#!/bin/sh echo "Don't forget to update this script with the change-log! Press ENTER to start..." read NAME="medusa" VERSION="2.0" SOURCE="http://www.foofus.net/jmk/tools/medusa-$VERSION.tar.gz" CONFIGURE="--prefix=/usr/local" DATE=`date '+%Y/%m/%d'` export CFLAGS="-march=i486 -mtune=i686 -Os -pipe" export CXXFLAGS="-march=i486 -mtune=i686 -Os -pipe" export LDFLAGS="-Wl,-O1" echo "Downloading essential packages..." tce-load -wi compiletc squashfs-tools-4.x pcre pcre-dev openssl-0.9.8 openssl-0.9.8-dev libssh2 libssh2-dev cd /tmp/ wget $SOURCE sudo rm -rf $NAME-$VERSION 2>/dev/null sudo rm /tmp/$NAME.tcz /tmp/$NAME.tcz.list /tmp/$NAME.tcz.md5.txt /tmp/$NAME.tcz.dep 2>/dev/null sudo rm -rf /tmp/$NAME 2>/dev/null sudo rm /tmp/$NAME-doc.tcz /tmp/$NAME-doc.tcz.list /tmp/$NAME-doc.tcz.md5.txt /tmp/$NAME-doc.tcz.dep 2>/dev/null sudo rm -rf /tmp/$NAME-doc 2>/dev/null tar xvfz $NAME-$VERSION.tar.gz cd $NAME-$VERSION echo " Starting ./configure $CONFIGURE" ./configure $CONFIGURE echo "Press ENTER to continue... " read make -j3 echo " Starting make install to: /tmp/$NAME" sudo make DESTDIR=/tmp/$NAME install-strip cd /tmp/$NAME sudo find . | xargs file | grep "executable" | grep ELF | grep "not stripped" | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null sudo find . | xargs file | grep "shared object" | grep ELF | grep "not stripped" | cut -f 1 -d : | xargs strip -g 2> /dev/null mkdir -p /tmp/$NAME-doc/usr/local cd /tmp/$NAME/usr/local sudo mv share /tmp/$NAME-doc/usr/local/ echo "Creating package..." cd /tmp/ sudo mksquashfs $NAME $NAME.tcz sudo md5sum $NAME.tcz > $NAME.tcz.md5.txt cd $NAME sudo find usr -not -type d > ../$NAME.tcz.list cd /tmp/ SIZE="`du -k $NAME.tcz|cut -f1`k" sudo echo "Title: $NAME.tcz Description: Medusa - Parallel Network Login Auditor Version: $VERSION Author: JoMo-Kun Original-site: http://www.foofus.net/~jmk/medusa/medusa.html Copying-policy: GPLv2 Size: $SIZE Extension_by: andriscom Comments: Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: - Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. - Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing. - Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing. Built with CFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with CXXFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with LDFLAGS: -Wl,-O1 Built with the following options: ./configure $CONFIGURE Note: svn module is not included because the current (2010/06/05) svn-dev extension does not include the necessary header files Source: $SOURCE Change-log: $DATE Version: $VERSION Current: $DATE Version: $VERSION " > $NAME.tcz.info sudo echo "pcre.tcz openssl-0.9.8.tcz libssh2.tcz " > $NAME.tcz.dep echo "Creating doc package..." cd /tmp/ sudo mksquashfs $NAME-doc $NAME-doc.tcz sudo md5sum $NAME-doc.tcz > $NAME-doc.tcz.md5.txt cd $NAME-doc sudo find usr -not -type d > ../$NAME-doc.tcz.list cd /tmp/ SIZE="`du -k $NAME-doc.tcz|cut -f1`k" sudo echo "Title: $NAME-doc.tcz Description: Medusa man pages Version: $VERSION Author: JoMo-Kun Original-site: http://www.foofus.net/~jmk/medusa/medusa.html Copying-policy: GPLv2 Size: $SIZE Extension_by: andriscom Comments: Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application: - Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently. - Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing. - Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing. Built with CFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with CXXFLAGS: -march=i486 -mtune=i686 -Os -pipe Built with LDFLAGS: -Wl,-O1 Built with the following options: ./configure $CONFIGURE Note: svn module is not included because the current (2010/06/05) svn-dev extension does not include the necessary header files Source: $SOURCE Change-log: $DATE Version: $VERSION Current: $DATE Version: $VERSION " > $NAME-doc.tcz.info sudo echo "$NAME.tcz " > $NAME-doc.tcz.dep cd /tmp/ mkdir packages 2>/dev/null sudo rm packages/$NAME.tar.gz 2>/dev/null tar zcf packages/$NAME.tar.gz $NAME.tcz* sudo rm packages/$NAME-doc.tar.gz 2>/dev/null tar zcf packages/$NAME-doc.tar.gz $NAME-doc.tcz* echo " Run bcrypt on /tmp/packages/*.tar.gz... give password: tinycore" echo "Run the extension_audit.sh and reboot a clean system to try the packages!" echo "Send it to: tcesubmit@gmail.com"