Area | Feature | Medusa 2.2 | Hydra 7.1 | Ncrack 0.4ALPHA |
* | License | GPL-2 | GPL-3 | GPL-2 |
Core | Parallel Method | pthread | fork() | |
Service Design | Modular | Built-in | ||
Speed (several comparisons are included below) | ? | ? | ? | |
Generic Wrapper Module | √ | |||
AFP | √ | √ | ||
CVS | √ | √ | ||
FTP | FTP | √ | √ | √ |
Explicit FTPS (AUTH TLS Mode as defined in RFC 4217) | √ | √ | √ | |
Implicit FTPS (FTP over SSL (990/tcp) | √ | √ | √ | |
HTTP | Basic Auth | √ | √ | √ |
NTLM Auth (Windows Integrated) | √ | √ | ||
Digest Authentication | MD5, MD5-sess | MD5 | ||
HTTP Proxy | √ | |||
ICQ | √ | |||
IMAP | Method LOGIN Support | √ | √ | |
Method AUTH-PLAIN Support | √ | √ | ||
Method AUTH-NTLM Support | √ | √ | ||
SSL Support | IMAPS, STARTTLS | IMAPS, STARTTLS | ||
LDAP | √ | |||
Microsoft SQL | Port Auto-Detection | √ | ||
MS-SQL | √ | √ | ||
MySQL | Pre-4.1 Authentication | √ | √ | |
Pre-4.1 Hash Passing | √ | |||
4.1+ Authentication | √ | √ | ||
NCP (NetWare) | √ (ncpfs) | √ (ncpfs) | ||
NNTP | √ (Original AUTHINFO) | √ (Original AUTHINFO) | ||
Oracle | Database | √ (via Wrapper script) | ||
Listener | ||||
SID | √ | |||
PcAnywhere | Supported Encryption Level | None | None | |
Supported Authenication Mode(s) | Native PCA, ADS, NT, Windows | Native PCA | ||
PCNFS | √ | |||
POP3 | Method AUTH-USER Support | √ | √ | √ |
Method AUTH-LOGIN Support | √ | √ | ||
Method AUTH-PLAIN Support | √ | √ | ||
Method AUTH-NTLM Support | √ | √ | ||
SSL Support | POP3S, STARTTLS | POP3S | POP3S, STARTTLS | |
PostgreSQL | √ | √ | ||
RDP (Terminal Server) | √ | √ | √ | |
Pass the Hash Support | √ | |||
REXEC | √ | √ | ||
RLOGIN | .rhost Support | √ | ||
Password Support | √ | √ | ||
RSH | √ | √ | ||
SAPR3 | √ | |||
SIP | √ | |||
SMB (Microsoft Windows/Samba) | Authentication Modes | clear-text, LMv1, NTLMv1, LMv2, NTLMv2 | clear-text, LMv1, NTLMv1, LMv2, NTLMv2 | Unknown |
Hash Passing | √ | √ | ||
Access Detection (ADMIN$) | √ | |||
SMTP | Method AUTH-LOGIN Support | √ | √ | |
Method AUTH-PLAIN Support | √ | √ | ||
Method AUTH-NTLM Support | √ | √ | ||
SSL Support | STARTTLS | STARTTLS | ||
VRFY | √ | √ | ||
EXPN | √ | |||
RCPT TO | √ | |||
SNMP | √ (significantly faster design) | √ (overwrites sysName with "HYDRA") | ||
SOCKS5 | √ | |||
SSHv2 | √ (libssh2) | √ (libssh) | √ | |
SVN | √ | √ | ||
TeamSpeak | √ | |||
Telnet | Generic Telnet | √ | √ | √ |
Cisco (AAA/non-AAA) | √ | √ | √ | |
Cisco enable password | √ | |||
AS/400 (TN5250) Support | √ | |||
VNC | Password-less/Password-only Support | √ | √ | |
Anti-Brute Force Slowdown Support | √ | |||
Username/Password Support | ||||
VmWare Authentication Daemon | Non-SSL Authentication | √ | √ | |
SSL Authentication | √ | |||
Web Form Module | √ | √ |
Speed comparison: password list of 20 entries (valid entry at #20) FTP / Ubuntu 11.10 vsftp 2.3.2 [1 task] [4 tasks] [16 tasks] Medusa 1:03.53 15.727 7.658 (e.g., -t 16) Hydra 57.527 16.545 8.013 (e.g., -t 16) Ncrack 1:00.01 24.017 15.009 (e.g., -g cl=16,CL=16) Speed comparison: password list of 1003 entries (valid entry at #1000) HTTP / Windows 2008 IIS 7.0 [1 task] [4 tasks] [16 tasks] Medusa 1.390 0.803 0.626 (e.g., -v 4 -t 16) Hydra 1.443 0.855 0.790 (e.g., -t 16) Ncrack 3.108 3.016 3.013 (e.g., -g cl=16,CL=16) Speed comparison: password list of 1003 entries (valid entry at #986) SMB / Windows 2008 [1 task] [4 tasks] [16 tasks] Medusa 6.859 0.919 0.500 (e.g., -v 4 -t 16) Hydra 8.216 (doesn't handle parallel connections) Ncrack (failed to auth to test server) Speed comparison: password list of 10 entries (valid entry at #10) SSH Ubuntu 11.10 OpenSSH 5.8p1 [1 task] [4 tasks] [16 tasks] Medusa 38.039 11.943 8.067 (e.g., -v 4 -t 16) Hydra 32.122 12.208 8.457 (e.g., -t 16) Ncrack 30.023 27.012 24.013 (e.g., -g cl=16,CL=16)