medusa icon indicating copy to clipboard operation
medusa copied to clipboard

Published 20 hours ago verified publisher icon jmk-foofus

Wrong Password

Open bucky67gto opened this issue 8 years ago • 1 comments

Ran fine the other day found the password about 1/3 of the way through the list. Tried a few more tests today with new targets and always has success and always the first password in the list. It is never the correct password. So I ran the successful attack from the other day and it returned the same non valid password, also the first in the list. thoughts?

medusa -h 10.10.10.111 -u jblow -P pass.txt -M http Medusa v2.2 [http://www.foofus.net] (C) JoMo-Kun / Foofus Networks [email protected]

ACCOUNT CHECK: [http] Host: 10.10.10.111 (1 of 1, 0 complete) User: jblow (1 of 1, 0 complete) Password: and (1 of 35 complete) ACCOUNT FOUND: [http] Host: 10.10.10.111 User: jblow Password: tree [SUCCESS]

bucky67gto avatar Dec 15 '16 14:12 bucky67gto

@bucky67gto Can you provide the debug output -w 99 -v 99

bismark-foofus avatar Jun 21 '17 20:06 bismark-foofus

The HTTP module supports sites that require basic/digest/NTLM authentication. I'm assuming this was a web form of some sort. It's impossible to debug without verbose output (-w 99 -v 99).

jmk-foofus avatar Feb 19 '24 01:02 jmk-foofus