ports/96641: New port: security/medusa, a parallel password cracker

Tue May 2 05:50:15 UTC 2006

>Number:         96641
>Category:       ports
>Synopsis:       New port: security/medusa, a parallel password cracker
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Tue May 02 05:50:13 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     David Thiel
>Release:        FreeBSD 6.0-RELEASE i386
>Organization:
>Environment:
System: FreeBSD redundancy.redundancy.org 6.0-RELEASE FreeBSD 6.0-RELEASE #0: Thu Nov 3 09:36:13 UTC 2005 root at x64.samsco.home:/usr/obj/usr/src/sys/GENERIC i386

>Description:

Medusa is a parallel login bruteforcer - an alternative to THC-hydra(which
last I checked wasn't compiling properly  on FreeBSD in the first place).

>From http://www.foofus.net/jmk/medusa/medusa.html:

Medusa is intended to be a speedy, massively parallel, modular, login
brute-forcer. The goal is to support as many services which allow remote
authentication as possible. The author considers following items as some
of the key features of this application:

* Thread-based parallel testing. Brute-force testing can be performed
against multiple hosts, users or passwords concurrently.

* Flexible user input. Target information (host/user/password) can be
specified in a variety of ways. For example, each item can be either
a single entry or a file containing multiple entries. Additionally, a
combination file format allows the user to refine their target listing.

* Modular design. Each service module exists as an independent .mod
file. This means that no modifications are necessary to the core
application in order to extend the supported list of services for
brute-forcing.

>How-To-Repeat:
>Fix:

# This is a shell archive.  Save it in a file, remove anything before
# this line, and then unpack it by entering "sh file".  Note, it may
# create directories; files and directories will be owned by you and
# have default permissions.
#
# This archive contains:
#
#	medusa
#	medusa/Makefile
#	medusa/distinfo
#	medusa/pkg-descr
#	medusa/pkg-plist
#
echo c - medusa
mkdir -p medusa > /dev/null 2>&1
echo x - medusa/Makefile
sed 's/^X//' >medusa/Makefile << 'END-of-medusa/Makefile'
X# New ports collection makefile for:	medusa
X# Date created:		2006-05-01
X# Whom:			David Thiel <lx at redundancy.redundancy.org>
X#
X# $FreeBSD$
X#
X
XPORTNAME=	medusa
XPORTVERSION=	1.0
XCATEGORIES=	security
XMASTER_SITES=	http://www.foofus.net/jmk/tools/ \
X		http://redundancy.redundancy.org/mirror/
X
XMAINTAINER=	lx at redundancy.redundancy.org
XCOMMENT=	A speedy, massively parallel, modular, login brute-forcer
X
XLIB_DEPENDS=	ssh2:${PORTSDIR}/security/libssh2
X
XGNU_CONFIGURE=	yes
XCONFIGURE_ARGS+=	"--program-transform="
X
XMAN1=		medusa.1
X
X.include <bsd.port.mk>
END-of-medusa/Makefile
echo x - medusa/distinfo
sed 's/^X//' >medusa/distinfo << 'END-of-medusa/distinfo'
XMD5 (medusa-1.0.tar.gz) = cd543b2b6112922cfbdb700b835c4b01
XSHA256 (medusa-1.0.tar.gz) = b2906730580697e495b0d8ef5b2400036e5d7063f23c243e5297415adf68ad36
XSIZE (medusa-1.0.tar.gz) = 227138
END-of-medusa/distinfo
echo x - medusa/pkg-descr
sed 's/^X//' >medusa/pkg-descr << 'END-of-medusa/pkg-descr'
XMedusa is intended to be a speedy, massively parallel, modular, login
Xbrute-forcer. The goal is to support as many services which allow remote
Xauthentication as possible. 
X
XWWW:	http://www.foofus.net/jmk/medusa/medusa.html
END-of-medusa/pkg-descr
echo x - medusa/pkg-plist
sed 's/^X//' >medusa/pkg-plist << 'END-of-medusa/pkg-plist'
X at comment $FreeBSD$
Xbin/medusa
Xlib/medusa/modules/telnet.mod
Xlib/medusa/modules/smbnt.mod
Xlib/medusa/modules/http.mod
Xlib/medusa/modules/ssh.mod
Xlib/medusa/modules/mssql.mod
Xlib/medusa/modules/pop3.mod
Xlib/medusa/modules/mysql.mod
X at dirrm lib/medusa/modules
X at dirrm lib/medusa
END-of-medusa/pkg-plist
exit

>Release-Note:
>Audit-Trail:
>Unformatted: