Medusa Parallel Network Login Auditor :: MySQL

JoMo-Kun / jmk "AT" foofus "DOT" net

The MySQL module tests accounts against the MySQL service.

In addition to normal password brute force attempts, this module supports "pass-the-hash" abilities for older MySQL (pre-4.1) hashes. The older MySQL pre-4.1 authentication scheme is vulnerable to a pass-the-hash authentication attack. Utilizing the old-style hashes gathered from a MySQL database, a user can use Medusa to verify their validity on other servers. A modified MySQL client can also be use to connect to located services directly utilizing a valid hash.

Medusa Documentation