Table of contents
Store the resulting dictionary in a file
Count the number of times a word appears in a website
Generate a dictionary containing numbers and characters
Introduction to Cewl
Cewl is an application developed in Ruby. You can specify the URL address and crawling depth for its crawler, and you can add additional external links. Next, Cewl will return you a dictionary file, which can then be used for password cracking. .
Cewl command parameters
cewl [选项] ... URL
--help,-h:显示帮助
--keep,-k:保留下载的文件
--depth x,-d x:深度到蜘蛛,默认2
--min_word_length,-m:最小字长,默认为3
--offsite,-o:让蜘蛛访问其他网站
--write,-w file:将输出写入文件
--ua,-u user-agent:用户代理发送
--no-words,-n:不输出单词表
--meta, -a 包含元数据
--meta_file file:元数据的输出文件
--email,-e包括电子邮件地址
--email_file file:电子邮件地址的输出文件
--meta-temp-dir directory:exiftool在解析文件时使用的临时目录,默认为/ tmp
--count,-c:显示找到的每个单词的计数
Use of Cewl
default method
cewl http://www.baidu.com/
As shown in the figure, the generated dictionary is displayed in the terminal
Store the resulting dictionary in a file
cewl http://www.baidu.com/ -w baidu.txt
A dictionary specifying the generated length
cewl http://www.baidu.com/ -m 6
The above command has a minimum length of 6 words
Count the number of times a word appears in a website
cewl http://www.baidu.com/ -c
Increase crawling depth
cewl http://www.baidu.com/ -d 3
Increase the crawling depth of the crawler to generate larger dictionary files, by default the crawling depth is 2
Extract debug information
cewl http://www.baidu.com/ --debug
Verbose mode
cewl http://www.baidu.com/ -v
In this mode, Cewl will export the detailed data of the target website:
Generate a dictionary containing numbers and characters
cewl http://www.baidu.com/ --with-numbers
Cewl Digest/Basic Certification
If the target website requires page login authentication, we need to use the following parameters to bypass the page authentication restrictions:
–auth_type: Digest or basic.
–auth_user: Authentication username.
–auth_pass: Authentication password.
cewl http://192.168.1.105/dvwa/login.php --auth_type Digest --auth_user admin--auth_pass password -v
proxy URL
If the target website has a proxy server set, Cewl will not be able to use the default command to generate the dictionary. At this point you need to use the --proxy option to enable proxy URL functionality:
cewl --proxy_host 192.168.1.103 --proxy_port 3128 -w dict.txt http://192.168.1.103/wordpress/