Medusa (Medusa) using brute force
I. Introduction
medusa (Medusa) is a fast, massively parallel, modular, blasting landing, you can simultaneously perform strength tests on multiple hosts, users or passwords, medusa and hydra as belonging to the same line cracking tools, different yes, medusa stability is much better compared to the hydra hydra some support but fewer modules relative.
Second, the parameter syntax
medusha [-h host host or host file -H file] [-u username user name or user name dictionary -U file] [-p password password or password dictionary -P file] [-C file combination condition file] -M modudle [opt] module performs mingc
-h host name or IP address of the target
-H target host name or IP address of the file
-u user name test
-U user name contains a test file
-p test user name and password
-P file contains a test user name and password
-C combination condition file
-O log file
-e [n / s / ns] n representative of a blank password, s representatives password identical to the username
-M module performs mingc
-m pass parameters to the module
-d displays all module names
-n non-default TCP port
-s Enable ssl
-r retry time, a default three seconds
-t set the number of threads
Third, the basic operation
1, single blast, specifying the user name service, do not know the password to specify the password dictionary crack
medusa -M ssh -u admin -p password.txt -h 192.168.20.128
2, a number of blasting, specify a user name, password dictionary for blasting SSH service
medusa -M ssh -U user.txt -P password -h 192.168.20.128
3, blasting account passwords are dictionary look, the greater the dictionary, the more data to speed up some speed blasting can use the -t parameter settings at high concurrent threads
medusa -M ssh -U user.txt -P password -h 192.168.20.128 -t 20
Like Hydra Medusa is a tool commonly used blasting password, simple and practical, very helpful to penetration testing
Finish