Cupp (Common User Passwords Profiler)

-

                    CUPP is powerful tool that creates a wordlist, specifically for a person. CUPP is cross platform and written in Python. CUPP asks you questions about the target (name, wife’s name, pet’s name, phone number…) and then creates a password based on the keywords you entered.
How to install CUPP in Kali linux


1) Out first step is to start Kali, our beloved hacking system. Once we have Kali up and running, we need to make a directory to store our CUPP files in our home directory. Enter this command:


                          mkdir CUPP


2) Then, navigate to that directory


                          cd CUPP


3) Once inside the CUPP directory, go ahead and enter the following line into your terminal:


                         git clone https://github.com/Mebus/cupp.git


4) If git doesn’t work, you probably don’t have it installed. if so, enter this command:


                        apt-get update && apt-get install git


STEP 2:  The Configuration File
When we use the ls command after gitting CUPP, we can see that a new folder named “cupp” is created. When we navigate in that folder, we see the following items:
cupp.py
cupp.cfg
docs which is a directory
README.md


Let’s open the configuration with leafpad:
                 leafpad cupp.cfg


You will see a screen with many options. For now, we want to focus on the “1337 mode” and special chars settings.
What 1337 mode does is simply go through all the passwords CUPP generated and will replace, for example, “a” with 4 in that password, and add the new password to the wordlist. This mode makes your wordlist larger, but it increases your chances of success BY TONS. However, we want a to be equal to “@” as well. To that, simply add this line under “leet”.
a=@
Special characters will also be added randomly at the end of the passwords generated by CUPP. I will not edit these, but if you want to, you can simply add a character to it. The other settings are quite self explanatory.

 STEP 3 : Using CUPP
We’ll finally begin using CUPP. Start CUPP in interactive mode by invoking this command:


python cupp.py -i


 You’ll need to enter all the info of your target. You can get this info by “doxing” your target. But, as an example, my “target” will be John Smith:
He’s an electrician
He was born on 05/10/1987
He goes by the nickname “Tirrian”
He has a wife named Barbara, but we don’t know her nickname.
We know know his wife is born on 14/07/1989.
He also has a son named Alex, we also don’t know his nickname, but we know his son was born on 19/03/2005.
We also know he has a dog named Laika
He owns a company named ElectricFab. (no copyright infringement intended, if this fictional company actually exists.)
We know he’s a huge soccer fan and supporter of Real Madrid
CUPP usage options


1. To view the options available in cupp open a terminal and type


              python cupp.py -h


this will open up a help page showng different options in Cupp.


2. python cupp.py -i


This option will give an interactive section which we have done earlier.


3.python cupp.py – w


This option is used if we have a password filelist and we want to modify or enhance the content  of the password file. We can add additional characters randome numbers leet mode etc in an existing wordlist file and enhance it get a better result


4.A wordlist in repository


  In this scenario there is a large wordlist file in the repository and we want to use it for parrword cracking. For this we can use the command


                                              python cupp.py -l


   This command will show a list of dictionary files in the repository consisting of different languages.We can select the file we needed and download. After downloading we can enhance the file using “ -w ” option.


Comments

Post a Comment

Popular posts from this blog

How to Repair Kali Linux grub after installing Windows in Dual boot System

-
Image
If your System has primary OS Windows then you install your secondary OS Kali Linux. That will be OK, Kali Linux puts boot entry of Windows automatically for you. At initial boot menu you can see both OS entry to boot. If your windows is corrupt in dual boot system or if you want to install windows as secondary OS after installing Kali Linux as primary OS. You may face corrupt boot-loader menu. You wont be able to boot Kali Linux any more because Windows wont put entry of Kali Linux automatically in their boot menu. So this post motive is to help those guys which are facing those problems subjecting to corrupt Boot-loader. There are mainly two methods: 1. Repair Grub via Kali Linux live USB. 2. Repair Grub Via Boot-rapair-disk. Method 1# Repair Grub via Kali Linux live USB It is up to you which you want to choose but if you are Linux familiar then go for this method. Requirements 1. A Kali Linux ISO image. You can download here: Download Kali Linux
Read more

PDFCrack - Password Cracking Tool for PDF-files

-
Image
PDFcrack is a GNU/Linux tool for cracking password protected PDF files. It is a very small command line application. It is not preinstalled in kali linux. We can install through command line. For installing pdfcrack open a terminal and enter apt install pdfcrack Syntax and options Usage: pdfcrack -f filename [OPTIONS]           : pdfcrack -f filenmae -w passwordfile.txt OPTIONS : -b, --bench perform benchmark and exit -c, --charset=STRING Use the characters in STRING as charset -w, --wordlist=FILE Use FILE as source of passwords to try -n, --minpw=INTEGER Skip trying passwords shorter than this -m, --maxpw=INTEGER Stop when reaching this passwordlength -l, --loadState=FILE Continue from the state saved in FILENAME -o, --owner Work with the ownerpassword -u, --user Work with the userpassword (default) -p, --password=STRING Give userpassword to speed up breaking ownerpassword (implies -o) -q, --quiet Run quietly -s,
Read more

Avet – Open Source Anti-Virus Evasion Tool

-
Image
When we want to perform an exploitation to a windows target, we need a payload that is undetectable to Antivirus Solutions. Msfvenom on its own is not enough. So we need an AV evasion tool to make this easy for us. Avet is a tool for building exe files with shellcode payloads for antivirus evasion. Installing Avet First clone the repository to our machine. git clone https://github.com/govolution/avet.git   After that go inside the folder and run the setup file to install wine and other missing components. cd avet/       Run the setup file to install the missing components.   ./setup.sh     Select create  for new installation   Running Avet There are two ways to run avet. Run avet by typing the command below. python avet_fabric.py   There are two ways to run avet. Either by compiling the make_avet script as shown below, or by  running the avet_fabric.py script, as shown. gcc -0 make_avet make_avet.c
Read more