medusa 命令

常用示例

说明

medusa is a fast, parallel, modular login brute-forcer for network services. It is designed to perform rapid credential testing against multiple hosts, users, or passwords concurrently using a thread-based architecture. Each service is supported through independent modules (.mod files), allowing the tool to be extended without modifying the core application. Supported protocols include SSH, FTP, HTTP, IMAP, SMB, MySQL, PostgreSQL, Telnet, VNC, and many others. Medusa can test credentials from files, combo lists, or command-line arguments. It supports SSL connections, custom ports, and can save valid credentials to a log file. The resume feature allows interrupted scans to continue from where they stopped.

参数

-h _HOST_

Target hostname or IP address

-H _FILE_

File containing target hosts

-u _USER_

Username to test

-U _FILE_

File containing usernames

-p _PASS_

Password to test

-P _FILE_

File containing passwords

-C _FILE_

Combo file (host:user:password format)

-M _MODULE_

Authentication module (ssh, ftp, http, smb, telnet, etc.)

-m _PARAM_

Module-specific parameters

-n _PORT_

Non-default port number

-s

Enable SSL

-t _NUM_

Total number of logins to test concurrently.

-T _NUM_

Concurrent hosts to test

-L

Parallelize logins per username

-f

Stop after first valid credential per host

-F

Stop after first valid credential overall

-e _n/s/ns_

Additional checks: n=no password, s=password equals username

-g _SECS_

Give up after NUM seconds attempting connection (default: 3).

-r _SECS_

Sleep NUM seconds between retry attempts (default: 3).

-R _NUM_

Attempt NUM retries before giving up.

-c _USEC_

Time in microseconds to wait during socket test.

-O _FILE_

Append log of valid credentials to file.

-v _NUM_

Verbose level (0-6, default: 5).

-w _NUM_

Error debug level (0-10, default: 5).