Let’s have a little bit of fun to give you an idea how you could find out a username for your target. The VM we are using for this example, as mentioned above, is Mr. Robot themed. So it’s very likely that the username will be found in some trivia that has to do with Mr. Robot.
First go back to your Burpsuite and close it. We don’t need it any more right now. Also go back to your Proxy settings and disable the Proxy again.
Now I head to the Mr. Robot Wikipedia page: https://en.wikipedia.org/wiki/Mr._Robot
And I will create a username list from this exact page using CeWL.
Open a new Terminal Window and type
sudo cewl -w usernames.txt -d1 -m4 https://en.wikipedia.org/wiki/Mr._Robot
Let’s break this down.
- -w usernames.txt – should be pretty clear, this is the name of the wordlist that will be created
- -d1 – Defines the depth in which CeWL will crawl the website. 1 indicates that it will stay on this exact site and not open any links on it.
- -m4 – Defines the minimum length of the word that will be put in the list
- https://en.wikipedia.org/wiki/Mr._Robot – obviously the website we are going to crawl.
So as you see, you could apply this technique to any target relevant website.
Running a quick