Medusa Parallel Network Login Auditor

JoMo-Kun / jmk "AT" foofus "DOT" net

What?

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:

Why?

Why create Medusa? Isn't this the same thing as THC-Hydra? Here are some of the reasons for this application:


For a quick comparison of Medusa, Ncrack, and THC-Hydra see: medusa-compare.html

How?

How do I use this thing? Simply running "medusa" without any options will dump all the parameters it accepts along with their respective description. Here are several example uses:

Module specific details:

Where?

medusa-2.2.tar.gz
Medusa-gui (Java-based GUI developed by tak and bigmoneyhat)

Install Instructions:

General

The majority of Medusa was written and tested on Linux/Gentoo-based systems. While it has been known to work on variety of operating systems, it is quite possible there may be issues that crop up only on non-Gentoo devices. Of course, there are issues that will probably also show up on Gentoo that have so far been missed...

Medusa should be fairly straight-forward to build: "./configure; make; make install". However, this may result in a somewhat limited installation. To take full advantage of all the brute-forcing goodness that Medusa has to offer, several dependencies must be satisfied. The following table lists out the modules which have additional dependencies. In order for the modules to function, the appropriate header files must be installed on the system when the modules themselves are compiled. Additional module specific information is included within the documentation for each module.

Dependency Homepage Module Notes
OpenSSL http://www.openssl.org HTTP, MSSQL, SMBNT, SSL-based connections
LibSSH2 http://www.libssh2.org SSH LibSSH2 patch provided to address timing issue. Issue appears to be addressed in 0.18.
NCPFS ftp://platan.vc.cvut.cz/pub/linux/ncpfs NCP Use "make install-dev" to install header files.
LibPQ http://www.postgresql.org PostgreSQL
Subversion http://subversion.tigris.org SVN
afpfs-ng http://alexthepuffin.googlepages.com/home AFP Header files may need to be manually installed. Autoconf currently assumes install base of /usr (e.g. /usr/include/afpfs-ng)

It should also be noted that, by default, not all of the modules are built. Incomplete modules or modules which have not been sufficiently tested may be disabled. The "configure" output should identify which modules it will attempt to build. To enable non-default modules, use the "--enable-module-MODULE_NAME" configure option.

Linux/Gentoo

At this time Medusa is not available within Portage. An ebuild for Medusa has been submitted to bugs.gentoo.org, but has not yet made its way into Portage. In the meantime, all of the ebuilds can be used via Portage Overlay. For example, Medusa can be installed via the Gentoo "pentoo" overlay located at trac.pentoo.ch. Additionally, the ebuilds have been included and can also be manually installed.

The following ebuilds have been included within this distribution:

Some basic Portage Overlay instructions:

Other Systems

Medusa has been built and basic tests performed on a variety of default system installations. The following tables includes some notes from these tests.

Operating System Distro/Version Notes
Linux CentOS 7.1 (64-bit) Installed: "Development Tools", openssl-devel, libssh2-devel, postgresql-devel, subversion-devel, freerdp-devel
Debian Stretch (64-bit) Installed: build-essential, libgnutls28-dev, libssl-dev, libpq5, libpq-dev, libssh2-1, libssh2-1-dev, libsvn-dev, freerdp, libfreerdp-dev
Fedora 21 Installed: "Development Tools", afpfs-ng-devel, openssl-devel, libssh2-devel, postgresql-devel, subversion-devel, freerdp-devel
Kali 1.1.0 (32-bit) Installed: libafpclient0, libafpclient-dev, libncp, libncp-dev, libpq-dev, libssh2-1-dev, libgcrypt11-dev, libgnutls-dev, libsvn-dev, freerdp-x11, libfreerdp-dev
Kali 2.0 (64-bit) Installed: automake, libssl-dev, libpq-dev, libssh2-1-dev, libgcrypt11-dev, libgnutls28-dev, libsvn-dev, freerdp-x11, libfreerdp-dev
Mint 17 Installed: build-essential, libssl-dev, libpq5, libpq-dev, libssh2-1, libssh2-1-dev, libgcrypt11-dev, libgnutls-dev, libsvn-dev, freerdp, libfreerdp-dev
openSUSE 11.2 Installed: patterns-openSUSE-devel_C_C++, ncpfs-devel, libssh2-devel, postgresql-devel, subversion-devel
Ubuntu 14.04 Installed: build-essential, libssl-dev, libpq5, libpq-dev, libssh2-1, libssh2-1-dev, libgcrypt11-dev, libgnutls-dev, libsvn-dev, freerdp, libfreerdp-dev
SunOS Solaris 11 x86 Installed: developer-gnu
BSD FreeBSD 7.2 Installed: afpfs-ng, ncpfs, libssh2, postgresql, libpq, libsvn
Mac OS X OS X 10.10 (Yosemite) Installed: Homebrew, XCode, "brew install freerdp --HEAD"
Microsoft Windows Cygwin I have been unable to build the modules under Cygwin. If anyone can figure this out, I'll buy you a beer at the next DefCon.

Who?

This fine piece of buggy software was brought to you by the geeks at Foofus.net. JoMo-Kun was the chief goon and wrote the core of Medusa along with several of the modules. Foofus created the initial design for the loadable modules. Fizzgig provided the networking code, several modules, the loadable module implementation along with also fixing a bunch JoMo-Kun's crappy stuff. pMonkey was a crazy module coding fiend. Last, but certainly not least, Heidi provided the tool's name.

Huh?

If you have questions regarding this application, feel free to contact us. Either send me email directly or join our mailing list foofus-tools. If it breaks, please send a detailed bug report. Even better, send in a patch. I make no claims that this program will do what you want it to. I've been using it during our assessments for years now successfully. Hopefully, others will have similar luck. If you find Medusa useful and want to give something back, please submit new modules, code improvements or just buy any of the Foofus.net goons a beer at the next DefCon.

Joe

© Copyright 2016, Foofus Advanced Security Services
any time. any fucknut.