Computer Based Social Engineering Tools: Common User Passwords Profiler (CUPP)

From Learn to be a true Social Engineer

CUPP - Common User Passwords Profiler

Download: cupp2.tar.gz
SHA-1: 2ab01a8b00de145f33875beafc4053e10a217879
Author: Muris Kurgas

Background

The most common form of authentication is the combination of a user name and a password or pass phrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.

A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.

That is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.

Generic Usage

Usage: cupp.py [OPTIONS]

-h this menu
-i Interactive questions for user password profiling
-w Use this option to profile existing dictionary,or WyD.pl output to make some pwnsauce
-v Version of the program

Changes:
+2.0
- l33t mode
- char mode
- ability to make pwnsauce with other wordlists or wyd.pl outputs
- cupp.cfg makes cupp.py easier to configure

+1.0
- Initial release

Support & Bugs

If you discover any bugs or want to provide patches send them to j0rgan (-@-) remote-exploit.org

Author

Muris Kurgas
CUPP AUTHOR
• Nick Name: j0rgan
• Home Page: http://www.azuzi.me/
• E-Mail: j0rgan (-@-) remote-exploit.org