Europe between past and future

May 16, 2014

OpNewblood Connect to a network router with Medusa

CyberGuerrilla soApboX

OpNewblood Connect to a network router with Medusa 

Medusa is a command-line only tool, so using this open source software is a matter of building up an instruction from the command line. Let’s imagine we want Medusa to connect to a network router at IP address using the default username “admin”, to test how easy it would be to find the password. To do this, we will use the wordlist hugewordlist.txt . Since we know that the router administrator has a dog called Fido and two children called Alice and Bob, it’s worth adding these names to the beginning of the hugewordlist.txt textfile, along with the company name, and other site specific words…


apt-get install medusa

type medusa

Screenshot from 2014-05-12 19:20:02

type: medusa -d it will show you the modules available.

Screenshot from 2014-05-12 19:22:07

To use Medusa, the following must be specified:

The host “″ to connect to, using the -h switch
The user name “admin” to connect with, using the -u switch
The name of the textfile containing the list of passwords to try, using the -P switch
The module to use for the service we are contacting (in this case http) using the -M switch
So the command we must use is:

medusa -h -u “admin” -P ‘/home/unkn0wn/Downloads/hak5.txt’ -M http

Replace ‘/home/unkn0wn/Downloads/hak5.txt’ with where you put the wordlist. if you don’t understand just drag and drop the wordlist to your terminal it will say it.

Screenshot from 2014-05-12 19:31:17

(remember when it comes to brute forcing the only thing is if the password isn’t listed in the wordlist than you just lost 9hrs on that list you used. Brute Forcing is not a for sure way.)


No comments:

Post a Comment