Skip to content

Latest commit

 

History

History
123 lines (88 loc) · 3.22 KB

File metadata and controls

123 lines (88 loc) · 3.22 KB

Medusa

Fast, parallel, modular login brute-forcer.

Installation

sudo apt-get -y install medusa

Basic Syntax

medusa [target_options] [credential_options] -M module [module_options]

Options Table

Option Description Example
-h HOST Single target host medusa -h 192.168.1.10 ...
-H FILE File with list of targets medusa -H targets.txt ...
-u USER Single username medusa -u admin ...
-U FILE File with list of usernames medusa -U users.txt ...
-p PASS Single password medusa -p password123 ...
-P FILE File with list of passwords medusa -P passwords.txt ...
-M MODULE Module to use medusa -M ssh ...
-m "OPTS" Module-specific options medusa -m "DIR:/admin" ...
-t TASKS Parallel login attempts medusa -t 4 ...
-f Stop after first valid login (host) medusa -f ...
-F Stop after first valid login (any) medusa -F ...
-n PORT Non-default port medusa -n 2222 ...
-e ns Check empty/same-as-user passwords medusa -e ns ...
-v LEVEL Verbose (0-6) medusa -v 4 ...

Modules Table

Module Service Example
ssh SSH medusa -M ssh -h 192.168.1.100 -u root -P pass.txt
ftp FTP medusa -M ftp -h 192.168.1.100 -u admin -P pass.txt
http HTTP Basic Auth medusa -M http -h example.com -U users.txt -P pass.txt
mysql MySQL medusa -M mysql -h 192.168.1.100 -u root -P pass.txt
mssql MS SQL Server medusa -M mssql -h 192.168.1.100 -u sa -P pass.txt
rdp Remote Desktop medusa -M rdp -h 192.168.1.100 -u admin -P pass.txt
vnc VNC medusa -M vnc -h 192.168.1.100 -P pass.txt
pop3 POP3 Mail medusa -M pop3 -h mail.example.com -U users.txt -P pass.txt
imap IMAP Mail medusa -M imap -h mail.example.com -U users.txt -P pass.txt
smtp SMTP Mail medusa -M smtp -h mail.example.com -U users.txt -P pass.txt
telnet Telnet medusa -M telnet -h 192.168.1.100 -u admin -P pass.txt
web-form Web Login Forms See below

SSH Brute Force

medusa -h 192.168.1.100 -u root -P /usr/share/wordlists/rockyou.txt -M ssh -t 4

# With username list
medusa -h 192.168.1.100 -U users.txt -P passwords.txt -M ssh

FTP Brute Force

medusa -h 192.168.1.100 -u ftpuser -P passwords.txt -M ftp -t 5

# Local FTP (use 127.0.0.1 to force IPv4)
medusa -h 127.0.0.1 -u ftpuser -P passwords.txt -M ftp

HTTP Basic Auth

medusa -h www.example.com -U users.txt -P passwords.txt -M http -m GET

Web Form Brute Force

medusa -h www.example.com -U users.txt -P passwords.txt -M web-form \
       -m FORM:"username=^USER^&password=^PASS^:F=Invalid"

Multiple Targets

medusa -H targets.txt -u admin -P passwords.txt -M ssh -t 4

Check Empty/Default Passwords

# -e n = try empty password
# -e s = try password same as username
# -e ns = try both
medusa -h 192.168.1.100 -U users.txt -e ns -M ssh

Non-Standard Port

medusa -h 192.168.1.100 -n 2222 -u root -P passwords.txt -M ssh