Medusa: Password cracking is EASY !!! Full tutorial | Updated 2024

Introduction

In this post, you will learn what is medusa and how does the tool work and also you will learn all the command of the medusa tool and below is the video format of the post, Check it out ????

Video

What is medusa❓

Medusa is a password cracking tool. This is one of my favourite password cracking tools.

Medusa tool is open-source and it is very easy to use this tool. The user should know only three commands to do a password attack using medusa the three commands are the target, username and password.

The goal is to support as many services which allow remote authentication as possible. Interestingly the medusa tool has got modules in it and you can specify which service to brut-force.

Advertisement

What all the medusa tool can do

  1. Thread-based parallel testing.
  2. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
  3. Flexible user input.
  4. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
  5. Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.
  6. Multiple protocols supported. Many services are currently supported (e.g. SMB, HTTP, POP3,  MS-SQL, SSHv2, among others)

Useful commands in medusa tool

  1. -h [TEXT] : Target hostname or IP address
  2. -H [FILE]: File containing target hostnames or IP addresses
  3. -u [TEXT] : Username to test
  4. -U [FILE]: File containing usernames to test
  5. -p [TEXT] : Password to test
  6. -P [FILE]: File containing passwords to test
  7. -C [FILE]: File containing combo entries. See README for more information.
  8. -O [FILE]: File to append log information to
  9. -e [n/s/ns] : Additional password checks ([n] No Password, [s] Password = Username)
  10. -M [TEXT]: Name of the module to execute (without the .mod extension)
  11. -m [TEXT]: Parameter to pass to the module. This can be passed multiple times with a
  12. -d: Dump all known modules
  13. -n [NUM] : Use for non-default TCP port number
  14. -s: Enable SSL
  15. -g [NUM]: Give up after trying to connect for NUM seconds (default 3)
  16. -r [NUM] : Sleep NUM seconds between retry attempts (default 3)
  17. -R [NUM]: Attempt NUM retries before giving up. The total number of attempts will be NUM + 1.
  18. -c [NUM]: Time to wait in use to verify socket is available (default 500 uses).
  19. -t [NUM]: Total number of logins to be tested concurrently
  20. -T [NUM]: Total number of hosts to be tested concurrently
  21. -L: Parallelize logins using one username per thread. The default is to process
  22. -f: Stop scanning host after first valid username/password found.
  23. -F: Stop audit after first valid username/password found on any host.
  24. -b: Suppress startup banner
  25. -q: Display module’s usage information
  26. -v [NUM] : Verbose level [0 – 6 (more)]
  27. -w [NUM] : Error debug level [0 – 10 (more)]
  28. -V: Display version
  29. -Z [TEXT]: Resume scan based on a map of the previous scan

Advertisement

How to work with medusa

Just follow the below examples and I am sure by end of the example you will be familiar with the tool. Concentrate carefully, If you have any doubt comment down below or watch the video I made.

Example1, Password craking using specific username & password

To crack the password using a specific username and password just enter the below command. For this method, you can try only one specific username with one specific password.

medusa -h 192.168.1.37 -u msfadmin -p msfadmin -M ftp

-h: Target (You can also enter IP or Domain name)

-u: Specific username command

-p: Specific password command

-M: Module (You can enter the service you are going to do password cracking)

Medusa

Example2, Cracking random username & password

Now, let’s crack random usernames and passwords. So, that we are using the capital -U and -P command

medusa -h 192.168.1.37 -U user1.txt -P pass1.txt -M ftp

-h: Target

-U: Random username (Specify the file)

-P: Random password list(Specify the file)

-M: Module

Medusa

Example3, Bruteforcing on multiple host

To brute force on multiple hosts, Create a file and add the target hosts. Below is the command to do brute force on multiple hosts.

medusa -H host1.txt -U user1.txt -P pass1.txt -M ftp

Medusa

Advertisement

Example4, Brute force on specific port

To brute-force on a specific port just use the -n command like this ????????

medusa -h 192.168.1.37 -u msfadmin -p msfadmin -M ssh -n 22

-h: Target

-u: Username

-p: Password

-M: Module

-n: port

Medusa

Exmple5, Saving every login attempts in log file

Saving login attempts in a log file is great. So, that you can view the logs anytime.

medusa -h 192.168.1.37 -u msfadmin -p msfadmin -M ssh -n 22 -O log.txt

-O: logfile command

Medusa

Example6, Verbose

The verbose mode in medusa gives deep detail on what is happening and the verbose level is from level 0 to level 6
medusa -H target -U user.txt -P pass.txt -M ftp -v 2
medusa -H target -U user.txt -P pass.txt -M ftp -v 6

Medusa

Conclusion

In summary, medusa is a great tool and I use this tool very often and I suggest you use this tool.

An alternative for the medusa tool is john the ripper, hash cat and many tools are out there. Do check out our password cracking menu and learn everything about password cracking.

Advertisement


Also Read: Password cracking using the twofi tool

Also Read: Cewl password generating tool is really great