Fellow Pen-testers:
Version 1.5 of Medusa is now available for public download.
What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net. It currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.
While Medusa was designed to serve the same purpose as THC-Hydra, there are several significant differences. For a brief comparison, see:
http://www.foofus.net/jmk/medusa/medusa-compare.html
It’s been over a year since version 1.4 was released and there has been a bunch of changes. This release includes multiple bug fixes, several new modules and additional module functionality. The following is a quick rundown on some of the new features. A somewhat detailed report is available here: http://www.foofus.net/jmk/medusa/ChangeLog
* AFP – new module (still marked as unstable)
* HTTP – digest auth support
* IMAP – STARTTLS, NTLM support
* POP3 – STARTTLS, LOGIN, PLAIN, NTLM support
* SMBNT – LM, LMv2, NTLMv2 support
* SMTP – NTLM support
* TELNET – AS/400 (TN5250) support
* misc. core and module bug fixes
Finally, the main documentation and actual files are located here:
http://www.foofus.net/jmk/medusa/medusa.html
http://www.foofus.net/jmk/tools/medusa-1.5.tar.gz
Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing has been done on other platforms/distributions (OpenBSD, Debian, Ubuntu, Darwin, Mac OS X, Solaris). If people wish to contribute patches to fix portability issues, I’d be happy to accept them. There are probably lots of bugs which have yet to surface. Please let me know if you encounter issues, fix a bug or just find the application useful.
Enjoy,
Joe
Tags: Medusa, Tool Release
First of all, thanks a lot for your increible program!!
…and only a rapid question: is there any integrated way inside Medusa about bypassing captchas? I say this because when I try to run Medusa against a Pop Server, at the fifth (more or less) attempt, it stops because I´ve reached the limit of login failures.
Thanks very much!!
Hi Joe,
Medusa segfaults on large dictionary files. I haven’t looked at your source code but I assume you’re reading the whole file into memory which is fine on small files but on larger files (which dictionaries tend to be) it can cause issues
Just something you may want to look at for v 1.6
Cheers,
I want to say – thank you for this!
Good work dudes!
I’ve got some problems concerning font encoding.
ACCOUNT CHECK: [ssh] Host: a.b.c.d (1 of 1, 1 complete) User: test (1 of 1, 1 complete) Password: test[C3][A9] (1 of 1 complete)
where test[C3][A9] suppose to be “testé”.
It happens also with wordlist (UTF-8 or ISO-8859).
How can I make it work correctly?
PS: default font encoding on my ubuntu box: UTF-8
Regards.
A quick follow-up to the questions posted…
Pepito: Are you running v1.5? Support was added with that release to detect POP3 connections dropped by the server and to then reconnect. If you are at 1.5, this is likely a bug, but I’ll need more information about what the server is sending back.
Anon: We are reading the entire file into memory. I’m typically doing many smaller targeted dictionary attacks, so this hasn’t been an issue for me. I have however tested a dictionary with 1.5M entries and didn’t have any troubles. How big is your dictionary? Any chance I can get a backtrace or access to the dictionary so I can try to reproduce?
Luciano: No clue… Sorry…
FWIW, please post questions to our mailing list:
http://lists.foofus.net/listinfo.cgi/foofus-tools-foofus.net
There’s a better chance for quicker responses.
Joe
great app!
I would love to see support for login/passwords to be feed via stdin…
Wow!
Kudos to you guys.
After working in the security field for some 10 years, this is pretty much the first time i give feedback to anyone. It’s _that_ nice.
[...] La segunda herramienta que vamos a ver es Medusa. Es una herramienta del mismo estilo, aunque soporta menos protocolos por lo que he podido leer. La página donde podéis encontrar el código y la documentación está aquí. [...]