows, that is why we are selecting the .exe format. And now click on Generate.
This will take some time. Stay with patience. The payload will be created inside the kage folder.

Finally, send the payload file to the victim by using any social engineering techniques. When the victim clicks it, a session will start. Check out the session on the Sessions section.
Congrats! 😀 you have successfully compromised the victim's system. Now you can remotely control his or her system. Also, you can access the folders, network drives, camera, mic, processes and more.
Most of the people on the Internet love attractive and colorful user interfaces except hackers or who interested in this stuff. Loving GUI is not the wrong thing. It saves us time.

But choosing GUI in the field of ethical-hacking is not so preferable because when you get into high-level things you will find all the stuff operating on consoles. And if you used GUI for the entire life then it will be very complicated to do something in this field.

It is advised that if you are a newcomer, Use the GUI versions of tools but shift to command lines as soon as you discover how the console works

Video Tutorial

What do you think about kage? let us known in the comment box below. If you liked this post then visit our website regularly and for the quick updates follow us on Telegram.

Whatsapp Button works on Mobile Device only

Start typing and press Enter to search