Carnivore - Predator
Formerly known as THC HackSuite, Carnivore - Predator stands at the forefront of cutting-edge cybersecurity tools, redefining the landscape of penetration testing with unparalleled innovation. Designed to empower ethical hackers, security professionals, and enthusiasts alike, Carnivore - Predator is the ultimate Pentest CMS that puts you in command.
current version: 0.7.0 - PREDATOR
home > documentation > apps > How to use Medusa White
This article explains how to effectively make use of Medusa White.
author: Remco Kouw
created: 29-May-2024
updated: 29-May-2024

Medusa White Introduction

In this documentation we will go through the functionality of the Medusa White app.

Carnivore has two versions of Medusa: Medusa White and Medusa Black. Medusa White is limited compared to Medusa Black, it only finds easy to guess passwords and then sends all affected users an email with a password update notification. The application doesn't store or display passwords.

Medusa White makes use of a template system for these emails that you may want to edit first before starting working with Medusa White. Here's an axample of the default template used to notify users, it can be found in the templates folder in the root folder of this application.

Don't change the placeholder /user/ as it will be replaced with the actual username of the user. The [YOUR_SITE_HERE] text is a placeholder and can be freely adjusted to suit your needs.

Medusa also makes use of a built-in task system where you can monitor the progress of Medusa tasks. Both Medusa versions have their own separate task managing system which works similar to Carnivore's, but lacking any dedicated configuration page.

Interface Parameters:

  • choose your product: set a product to test
  • wordlists: selects a wordlist file from the Carnivore's Wordlists folder
  • connect with profile: if you have setup a profile you can skip most of the setup
  • database user: product database user
  • database pass: product database pass
  • database host: product database host
  • database name: product database name
  • use default settings: sets the default field names for this product
  • username field: database username field for user credentials table
  • email field: database email field for user credentials table, note, Medusa White doesn't work on software that has the email field in a different table than the credentials table
  • hash field: database hash field for user credentials table
  • table name: name of the credentials table inside the database, don't include the table prefix in this field, instead use the table prefix option
  • table prefix: it's common during installation of forum software that you can set a database prefix field for the product's tables, if there's no prefix just leave this field empty

Options:

  • automatic email users: when a password has been guessed the user will receive an email notification

Supported Applications:

  • AEF 1.x
  • AVS 2.2
  • Dolphin 7.x
  • Drupal6 6.x
  • Drupal7 7.x
  • Drupal8 8.x
  • FluxBB 1.4-1.5
  • IPB 3.4.x
  • Joomla2 2.x
  • Joomla3 3.x
  • MiniBB 3.x
  • MyBB 1.6.x
  • Phorum 5.2.x
  • phpBB 3.x
  • phpFusion 7.02

Resource Settings:

  • time limit: php default
  • memory limit: 256MB

Dependencies:

N/A

Expanding Medusa White:

How to add content to Medusa

Known Issues:

N/A

How to use Medusa Black
similar content
How to use Medusa BlackHow to use ParasiteHow to use ModGlueHow to add content to MedusaHow to create a ModGlue application
Created by Remco Kouw: 2008-2024