Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.


Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.


Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.


Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Applications, Security

Distributed password cracking with Medussa

Submitted by on May 10, 2006 – 2:43 pm 6 Comments

Medussa is a password cracking application that supports distributed processing. One node acts as the Medussa server and the rest of the nodes are running the client application. The server node, in addition to running decryption, also distributes the workload among all participating nodes. Below is brief installation and configuration manual for running Medussa under Linux.

Downloading Software

You can download Medussa source code from the developer’s site:

Save the medussa-0.8.tar.gz to /opt/medussa

cd /opt/medussa
gzip -d medussa-0.8.tar.gz
tar xvf medussa-0.8.tar.gz
cd /opt/medussa/medussa-0.8

Installing Server

To compile Medussa you will need the current version of gcc compiler. From /opt/medussa/medussa-0.8 do the following:

./make install

Configuring Server

In /opt/medussa/medussa-0.8 create a hidden file called .medussarc. The file should contain the following:

# Basics
verbose 1
adminpassword your_pass
motd Medussa

Set permissions on .medussarc to 700.

Create a file /etc/init.d/medussa with the following contents:

ps -ef | egrep "medussa|tentacle" | egrep -v egrep | awk '{print $2}' | while read PID
        kill -9 $PID
cd /opt/medussa/medussa-0.8/
/usr/local/bin/medussa -d -f .medussarc
/usr/local/bin/tentacle -v0 &

Medussa will only read the .medussarc file from the current working directory, so it’s important to cd to where this file is located rather than provide the full path to the file.

Set permissions:

chmod 755 /etc/init.d/medussa

Run /etc/init.d/medussa This will start Medussa server and a single client thread.

Installing Client

On each client node run the following script to download the source tarball from the server node, untar, compile, install, add startup scripts, and run. Substitute “head_node” and “root_pass” with the name of your Medussa server and the root password on that server.



if [ ! -d $HOMEDIR ]
	mkdir $HOMEDIR
	chmod 700 $HOMEDIR
	echo "Directory $HOMEDIR already exists. Exiting..."
	exit 1

ftp -in $MSERVER < /etc/init.d/tentacle
chmod 755 /etc/init.d/tentacle


Example cracking session

On the Medussa server type mecon to access the Medussa console and enter commands as shown to crack a single Unix password hash.

[root@medussa]# mecon
mecon> o
Implementation 0.8 [i686-pc-linux-gnu], ready and willing
mecon@localhost>admin your_pass
mecon@localhost>add hash username1 unixcrypt vvme8ohnOyMOI
mecon@localhost>add schedule username1 bruteforce poss=abcdefghijklmnopqrstuvwxyz1234567890,maxlen=7
mecon@localhost>show nodes
node                   cps       start time       total time   current slice
medussa2          R 70000    2006/05/10 13:52  0:00:00:01   210000:1210000
medussa3          R 70000    2006/05/10 13:52  0:00:00:01   1210000:2210000
medussa4          R 70000    2006/05/10 13:52  0:00:00:01   2700000:3700000
medussa5          R 70000    2006/05/10 13:52  0:00:00:01   3770000:4770000
medussa6          R 70000    2006/05/10 13:52  0:00:00:01   4770000:5770000
eta: 0:13:49:17
percent: 0.055
totalcps: 1619045
Print Friendly, PDF & Email


  • clash says:

    Hi! Thank you very much for the interesting post! One question: can I use Medussa to crack WPA passwords?

  • Jamal says:

    i need the full program plz

  • slipknot0129 says:

    I have my own domain and shared, hosted server space for it on GoDaddy. I have several static html pages residing there already, and my knowledge with using Dreamweaver (for years) is fine. I want to create a page which can only be viewed by some people on my class reunion committee, so I want it set up so login credentials are required. It doesn’t need to be https. Any easy way to accomplish this with available templates or from scratch please?

  • Sergio says:

    Explain how a VOIP call is set-up and carried over an IP network using the SIP protocol and a SIP proxy server. Contrast this to the operation of voice communication over a traditional PSTN or mobile network and explain how a device in a VOIP system can communicate with a device on a traditional network.

  • nick s says: do i set up 7 pc to a network. what do i need and what is the procedure

    2. how to set up the 7 pc to the server how to connect it. what do i need and what is the procedure.

    i need all the answer that i can get……

    best answer get 5 points…….

  • Ray D says:

    I made a minecraft beta server with bukkit and the essentials plugin, but everytime I load a world I can’t seem to activate switches, place blocks or destroy blocks. I have made myself an op and I still can’t destroy blocks. What’s wrong?

Leave a Reply

%d bloggers like this: