{"id":22852252,"url":"https://github.com/elniak/cupp-rs","last_synced_at":"2025-04-30T09:17:26.845Z","repository":{"id":225722891,"uuid":"766567497","full_name":"ElNiak/cupp-rs","owner":"ElNiak","description":"Common User Passwords Profiler (CUPP)  in Rust","archived":false,"fork":false,"pushed_at":"2024-08-08T16:29:15.000Z","size":50,"stargazers_count":27,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-30T09:17:22.287Z","etag":null,"topics":["cupp","cybersecurity","dictionary-attack","dictionnary","osint","password","password-generator","password-strength","profiler","rust","username","weak-passwords","wordlist","wordlist-generator"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ElNiak.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-03-03T16:13:44.000Z","updated_at":"2025-03-08T19:01:53.000Z","dependencies_parsed_at":"2024-04-29T14:06:54.581Z","dependency_job_id":null,"html_url":"https://github.com/ElNiak/cupp-rs","commit_stats":null,"previous_names":["elniak/cupp-rs"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ElNiak%2Fcupp-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ElNiak%2Fcupp-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ElNiak%2Fcupp-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ElNiak%2Fcupp-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ElNiak","download_url":"https://codeload.github.com/ElNiak/cupp-rs/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251674590,"owners_count":21625646,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cupp","cybersecurity","dictionary-attack","dictionnary","osint","password","password-generator","password-strength","profiler","rust","username","weak-passwords","wordlist","wordlist-generator"],"created_at":"2024-12-13T06:07:38.656Z","updated_at":"2025-04-30T09:17:26.827Z","avatar_url":"https://github.com/ElNiak.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RustCUPP\n(Common User Passwords Profiler [CUPP](https://github.com/Mebus/cupp/)  in Rust. \n\nThe most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.\n\nA weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.\n\nThat is why CUPP was born, and it can be used in situations like legal penetration tests or forensic crime investigations.\n\n## Requirements\n\n- Rust: `curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh`\n\n## Usage\n\n```bash\n$ cd cupp_rust\n\n# Build \n$ cargo build --release\n```\n\n\n```bash\n# Run\n$ cargo run -- -h\nCommon User Passwords Profiler \nA tool for creating personalized wordlists based on user information\n\nUSAGE:\n    cupp_rust [OPTIONS]\n\nOPTIONS:\n    -a                   Parse default usernames and passwords directly from Alecto DB. Project\n                         Alecto uses purified databases of Phenoelit and CIRT which were merged and\n                         enhanced\n    -h, --help           Print help information\n    -i, --interactive    Interactive questions for user password profiling\n    -l                   Download huge wordlists from repository\n    -q, --quiet          Quiet mode (don't print banner)\n    -v, --version        Show the version of this program.\n    -w \u003cimprove\u003e         Use this option to improve existing dictionary, or WyD.pl output to make\n                         some pwnsauce\n```\n\n```bash\n# Run binrary\n$ ./target/release/cupp_rs -h\nOPTIONS:\n    -a                   Parse default usernames and passwords directly from Alecto DB. Project\n                         Alecto uses purified databases of Phenoelit and CIRT which were merged and\n                         enhanced\n    -h, --help           Print help information\n    -i, --interactive    Interactive questions for user password profiling\n    -l                   Download huge wordlists from repository\n    -q, --quiet          Quiet mode (don't print banner)\n    -v, --version        Show the version of this program.\n    -w \u003cimprove\u003e         Use this option to improve existing dictionary, or WyD.pl output to make\n                         some pwnsauce\n```\n\n## Configuration\n\n   CUPP has configuration file cupp.cfg with instructions.\n\n## Benchmarks\n\nRust version:\n\n```bash\n$ ./target/release/cupp_rs -i\nLeet mapping for 'a': 4\nSpecial chars: [\"!\", \"@\", \"#\", \"$\", \"%%\", \"\u0026\", \"*\"]\nNum range: 0 to 100\nWord length from: 5, to: 12\nThreshold: 200\nAlecto URL: https://github.com/yangbh/Hammer/raw/b0446396e8d67a7d4e53d6666026e078262e5bab/lib/cupp/alectodb.csv.gz\nDownloader URL: http://ftp.funet.fi/pub/unix/security/passwd/crack/dictionaries/\nSuccessfully loaded config: Config { years: Years { years: [1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020] }, leet: Leet { a: 4, i: 1, e: 3, t: 7, o: 0, s: 5, g: 9, z: 2 }, specialchars: SpecialChars { chars: [\"!