https://maxisfront.me/tags/cewl/ Recent content in CeWL on MaxisFront Hugo en Wed, 25 Mar 2026 00:00:00 +0000 https://maxisfront.me/posts/writeup-dc-2-vulnhub/ Wed, 25 Mar 2026 00:00:00 +0000 https://maxisfront.me/posts/writeup-dc-2-vulnhub/ <blockquote> <p>All rights reserved to the WordPress organization</p> </blockquote> <div class="flash mb-3"> <blockquote> <p>Summary</p> </blockquote> <ul> <li>Listing users with <code>Caido</code></li> <li>Password discovery via <code>CeWL</code></li> <li>Reuse of credentials for the service <code>SSH</code></li> <li>Exploitation of the SUID bit on <code>git</code></li> <li>Security recommendations to prevent and mitigate vulnerabilities on this machine.</li> </ul> </div> <h4 id="skills-used">Skills Used</h4> <ul> <li>Port scanning and CMS enumeration</li> <li>Searching for and using critical CVEs</li> <li>Use of basic GNU/Linux-based commands</li> <li>Exploitation of vulnerable SUIDs</li> </ul> <h4 id="tools-used">Tools Used</h4> <ul> <li>arp-scan</li> <li>Ping</li> <li>Nmap</li> <li>Caido</li> <li>WPScan</li> <li>CeWL</li> <li>SSH</li> <li>Git</li> </ul> <hr> <h2 id="vulnerability-assessment-and-analysis">Vulnerability Assessment and Analysis</h2> <p>First, we scan our local network using the <code>arp-scan</code>, specifying our network interface:</p>