As I am learning more about the SMB protocol for Windows, I came across Medusa. So first thing I did was try and hook it up with a dictionary and attack my Windows OS which is on Windows 7. After installing it, (see here to know how), I looked at the arguments and start cracking! I tried cracking using THC-HYDRA but I had some difficulties at first. The commands are pretty much the same if you look at it.
Cracking with a single password
medusa -h 192.168.1.2 -u Brian -p 1234567890 -ns -M smbnt
Note: You can choose to omit -ns as n it is defined as ([n] No Password, [s] Password = Username), as for -h, it is the name of the host. -u for username and -p followed by the password. -M stands for the protocol that I am cracking which is SMBNT.
Cracking with a dictionary/wordlist file
medusa -h 192.168.1.2 -u Brian -P /dictionary/commonpassword.txt -ns -M smbnt
Note: As you can see, what changed was the -p to -P argument. Uppercase meaning to use a file instead of the given string as value. You can see that /dictionary/commonpassword.txt is the path to my dictionary file.