Medusa Parallel Network Login Auditor :: Feature Comparison

JoMo-Kun / jmk "AT" foofus "DOT" net

Here's a quick comparison of Hydra and Medusa. This is based on my understanding of Hydra 5.0 and Medusa 1.4. It should be noted that even if a particular item is checked, it does not necessarily mean it works correctly. I have not used Hydra in a number of years. If newer versions have addressed some of the known issues or added new functionality that should be reflected here, please let me know.

Area Feature Hydra Medusa

* License HYDRA GPL-2

Bugs &radic &radic

Core Parallel Method fork() pthread

Service Design Built-in Modular

Speed ? ?

Generic Wrapper Module &radic

CVS Broken - infinite loop &radic

FTP FTP &radic &radic

Explicit FTPS (AUTH TLS Mode as defined in RFC 4217) &radic

Implicit FTPS (FTP over SSL (990/tcp) &radic

HTTP Basic Auth Broken - Base64 incorrect for some passwords &radic

NTLM Auth (Windows Integrated) &radic

HTTP Proxy &radic

ICQ &radic

IMAP Method AUTH-LOGIN Support &radic &radic

Method AUTH-PLAIN Support &radic

LDAP &radic

Microsoft SQL &radic &radic

MySQL Pre-4.1 Authentication &radic &radic

Pre-4.1 Hash Passing &radic

4.1 Authentication &radic

NCP (NetWare) &radic (ncpfs)

NNTP &radic (Original AUTHINFO) &radic (Original AUTHINFO)

Oracle Database Non-Functional &radic (via Wrapper script)

Listener Non-Functional

PcAnywhere Supported Encryption Level None None

Supported Authenication Mode(s) Native PCA Native PCA, ADS, NT, Windows

PCNFS &radic

POP3 &radic &radic

PostgreSQL &radic &radic

REXEC &radic &radic

RLOGIN .rhost Support &radic

Password Support &radic &radic

RSH &radic &radic

SAPR3 &radic

SIP &radic

SMB (Microsoft Windows/Samba) NetBIOS Mode &radic &radic

W2K Native Mode Broken &radic

Hash Passing Broken &radic

SMTP AUTH &radic &radic

AUTH with TLS &radic

VRFY &radic

SNMP &radic (overwrites sysName with "HYDRA") &radic (significantly faster design)

SOCKS5 &radic

SSHv2 &radic (libssh) &radic (libssh2)

SVN &radic &radic

TeamSpeak &radic

Telnet Generic Telnet &radic &radic
Cisco (AAA/non-AAA) &radic &radic

Cisco enable password &radic

VNC Password-less/Password-only Support &radic &radic

Anti-Brute Force Slowdown Support &radic

Username/Password Support

VmWare Authentication Daemon Non-SSL Authentication &radic &radic

SSL Authentication &radic

Web Form Module &radic

Medusa Documentation

Area	Feature	Hydra	Medusa
*	License	HYDRA	GPL-2
*	Bugs	&radic	&radic
Core	Parallel Method	fork()	pthread
	Service Design	Built-in	Modular
	Speed	?	?
Generic Wrapper Module			&radic
CVS		Broken - infinite loop	&radic
FTP	FTP	&radic	&radic
	Explicit FTPS (AUTH TLS Mode as defined in RFC 4217)		&radic
	Implicit FTPS (FTP over SSL (990/tcp)		&radic
HTTP	Basic Auth	Broken - Base64 incorrect for some passwords	&radic
	NTLM Auth (Windows Integrated)		&radic
	HTTP Proxy	&radic
ICQ		&radic
IMAP	Method AUTH-LOGIN Support	&radic	&radic
IMAP	Method AUTH-PLAIN Support		&radic
LDAP		&radic
Microsoft SQL		&radic	&radic
MySQL	Pre-4.1 Authentication	&radic	&radic
	Pre-4.1 Hash Passing		&radic
	4.1 Authentication		&radic
NCP (NetWare)			&radic (ncpfs)
NNTP		&radic (Original AUTHINFO)	&radic (Original AUTHINFO)
Oracle	Database	Non-Functional	&radic (via Wrapper script)
Oracle	Listener	Non-Functional
PcAnywhere	Supported Encryption Level	None	None
PcAnywhere	Supported Authenication Mode(s)	Native PCA	Native PCA, ADS, NT, Windows
PCNFS		&radic
POP3		&radic	&radic
PostgreSQL		&radic	&radic
REXEC		&radic	&radic
RLOGIN	.rhost Support		&radic
RLOGIN	Password Support	&radic	&radic
RSH		&radic	&radic
SAPR3		&radic
SIP		&radic
SMB (Microsoft Windows/Samba)	NetBIOS Mode	&radic	&radic
	W2K Native Mode	Broken	&radic
	Hash Passing	Broken	&radic
SMTP	AUTH	&radic	&radic
	AUTH with TLS		&radic
	VRFY		&radic
SNMP		&radic (overwrites sysName with "HYDRA")	&radic (significantly faster design)
SOCKS5		&radic
SSHv2		&radic (libssh)	&radic (libssh2)
SVN		&radic	&radic
TeamSpeak		&radic
Telnet	Generic Telnet	&radic	&radic
	Cisco (AAA/non-AAA)	&radic	&radic
	Cisco enable password	&radic
VNC	Password-less/Password-only Support	&radic	&radic
	Anti-Brute Force Slowdown Support		&radic
	Username/Password Support
VmWare Authentication Daemon	Non-SSL Authentication	&radic	&radic
VmWare Authentication Daemon	SSL Authentication		&radic
Web Form Module			&radic