Help Net Security
Help Net Security

Parallel network login auditor Medusa 1.5 is out

Medusa 1.5 is now available. This release includes multiple bug fixes, several new modules and additional module functionality.

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. It currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.

Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing has been done on other platforms/distributions (OpenBSD, Debian, Ubuntu, Darwin, Mac OS X, Solaris).

Medusa core updates

  • Provides additional information about current account check (e.g. 172.22.110.58 (60 of 104, 51 complete))
  • Support for simple resume by host.
  • Bug fix for “-e” option
  • Bug fix for displaying hostname vs. IP
  • Added function for printing a specified length of binary data in hex.

Module updates

  • AFP: Added new module for Apple Filing Protocol from pmonkey
  • HTTP: NTLM auth bug fix, digest authentication support (MD5 and MD5-sess)
  • IMAP: STARTTLS extension support, NTLM support
  • MYSQL: Misc. bug fixes
  • POP3: STARTTLS extension support, better handling of connections dropped by remote server, support user-supplied domain names, LOGIN, PLAIN, and NTLM support
  • SMBNT: Created framework for different authentication levels, support for basic LM authentication to allow for case insensitive bruting, NTLMv2/LMv2 support (Vista bruting), fix for guest user check, support for “DOMAINUSER” and “DOMAINUSER” style names
  • SMTP: renamed SMTP-AUTH to SMTP, NTLM support
  • SMTP-VRFY: misc. bug fixes
  • SSH: Honor number of user specified retries, restart connection when server fails to respond with auth modes after several attempts
  • TELNET: Basic AS/400 Telnet / TN5250 support, log hosts supplying only a password prompt (non-AAA)
  • VMAUTHD: Misc. bug fixes
  • WEB-FORM: Misc. bug fixes for user-supplied FORM-DATA value
  • Misc. updates: Added ZSH Functions file, pdated Medusa ebuild version and added new module dependencies.

Medusa 1.5 is available for download here.

Featured news

Sponsored

Don't miss