Social Engineering

CUPP – Common User Passwords Profiler

CUPP is a Python-based password profiler.
What is CUPP ?
CUPP is powerful tool that creates a wordlist, specifically for a person. CUPP is cross platform and written in Python. CUPP asks you questions about the target (name, wife’s name, pet’s name, phone number…) and then creates a password based on the keywords you entered.
But, how exactly does CUPP work?

Humans, no matter how much we think we’re unique, show the same patterns when it comes to passwords. We usually pick passwords that are easy to remember, so we include personal things into our passwords. For example, someone could easily remember a password that contains his birthday and the name of his wife. If they have a wife named Lucy and who was born on 05/07/1978, they could have password like “Lucy05071978”.
CUPP uses these “algorithms,” which are hardwired in humans and exploits them, to generate a very effective wordlist.
STEP 1:  Fire Up Kali and Git CUPP

Out first step is, of course, is to fire up Kali, our beloved hacking system. Once we have Kali up and running, we need to make a directory to store our CUPP files in our home directory. Enter this command:
mkdir CUPP
Then, navigate to that directory

Once inside the CUPP directory, go ahead and enter the following line into your terminal:
git clone

If git doesn’t work, you probably don’t have it installed. if so, enter this command:
apt-get update && apt-get install git
If everything goes alright, you should receive an output like this:s<img src=Step 4:
STEP 2:  The Configuration File
Like a lot of hacking tools, CUPP also has a configuration file. Let’s explore and manipulate it’s options.
When we use the ls command after gitting CUPP, we can see that a new folder named “cupp” is created. When we navigate in that folder, we see the following items:
docs which is a directory (you can read this if you’re bored).

Let’s open the configuration with leafpad:
leafpad cupp.cfg
You will see a screen with many options. For now, we want to focus on the “1337 mode” and special chars settings.
What 1337 mode does is simply go through all the passwords CUPP generated and will replace, for example, “a” with 4 in that password, and add the new password to the wordlist. This mode makes your wordlist larger, but it increases your chances of success BY TONS. However, we want a to be equal to “@” as well. To that, simply add this line under “leet”.

Special characters will also be added randomly at the end of the passwords generated by CUPP. I will not edit these, but if you want to, you can simply add a character to it. The other settings are quite self explanatory.
STEP 3 : Using CUPP
We’ll finally begin using CUPP. Start CUPP in interactive mode by invoking this command:
python -i

You’ll need to enter all the info of your target. You can get this info by “doxing” your target. But, as an example, my “target” will be John Smith:

  • He’s an electrician
  • He was born on 05/10/1987
  • He goes by the nickname “Tirrian”
  • He has a wife named Barbara, but we don’t know her nickname.
  • We know know his wife is born on 14/07/1989.
  • He also has a son named Alex, we also don’t know his nickname, but we know his son was born on 19/03/2005.
  • We also know he has a dog named Laika
  • He owns a company named ElectricFab. (no copyright infringement intended, if this fictional company actually exists.)
  • We know he’s a huge soccer fan and supporter of Real Madrid

John had to remember his password easily, so he made his password barbara, but replaced the a’s with @’s to make it more secure. He also added the birthday of his wife, which is 14/07, but without the dashes. so his password is:
Note: This password contains at least one capital letter, is 8 characters long, has a number in it, and has a special character, which are the minimum norms for passwords on most sites.
(ALSO, take note that JOHN SMITH IS NOT A REAL PERSON! Well,,ok, maybe there is a John Smith, but this one is completely out of my imagination and doesn’t exist in real life!)
When checking if CUPP can guess it, we CUPP generated a dictionary of 37 thousand possible passwords of John, called John.txt. Let’s see if we can find his password in the text file.
STEP 4: Search John.txt for the Password
Simply, open john.txt
leafpad john.txt

Once it’s, click “search” and click on “find”. Then, enter John’s password.
Guess what? CUPP successfully guessed John’s password!
How can I protect myself?
Simple don’t use a password associated with you or your life. I personally make difficult passwords using “password” sentences. They’re extremely difficult to crack, but really easy for you to remember.

Try it: Take a random sentence you can remember. For example: “My girlfriend is ten times more attractive than my Religion teacher!” can be translated to “Mgi10XmatmRt!”. That there, is a really good password. if you ask me.

About the author


Add Comment

Click here to post a comment