作者: reistlin
来源: http://www.reistlin.com/blog/23
更新时间: 2010.06
版权声明: 原创文章.转载请保留作者信息和原文完整.谢绝任何方式的摘要

linux.png

1. 安装

安装 libssh2 v1.2.6:

wget http://www.libssh2.org/download/libssh2-1.2.6.tar.gz
tar zxvf libssh2-1.2.6.tar.gz
cd libssh2-1.2.6
./configure 
make
make install

安装 medusa v2.0:

wget http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz
tar zxvf medusa-2.0.tar.gz 
cd medusa-2.0
./configure --prefix=$HOME/medusa-2.0 --enable-debug=yes --enable-module-afp=yes --enable-module-cvs=yes --enable-module-ftp=yes --enable-module-http=yes --enable-module-imap=yes --enable-module-mssql=yes --enable-module-mysql=yes --enable-module-ncp=yes --enable-module-nntp=yes --enable-module-pcanywhere=yes --enable-module-pop3=yes --enable-module-postgres=yes --enable-module-rexec=yes --enable-module-rlogin=yes --enable-module-rsh=yes --enable-module-smbnt=yes --enable-module-smtp=yes --enable-module-smtp-vrfy=yes --enable-module-snmp=yes --enable-module-ssh=yes --enable-module-svn=yes --enable-module-telnet=yes --enable-module-vmauthd=yes --enable-module-vnc=yes --enable-module-wrapper=yes --enable-module-web-form=yes
make
make install

2. 检查

检查 medusa v2.0 module 模块

secure:/home/reistlin/medusa-2.0/bin# ./medusa -d
Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>

  Available modules in "." :

  Available modules in "/home/reistlin/medusa-2.0/lib/medusa/modules" :
    + cvs.mod : Brute force module for CVS sessions : version 2.0
    + ftp.mod : Brute force module for FTP/FTPS sessions : version 2.0
    + imap.mod : Brute force module for IMAP sessions : version 2.0
    + mysql.mod : Brute force module for MySQL sessions : version 2.0
    + nntp.mod : Brute force module for NNTP sessions : version 2.0
    + pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
    + pop3.mod : Brute force module for POP3 sessions : version 2.0
    + rexec.mod : Brute force module for REXEC sessions : version 2.0
    + rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
    + rsh.mod : Brute force module for RSH sessions : version 2.0
    + smtp-vrfy.mod : Brute force module for enumerating accounts via SMTP VRFY : version 2.0
    + smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
    + snmp.mod : Brute force module for SNMP Community Strings : version 2.0
    + ssh.mod : Brute force module for SSH v2 sessions : version 2.0
    + telnet.mod : Brute force module for telnet sessions : version 2.0
    + vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
    + vnc.mod : Brute force module for VNC sessions : version 2.0
    + wrapper.mod : Generic Wrapper Module : version 2.0

3. 关于Debian 5.0 Medusa v1.4 SSH BUG

Debian 5.0 Medusa v1.4 Install:

apt-get install medusa

Medusa v1.4 SSH.mod BUG:

IMPORTANT: Couldn't load "SSH" [/usr/lib/medusa/modules/SSH.mod: cannot open shared object file: No such file or directory]. Place the module in the medusa directory, set the MEDUSA_MODULE_NAME environment variable or run the configure script again using --with-default-mod-path=[path].
invokeModule failed - see previous errors for an explanation

标签: debian, linux