This machine begins w/ a web enumeration, discovering bludit CMS running, it is vulnerable to a bruteforce protection bypass, directory traversal + image upload exec vulnerability. With cewl, a password word list is generated, to bruteforce against user fergus (revealed at todo.txt). Wit...