NAME

cupp - generate dictionaries for attacks from personal data

SYNOPSIS

 cupp [options]

DESCRIPTION

CUPP(Common User Passwords Profiler) is tool to generate wordlist from common user profiler. The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.

A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative,or a common word such as God, love, money or password. From a social engineering you can obtain information to use with the CUPP, this way the tool can create a very effective dictionary for brute force attacks or dictionary attacks.

That is why CUPP has born, and it can be used in situations like legal penetration tests or forensic crime investigations.

OPTIONS

-h

this menu

-i

Interactive questions for user password profiling

-w

Use this option to profile existing dictionary, or WyD.pl output to make some pwnsauce :)

-l

Download huge wordlists from repository

-a

Parse default usernames and passwords directly from Alecto DB. Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.

-v

Version of the program

EXAMPLES

Create wordlist in interactive mode:

$ cupp -i

Increases the wordlist file, for example the wordlist password.lst:

$ cupp -w password.lst

Download huge wordlist from FUNET repository:

$ cupp -l

CONFIGURATION FILE

CUPP has configuration file at /etc/cupp.cfg with instructions.

AUTHOR

This manual page was written by Marcio de Souza Oliveira <m.desouza20@gmail.com> for the Debian project (but may be used by others).