Navigation



Medusa 1.4 – Parallel Password Cracker Released for Download

Last updated: September 9, 2015 | 83,953 views

The New Acunetix V12 Engine


It’s been a long time coming but here it is, after almost a year (Remember Medusa 1.3?) finally version 1.4 is here!

Version 1.4 of Medusa is now available for public download!

What is Medusa? Medusa is a speedy, massively parallel, modular, login brute-forcer for network services created by the geeks at Foofus.net.

The Key Features are as follows:

  • Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
  • Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
  • Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.

It currently has modules for the following services:

  • CVS
  • FTP
  • HTTP
  • IMAP
  • MS-SQL
  • MySQL
  • NCP (NetWare)
  • NNTP
  • PcAnywhere
  • POP3
  • PostgreSQL
  • rexec
  • rlogin
  • rsh
  • SMB
  • SMTP (AUTH/VRFY)
  • SNMP
  • SSHv2
  • SVN
  • Telnet
  • VmAuthd
  • VNC

It also includes a basic web form module and a generic wrapper module for external scripts.

While Medusa was designed to serve the same purpose as THC-Hydra, there are several significant differences. For a brief comparison, see here.

It’s been over a year since version 1.3 was released and there has been a bunch of changes. This release includes multiple bug fixes, several new modules and additional module functionality. A somewhat detailed report is available here

You can download Medusa 1.4 here:

medusa-1.4.tar.gz

Or read more here.

Share6
Tweet
+13
Share
9 Shares
Posted in: Hacking Tools, Password Cracking

, , , ,


Latest Posts:


testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
October 20, 2018 - 124 Shares
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
October 17, 2018 - 66 Shares
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
October 15, 2018 - 119 Shares
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.
October 11, 2018 - 99 Shares
HTTrack - Website Downloader Copier & Site Ripper Download HTTrack – Website Downloader Copier & Site Ripper Download
HTTrack is a free and easy-to-use offline browser utility which acts as a website downloader and a site ripper for copying websites and downloading them for offline viewing.
October 8, 2018 - 152 Shares
sshLooter - Script To Steal SSH Passwords sshLooter – Script To Steal SSH Passwords
sshLooter is a Python script using a PAM module to steal SSH passwords by logging the password and notifying the admin of the script via Telegram when a user logs in.
October 4, 2018 - 144 Shares


11 Responses to Medusa 1.4 – Parallel Password Cracker Released for Download

  1. Goodpeople November 16, 2007 at 12:50 pm #

    You can’t have enough threads while brute-forcing passwords.

    Someone should put it to the test and benchmark it against Cain and Abel and John the Ripper. After all, that are the leading tools

  2. q1w2e3r4 November 16, 2007 at 2:55 pm #

    Tested it, runs pretty stable. If ran on cygwin, the threaded mode seems to be limited by the half-open connection limit. I also still miss a proxylist support. Besides that, its a pretty good bruteforcer :)

  3. dirty November 16, 2007 at 7:54 pm #

    I think this is meant more to be compared with THC Hydra rather than John or Cain.

  4. dirty November 16, 2007 at 10:53 pm #

    This is unrelated but wanted to share with everyone that OWASP LiveCD (LabRat) v2.1 is available and testers are needed. http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

    Anyway, just wanted to share with everyone…enjoy

  5. Goodpeople November 18, 2007 at 11:15 am #

    @dirty

    Downloading….

  6. noob#1 February 28, 2008 at 6:01 am #

    Can someone tell me how to compile it properly?
    I am trying to do this using a Knoppix Live CD.
    Here is what i get when i give the configure command:

    checking build system type… i686-pc-linux-gnu
    checking host system type… i686-pc-linux-gnu
    checking target system type… i686-pc-linux-gnu
    checking for a BSD-compatible install… /usr/bin/install -c
    checking whether build environment is sane… configure: error: newly created file is older than distributed files!
    Check your system clock

    and this is what i get for the Install command

    ./INSTALL: line 1: Basic: command not found
    ./INSTALL: line 2: ==================: command not found
    ./INSTALL: line 4: These: command not found
    ./INSTALL: command substitution: line 10: unexpected EOF while looking for matching ''
    ./INSTALL: command substitution: line 13: syntax error: unexpected end of file
    ./INSTALL: line 10: bad substitution: no closing "    ” in config.status'
    ./INSTALL: line 11: you: command not found
    ./INSTALL: command substitution: line 17: unexpected EOF while looking for matching
    ./INSTALL: command substitution: line 19: syntax error: unexpected end of file
    ./INSTALL: line 17: bad substitution: no closing “" in configure’
    ./INSTALL: command substitution: line 18: unexpected EOF while looking for matching ''
    ./INSTALL: command substitution: line 20: syntax error: unexpected end of file
    ./INSTALL: command substitution: line 18: unexpected EOF while looking for matching
    ./INSTALL: command substitution: line 19: syntax error: unexpected end of file
    ./INSTALL: command substitution: line 18: unexpected EOF while looking for matching ''
    ./INSTALL: command substitution: line 20: syntax error: unexpected end of file
    ./INSTALL: line 18: bad substitution: no closing "    ” in cd'
    ./INSTALL: command substitution: line 22: unexpected EOF while looking for matching
    ./INSTALL: command substitution: line 23: syntax error: unexpected end of file
    ./INSTALL: line 22: bad substitution: no closing “" in configure’
    ./INSTALL: line 23: messages: command not found
    ./INSTALL: command substitution: line 25: unexpected EOF while looking for matching ''
    ./INSTALL: command substitution: line 28: syntax error: unexpected end of file
    ./INSTALL: command substitution: line 25: unexpected EOF while looking for matching
    ./INSTALL: command substitution: line 32: syntax error: unexpected end of file
    ./INSTALL: line 25: bad substitution: no closing “" in VPATH’
    ./INSTALL: command substitution: line 26: unexpected EOF while looking for matching ''
    ./INSTALL: command substitution: line 27: syntax error: unexpected end of file
    ./INSTALL: line 26: bad substitution: no closing "    ” in VPATH'
    ./INSTALL: line 27: variable,: command not found
    ./INSTALL: line 28: syntax error near unexpected token     in’
    ./INSTALL: line 28: `in the source code directory. After you have installed the package for’

    please email me the solution at baros.hendricks.rox@gmail.com
    thanx in advance

  7. zupakomputer February 28, 2008 at 5:59 pm #

    The first one looks like your system clock is wrong, and it doesn’t like that (though I can’t tell if it won’t let it compile because of that),

    the second one says syntax error, so at a guess it looks like you typed something in wrong, maybe an inverted comma ( one of these ‘ or these ” ) that wasn’t needed or is missing.

  8. noob#1 March 1, 2008 at 8:24 am #

    ok i got rid of the system clock thing but it still gives the second error.
    i have tried to compile using Fedora 8 and Sabayon as well so
    please email me the exact code required to compile it at baros.hendricks.rox@gmail.com
    thanx in advance

  9. noob#1 March 2, 2008 at 5:23 am #

    got it working on my own thanx anyway

  10. zupakomputer March 5, 2008 at 7:04 pm #

    I didn’t know enough to give you any more pointers really; co-incidently this was in today’s class – by any chance did you forget to put the ‘make’ in front of ‘install’?

  11. geek programmer June 13, 2008 at 7:53 pm #

    noob #1 the problem is the time of your system you have to set the correct date and time if you still having problems try to install an ntp server