Parallel network login auditor Medusa 1.5 is out
Medusa 1.5 is now available. This release includes multiple bug fixes, several new modules and additional module functionality.
Medusa is a speedy, massively parallel, modular, login brute-forcer for network services. It currently has modules for the following services: AFP, CVS, FTP, HTTP, IMAP, MS-SQL, MySQL, NCP (NetWare), NNTP, PcAnywhere, POP3, PostgreSQL, rexec, rlogin, rsh, SMB, SMTP (AUTH/VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC. It also includes a basic web form module and a generic wrapper module for external scripts.
Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing has been done on other platforms/distributions (OpenBSD, Debian, Ubuntu, Darwin, Mac OS X, Solaris).
Medusa core updates
- Provides additional information about current account check (e.g. 172.22.110.58 (60 of 104, 51 complete))
- Support for simple resume by host.
- Bug fix for “-e” option
- Bug fix for displaying hostname vs. IP
- Added function for printing a specified length of binary data in hex.
Module updates
- AFP: Added new module for Apple Filing Protocol from pmonkey
- HTTP: NTLM auth bug fix, digest authentication support (MD5 and MD5-sess)
- IMAP: STARTTLS extension support, NTLM support
- MYSQL: Misc. bug fixes
- POP3: STARTTLS extension support, better handling of connections dropped by remote server, support user-supplied domain names, LOGIN, PLAIN, and NTLM support
- SMBNT: Created framework for different authentication levels, support for basic LM authentication to allow for case insensitive bruting, NTLMv2/LMv2 support (Vista bruting), fix for guest user check, support for “DOMAINUSER” and “DOMAINUSER” style names
- SMTP: renamed SMTP-AUTH to SMTP, NTLM support
- SMTP-VRFY: misc. bug fixes
- SSH: Honor number of user specified retries, restart connection when server fails to respond with auth modes after several attempts
- TELNET: Basic AS/400 Telnet / TN5250 support, log hosts supplying only a password prompt (non-AAA)
- VMAUTHD: Misc. bug fixes
- WEB-FORM: Misc. bug fixes for user-supplied FORM-DATA value
- Misc. updates: Added ZSH Functions file, pdated Medusa ebuild version and added new module dependencies.
Medusa 1.5 is available for download here.