medusa
Medusa is a powerful and versatile command line tool designed for network password cracking. It is primarily used for brute-forcing various services and protocols. With Medusa, users can perform password attacks on protocols such as SSH, Telnet, FTP, HTTP, and many others. This tool allows both single-shot attacks and large-scale password guessing through its flexible multi-threading capabilities. Medusa supports numerous authentication types, including password authentication, key-based authentication, and more. It also includes features like incremental username and password guessing, session saving and resumption, and customizable delay intervals between login attempts. Medusa provides detailed progress monitoring and logging to help users keep track of the password cracking process. Overall, Medusa is a reliable and widely-used command line tool for performing password cracking and security testing on network services.
List of commands for medusa:
-
medusa:tldr:04a74 medusa: Execute a brute force against a MySQL server using a file containing usernames and a hash.$ medusa -M mysql -h host -U ${path-to-username_file} -p ${hash} -m PASS:HASHtry on your machineexplain this command
-
medusa:tldr:18bca medusa: Execute brute force against an FTP server using a file containing usernames and a file containing passwords.$ medusa -M ftp -h host -U ${path-to-username_file} -P ${path-to-password_file}try on your machineexplain this command
-
medusa:tldr:64758 medusa: Execute a login attempt against an HTTP server using the username, password and user-agent specified.$ medusa -M HTTP -h host -u ${username} -p ${password} -m USER-AGENT:"${Agent}"try on your machineexplain this command
-
medusa:tldr:da5cd medusa: Execute a brute force against a list of SMB servers using a username and a pwdump file.$ medusa -M smbnt -H ${path-to-hosts_file} -C ${path-to-pwdump_file} -u ${username} -m PASS:HASHtry on your machineexplain this command