Parallel network login auditor Medusa 1.5 is out

Medusa 1.5 is now available. This release includes multiple bug fixes, several new modules and additional module functionality.

Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. It currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.

Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing has been done on other platforms/distributions (OpenBSD, Debian, Ubuntu, Darwin, Mac OS X, Solaris).

Medusa core updates

  • Provides additional information about current account check (e.g. 172.22.110.58 (60 of 104, 51 complete))
  • Support for simple resume by host.
  • Bug fix for “-e” option
  • Bug fix for displaying hostname vs. IP
  • Added function for printing a specified length of binary data in hex.

Module updates

  • AFP: Added new module for Apple Filing Protocol from pmonkey
  • HTTP: NTLM auth bug fix, digest authentication support (MD5 and MD5-sess)
  • IMAP: STARTTLS extension support, NTLM support
  • MYSQL: Misc. bug fixes
  • POP3: STARTTLS extension support, better handling of connections dropped by remote server, support user-supplied domain names, LOGIN, PLAIN, and NTLM support
  • SMBNT: Created framework for different authentication levels, support for basic LM authentication to allow for case insensitive bruting, NTLMv2/LMv2 support (Vista bruting), fix for guest user check, support for “DOMAINUSER” and “DOMAINUSER” style names
  • SMTP: renamed SMTP-AUTH to SMTP, NTLM support
  • SMTP-VRFY: misc. bug fixes
  • SSH: Honor number of user specified retries, restart connection when server fails to respond with auth modes after several attempts
  • TELNET: Basic AS/400 Telnet / TN5250 support, log hosts supplying only a password prompt (non-AAA)
  • VMAUTHD: Misc. bug fixes
  • WEB-FORM: Misc. bug fixes for user-supplied FORM-DATA value
  • Misc. updates: Added ZSH Functions file, pdated Medusa ebuild version and added new module dependencies.

Medusa 1.5 is available for download here.

Don't miss