jeudi 29 décembre 2016

MEDUSA - SPEEDY, PARALLEL AND MODULAR LOGIN BRUTE-FORCER

MEDUSA - SPEEDY, PARALLEL AND MODULAR LOGIN BRUTE-FORCER


Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:
  • Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
  • Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
  • Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.

Why?

Why create Medusa? Isn't this the same thing as THC-Hydra? Here are some of the reasons for this application:
  • Application stability. Maybe I'm just lame, but Hydra frequently crashed on me. I was no longer confident that Hydra was actually doing what it claimed to be. Rather than fix Hydra, I decided to create my own buggy application which could crash in new and exciting ways.
  • Code organization. A while back I added several features to Hydra (parallel host scanning, SMBNT module). Retro-fitting the parallel host code to Hydra was a serious pain. This was mainly due to my coding ignorance, but was probably also due to Hydra not being designed from the ground-up to support this. Medusa was designed from the start to support parallel testing of hosts, users and passwords.
  • Speed. Hydra accomplishes its parallel testing by forking off a new process for each host and instance of the service being tested. When testing many hosts/users at once this creates a large amount of overhead as user/password lists must be duplicated for each forked process. Medusa is pthread-based and does not unnecessarily duplicate information.
  • Education. I am not an experienced C programmer, nor do I consider myself an expert in multi-threaded programming. Writing this application was a training exercise for me. Hopefully, the results of it will be useful for others. 

Module specific details:
  •     AFP
  •     CVS
  •     FTP
  •     HTTP
  •     IMAP
  •     MS-SQL
  •     MySQL
  •     NetWare NCP
  •     NNTP
  •     PcAnywhere
  •     POP3
  •     PostgreSQL
  •     REXEC
  •     RDP
  •     RLOGIN
  •     RSH
  •     SMBNT
  •     SMTP-AUTH
  •     SMTP-VRFY
  •     SNMP
  •     SSHv2
  •     Subversion (SVN)
  •     Telnet
  •     VMware Authentication Daemon (vmauthd)
  •     VNC
  •     Generic Wrapper
  •     Web Form 

News
2015-06-07: Released Medusa v2.2_rc2
2015-05-28: Released Medusa v2.2_rc1
2012-05-25: Released Medusa v2.1.1
2012-04-02: Released Medusa v2.1
2011-03-04: tak and bigmoneyhat have released a Java-based GUI for Medusa (Medusa-gui)
2010-02-09: Released Medusa v2.0


Aucun commentaire:

Enregistrer un commentaire