CUPP Common User Passwords Profiler v3 released
People spend a lot of time preparing for effective dictionary attack. Common User Passwords Profiler (CUPP) is made to simplify this attack method that is often used as last resort in penetration testing and forensic crime investigations. A weak password might be very short or only use alphanumeric characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.
Going through different combinations and algorithms, CUPP can predict specific target passwords by exploiting human vulnerabilities. In password creation, as in many aspects of life, everybody tends to the original solution, but thanks to human nature, we all tend to originality in the same way, leading to almost absolute predictability.
Changes:
- 3.0 - added word length shaping function - added wordlists downloader function - added alectodb parser - fixed thresholds for word concatenations - fixed sorting in final parsing - fixed some user input validations - ascii cow now looks nicer :)
- 2.0 - added l33t mode - added char mode - ability to make pwnsauce with other wordlists or wyd.pl outputs - cupp.cfg makes cupp.py easier to configure
- 1.0 - Initial release
Post scriptum
Compliance Mandates
|
Related Articles
| Cupp |
|
| Password Cracking |
|
| Penetration testing & Ethical Hacking |
|
