Armitage and Cortana scripts

Cortana is a scripting language that is built into Armitage and Cobalt Strike. This is based on Sleep Scripting Language (http://sleep.dashnine.org/ ). We can find a lot of Cortana scripts built by different people on the internet. These scripts can be used to automate different tasks in Armitage. Running Cortana scripts is extremely easy. We will use the scripts hosted on GitHub by rsmudge, found here at https://github.com/rsmudge/cortana-scripts.

We then download the scripts on our computer and go to Armitage | Scripts... to run them:

In the window which opens, we choose Load and select the script we downloaded:

We will then try to run the icon script. This script identifies the services running and displays icons according to them:

Once the script is loaded, we then do the exploitation. When a new Meterpreter connection comes, this script will automatically run:

The script can sometimes take a while to run depending on the number of Meterpreter connections we have on our Armitage.

Within Armitage, the Cortana console is also provided. This allows us to interact with the scripts we run.

To view the console, we go to View | Script Console, as follows:

We can type help into the script console to see the list of all the commands:

Cortana's official manual has described the functions for all the commands: