作者: reistlin
来源: http://www.reistlin.com/blog/23
更新时间: 2010.06
版权声明: 原创文章.转载请保留作者信息和原文完整.谢绝任何方式的摘要
1. 安装
安装 libssh2 v1.2.6:
wget http://www.libssh2.org/download/libssh2-1.2.6.tar.gz
tar zxvf libssh2-1.2.6.tar.gz
cd libssh2-1.2.6
./configure
make
make install
安装 medusa v2.0:
wget http://www.foofus.net/jmk/tools/medusa-2.0.tar.gz
tar zxvf medusa-2.0.tar.gz
cd medusa-2.0
./configure --prefix=$HOME/medusa-2.0 --enable-debug=yes --enable-module-afp=yes --enable-module-cvs=yes --enable-module-ftp=yes --enable-module-http=yes --enable-module-imap=yes --enable-module-mssql=yes --enable-module-mysql=yes --enable-module-ncp=yes --enable-module-nntp=yes --enable-module-pcanywhere=yes --enable-module-pop3=yes --enable-module-postgres=yes --enable-module-rexec=yes --enable-module-rlogin=yes --enable-module-rsh=yes --enable-module-smbnt=yes --enable-module-smtp=yes --enable-module-smtp-vrfy=yes --enable-module-snmp=yes --enable-module-ssh=yes --enable-module-svn=yes --enable-module-telnet=yes --enable-module-vmauthd=yes --enable-module-vnc=yes --enable-module-wrapper=yes --enable-module-web-form=yes
make
make install
2. 检查
检查 medusa v2.0 module 模块
secure:/home/reistlin/medusa-2.0/bin# ./medusa -d
Medusa v2.0 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks <jmk@foofus.net>
Available modules in "." :
Available modules in "/home/reistlin/medusa-2.0/lib/medusa/modules" :
+ cvs.mod : Brute force module for CVS sessions : version 2.0
+ ftp.mod : Brute force module for FTP/FTPS sessions : version 2.0
+ imap.mod : Brute force module for IMAP sessions : version 2.0
+ mysql.mod : Brute force module for MySQL sessions : version 2.0
+ nntp.mod : Brute force module for NNTP sessions : version 2.0
+ pcanywhere.mod : Brute force module for PcAnywhere sessions : version 2.0
+ pop3.mod : Brute force module for POP3 sessions : version 2.0
+ rexec.mod : Brute force module for REXEC sessions : version 2.0
+ rlogin.mod : Brute force module for RLOGIN sessions : version 2.0
+ rsh.mod : Brute force module for RSH sessions : version 2.0
+ smtp-vrfy.mod : Brute force module for enumerating accounts via SMTP VRFY : version 2.0
+ smtp.mod : Brute force module for SMTP Authentication with TLS : version 2.0
+ snmp.mod : Brute force module for SNMP Community Strings : version 2.0
+ ssh.mod : Brute force module for SSH v2 sessions : version 2.0
+ telnet.mod : Brute force module for telnet sessions : version 2.0
+ vmauthd.mod : Brute force module for the VMware Authentication Daemon : version 2.0
+ vnc.mod : Brute force module for VNC sessions : version 2.0
+ wrapper.mod : Generic Wrapper Module : version 2.0
3. 关于Debian 5.0 Medusa v1.4 SSH BUG
Debian 5.0 Medusa v1.4 Install:
Medusa v1.4 SSH.mod BUG:
IMPORTANT: Couldn't load "SSH" [/usr/lib/medusa/modules/SSH.mod: cannot open shared object file: No such file or directory]. Place the module in the medusa directory, set the MEDUSA_MODULE_NAME environment variable or run the configure script again using --with-default-mod-path=[path].
invokeModule failed - see previous errors for an explanation