1 . Introduction
2 . My Setup
3 . What is Cupp?
4 . Why use Cupp?
5 . How to use Cupp?
6 . Summary
This post is designed to teach you what the tool Cupp accomplishes and how to use it.
1. Introduction
Welcome to the second blog post of 100 tools in 100 days.
In this post and concurrent posts, I will introduce you to a tool in Kali or Parrot Linux.
I will discuss use cases for the tool.
Finally, I will show a quick how-to to get you started using it.
2. My Setup
For running the Cupp tool, I used Kali Linux in a VmWare Workstation 16 Player virtualized environment.
3. What is Cupp?
Common User Passwords Profiler
Cupp is a wordlist generator that creates password lists used in dictionary password attacks.
The greatest part of Cupp is that the python script asks the user to input various bits of personal information about the person they are trying to create a password list for.
Additionally, Cupp allows the operator to input keywords that are also used to generate potential passwords.
Find Cupp at the creators GitHub here.
4. Why use Cupp?
To make a dictionary list of potential passwords.
You would use this list with various penetration testing tools to then crack the password for access to a system, website, etc.
You can make customized word lists using personally identifiable data and keywords about your victim.
If the victim has a strong and complex password, then likely this wordlist wouldn’t have your victim’s password.
5. How to use Cupp?
On Kali or Parrot OS
Step 1:
You may have to download and install Cupp.
If you are on Kali open your terminal and type:
apt install cupp -y
Hint: use sudo apt install cupp -y if you are not root.
Step 2:
Run cupp in interactive mode in your terminal by typing:
cupp -i
Step 3:
Now that Cupp is running in interactive mode we can follow the prompts.
Note: Cupp requires a First Name in interactive mode,
all other options can be left blank and skipped by hitting <enter>. <br>
Step 4: Fill out all of the prompts that you can to build a longer and more complex wordlist.
My Example:
Step 5:
Once you hit enter at the final prompt Cupp will create the wordlist file
and tell you how many passwords it generated. <br>
My File:
A look at some of the passwords in my file:
6. Summary
I covered briefly how to use the interactive function of the tool Cupp.
I discussed when and why to use this password wordlist generator.
Additionally, I covered briefly when Cupp wouldn’t be useful.
More resources can be found on the Cupp GitHub here.
Thanks for reading!
If you have suggestions for what tool to cover next, contact me!