Medusa

Medusa is a fast, parallel, and modular login brute-forcer. It is designed to be a speedy tool for testing authentication credentials against multiple hosts, users, and passwords simultaneously. Its modular design allows it to support many different network services.

Basic Usage

The general syntax for Medusa is as follows:

medusa [-h host|-H file] [-u username|-U file] [-p password|-P file] [-C file] -M module [OPT]

SSH Brute-Force

This command uses the ssh module to attempt to find the correct password for the admin user from a password list.

medusa -h 192.168.1.100 -u admin -P passwords.txt -M ssh

RDP Brute-Force

To target the Remote Desktop Protocol (RDP), use the rdp module. This example attempts to find the password for the admin user on the specified host.

medusa -h 192.168.1.100 -u admin -P passwords.txt -M rdp

HTTP Basic Authentication

The http module can be used to brute-force web server logins that use Basic Authentication. This command uses a list of usernames and a list of passwords.

medusa -h www.example.com -U users.txt -P passwords.txt -M http -m GET

Stop on First Success

The -f flag instructs Medusa to stop the attack as soon as it finds the first valid set of credentials. This is useful for saving time when you only need one point of access.

medusa -h 192.168.1.100 -u admin -P passwords.txt -M ssh -f

Tags

medusa

Notes

Some of this writeup is revised by AI. My own writing can be a bit clunky, so I get it to review certain parts to make things flow better and be a bit easier to read.

If you liked this content, please give me a respect on my Hack The Box profile. I'd be happy to hear I've helped you.

If anything here isn't clear, check out the cookbook. If you can't find the answer or need further clarification, please contact me at my e-mail.

Last updated: 2025-10-26