Friday, February 1, 2013

Creating a special wordlist for a given victim






Today i'm going to introduce you to a very useful tool in Backtrack that helps you create a word-list that contains all the possible password combinations for a given victim. It simply creates a target-specific wordlist for password brute-forcing. After running the utility, it will ask you some questions about the victim,this same information will be used to make some word combinations for the right password. Though this method is not 100% sure, it helps a lot and gives almost a 80% chance to get the right password.


First,type the following command to access the utility


root@bt:~# cd /pentest/passwords/cupp

root@bt:~# cd /pentest/passwords/cupp: ./cupp.py

Here is a preview of what it looks like:







This option is used for help:






For the moment, we are going to use the "i" option:







At this level, you will be prompted to feed the utility with all possible information you can provide such as names, wife /girlfriend etc... Note that not all fields are necessary; you can skip any field by typing enter, here is an example:









Wen finished, you'll have a txt file that contains some possible word combinations, that the victim may have used for his/her password:








In this example, i'm going to use "cat" to view the file contents, by using the following command


root@bt:~# cat ahmed.txt


And finally, here is the outcome:









Hope you enjoy

0 commentaires: