Cupp (Common User Passwords Profiler)
How to install CUPP in Kali linux
1) Out first step is to start Kali, our beloved hacking system. Once we have Kali up and running, we need to make a directory to store our CUPP files in our home directory. Enter this command:
mkdir CUPP
2) Then, navigate to that directory
cd CUPP
3) Once inside the CUPP directory, go ahead and enter the following line into your terminal:
git clone https://github.com/Mebus/cupp.git
4) If git doesn’t work, you probably don’t have it installed. if so, enter this command:
apt-get update && apt-get install git
STEP 2: The Configuration File
When we use the ls command after gitting CUPP, we can see that a new folder named “cupp” is created. When we navigate in that folder, we see the following items:
cupp.py
cupp.cfg
docs which is a directory
README.md
Let’s open the configuration with leafpad:
leafpad cupp.cfg
You will see a screen with many options. For now, we want to focus on the “1337 mode” and special chars settings.
What 1337 mode does is simply go through all the passwords CUPP generated and will replace, for example, “a” with 4 in that password, and add the new password to the wordlist. This mode makes your wordlist larger, but it increases your chances of success BY TONS. However, we want a to be equal to “@” as well. To that, simply add this line under “leet”.
a=@
Special characters will also be added randomly at the end of the passwords generated by CUPP. I will not edit these, but if you want to, you can simply add a character to it. The other settings are quite self explanatory.
STEP 3 : Using CUPP
We’ll finally begin using CUPP. Start CUPP in interactive mode by invoking this command:
python cupp.py -i
You’ll need to enter all the info of your target. You can get this info by “doxing” your target. But, as an example, my “target” will be John Smith:
He’s an electrician
He was born on 05/10/1987
He goes by the nickname “Tirrian”
He has a wife named Barbara, but we don’t know her nickname.
We know know his wife is born on 14/07/1989.
He also has a son named Alex, we also don’t know his nickname, but we know his son was born on 19/03/2005.
We also know he has a dog named Laika
He owns a company named ElectricFab. (no copyright infringement intended, if this fictional company actually exists.)
We know he’s a huge soccer fan and supporter of Real Madrid
CUPP usage options
1. To view the options available in cupp open a terminal and type
python cupp.py -h
this will open up a help page showng different options in Cupp.
2. python cupp.py -i
This option will give an interactive section which we have done earlier.
3.python cupp.py – w
This option is used if we have a password filelist and we want to modify or enhance the content of the password file. We can add additional characters randome numbers leet mode etc in an existing wordlist file and enhance it get a better result
4.A wordlist in repository
In this scenario there is a large wordlist file in the repository and we want to use it for parrword cracking. For this we can use the command
python cupp.py -l
This command will show a list of dictionary files in the repository consisting of different languages.We can select the file we needed and download. After downloading we can enhance the file using “ -w ” option.
Comments
Post a Comment