Releases: jmk-foofus/medusa
Medusa 2.3 (Release Candidate 1)
Medusa 2.3 will be the first release in nearly nine years. While there are no major changes to the core of the application, it does include many bug-fixes throughout the code base and numerous incremental improvements. The biggest application-wide update is a migration to OpenSSL 3.x and removal of deprecated function calls.
The SMBNT module now supports SMBv2/3 and SMB signing! This is accomplished using the libsmb2 library. It still natively handles SMBv1, but will auto-detect if the target requires v2+ and use the appropriate protocol. The module and all options continue to work as before, including pass-the-hash support. The libsmb2 library is not currently in Debian-based distributions, but I've created a package and it is going through the review process.
Medusa 2.2 Released!
Medusa 2.2 is the first release in over three years. While there are no major changes to the core of the application, it does include many bug-fixes throughout the code base and numerous incremental improvements. The following significant module updates are also included:
HTTP. The module now supports NTLM2 session responses and allows for the inclusion of custom headers. In addition, it can report the target host's default domain when using NTLM authentication.
RDP. This is a new module and uses the FreeRDP library to test RDP (Terminal Services) on Microsoft Windows 2008/7 and later hosts. It also supports pass-the-hash testing depending on the version of FreeRDP installed. It is recommended that if you are using the RDP module, it be built against a current version of FreeRDP. The FreeRDP-Nightly site provides binaries for several platforms and can be installed side-by-side with the released version. Medusa will detect and use the nightly version during its build process.
SMB. The module now includes a check of the ADMIN$ default share. The purpose of this is to test whether the valid credentials have administrative or user-level access to the host.
SMTP-VRFY. The module now supports EXPN and RCPT bruting.
SSH. The module should now be stable on OS X due to several bug fixes with thread safety.
See doc/medusa.html for Medusa documentation. For additional information:
http://foofus.net/?page_id=51
http://foofus.net/goons/jmk/medusa/medusa.html
Please feel free to send me questions, bug reports, or patches directly or through the foofus-tools mailing list.
Enjoy!
Joe
Medusa 2.2 (Release Candidate 3)
Changes between rc2 and rc3:
- Detect FreeRDP-Nightly installation. It is recommended that if you are using the RDP module, it be built against a current version of FreeRDP. The FreeRDP-Nightly site provides binaries for several platforms and can be installed side-by-side with the released version. Medusa will detect and use the nightly version during its build process.
- Disable NTLMv2 mode in SMBNT module. The default LMv2 mode should handle all systems that require NTLMv2 and not impact any password guessing efforts. LMv2 is basically a compact version of NTLMv2.
Medusa 2.2 (Release Candidate 2)
Changes between rc1 and rc2:
- Improved FreeRDP library detection within autoconf.
Medusa 2.2 (Release Candidate 1)
Medusa 2.2 will be the first release in over three years. While there are no major changes to the core of the application, it does include many bug-fixes throughout the code base and numerous incremental improvements. The following significant module updates are also included:
HTTP. The module now supports NTLM2 session responses and allows for the inclusion of custom headers. In addition, it can report the target host's default domain when using NTLM authentication.
RDP. This is a new module and uses the FreeRDP library to test RDP (Terminal Services) on Microsoft Windows 2008/7 and later hosts. It also supports pass-the-hash testing depending on the version of FreeRDP installed.
SMB. The module now includes a check of the ADMIN$ default share. The purpose of this is to test whether the valid credentials have administrative or user-level access to the host.
SMTP-VRFY. The module now supports EXPN and RCPT bruting.
SSH. The module should now be stable on OS X due to several bug fixes with thread safety.