\", \"@\", \"#\", \"$\", \"%%\", \"\u0026\", \"*\"] }, nums: Nums { from: 0, to: 100 }, wls: Wls { wcfrom: 5, wcto: 12 }, threshold: Threshold { threshold: 200 }, wordlist: Wordlist { alectourl: \"https://github.com/yangbh/Hammer/raw/b0446396e8d67a7d4e53d6666026e078262e5bab/lib/cupp/alectodb.csv.gz\", dicturl: \"http://ftp.funet.fi/pub/unix/security/passwd/crack/dictionaries/\" } }\n\nInteractive mode selected\n\n[+] Insert the information about the victim to make a dictionary\n[+] If you don't know all the info, just hit enter when asked! ;)\n\n\u003e First Name: Chris     \n\u003e Surname: Crock\n\u003e Nickname: ElNiak\n\u003e Birthdate (DDMMYYYY): 12182000\n\u003e Partner's name: Marie\n\u003e Partner's nickname: Madeleine\n\u003e Partner's birthdate (DDMMYYYY): 10311992\n\u003e Child's name: Jesus \n\u003e Child's nickname: Nazareth\n\u003e Child's birthdate (DDMMYYYY): 12130000\n\u003e Pet's name: Garfield\n\u003e Company name: UCLouvain\n\u003e Do you want to add some key words about the victim? Y/[N]: N\n\u003e Do you want to add special chars at the end of words? Y/[N]: Y\n\u003e Do you want to add some random numbers at the end of words? Y/[N]: Y\n\u003e Leet mode? (i.e. leet = 1337) Y/[N]: Y\nTime elapsed for birthday combination is: 471.062µs\nTime elapsed for birthday kombina is: 3.766712ms\nTime elapsed for special char is: 4.836014ms\nTime elapsed for random number is: 84.831641ms\nTime elapsed for special char 2 is: 92.856952ms\nTime elapsed for random number 2 is: 84.831641ms\nTime elapsed for leet is: 593.471858ms (0.593471858s)\n[+] Wordlist generated with 778613 words\n[+] File saved as: chris.txt\nTime elapsed is: 980.881955ms\n```\n\nPython version:\n\n```bash\n$ python3 cupp.py -i\n ___________ \n   cupp.py!                 # Common\n      \\                     # User\n       \\   ,__,             # Passwords\n        \\  (oo)____         # Profiler\n           (__)    )\\   \n              ||--|| *      [ Muris Kurgas | j0rgan@remote-exploit.org ]\n                            [ Mebus | https://github.com/Mebus/]\n\n\n[+] Insert the information about the victim to make a dictionary\n[+] If you don't know all the info, just hit enter when asked! ;)\n\n\u003e First Name: Chris\n\u003e Surname: Crock\n\u003e Nickname: ElNiak\n\u003e Birthdate (DDMMYYYY): 12182000\n\n\n\u003e Partners) name: Marie\n\u003e Partners) nickname: Madeleine\n\u003e Partners) birthdate (DDMMYYYY): 10311992\n\n\n\u003e Child's name: Jesus\n\u003e Child's nickname: Nazareth\n\u003e Child's birthdate (DDMMYYYY): 12130000\n\n\n\u003e Pet's name: Garfield\n\u003e Company name: UCLouvain\n\n\n\u003e Do you want to add some key words about the victim? Y/[N]: N\n\u003e Do you want to add special chars at the end of words? Y/[N]: Y\n\u003e Do you want to add some random numbers at the end of words? Y/[N]:Y\n\u003e Leet mode? (i.e. leet = 1337) Y/[N]: Y\n\n[+] Now making a dictionary...\n[+] Sorting list and removing duplicates...\nduration: 0.19226741790771484\n[+] Saving dictionary to chris.txt, counting 34018 words.\n\n```\n\n* Rust:  \n    * 0,000000769s/word\n* Python: \n    * 0,000005652s/word\n\nIt is strange that the Rust version produce more words than the Python version\n    * Need testing !\n\nIt is my first Rust program, so it will be fun to analyse !\n\nProbably due to:\n* Strings in Python are immutable, and one of benefits of this is they can be cloned by reference. This allows an optimization: if one of strings is empty, then there is no concatenation performed, instead reference to another non-empty string is returned. If you change initial string from \"\" to something else like \"_\", then they cannot do this trick anymore and have to do a fair byte-by-byte copy. With this small change python runtime will double and will be about the same as Rust. \n* In Rust this kind of optimizations cannot be implemented in existing push_str because it accepts borrowed string slice and taking reference to it will violate ownership rules. \n\n## TODO\n\n* [ ] Add tests\n* [ ] Optimize code\n* [ ] Add CI/CD\n* [ ] Add more benchmarks\n* [ ] Add more documentation\n* [ ] clippy\n* [ ] automatic web scraping\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felniak%2Fcupp-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Felniak%2Fcupp-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Felniak%2Fcupp-rs/lists"}