Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
-
skipped 1 lines 2 2 # 3 3 # [Program] 4 4 # 5 - # CUPP 3.2.2-alpha 5 + # CUPP 6 6 # Common User Passwords Profiler 7 - # 8 - # 9 7 # 10 8 # [Author] 11 9 # skipped 1 lines 13 11 # j0rgan [at] remote-exploit [dot] org 14 12 # http://www.remote-exploit.org 15 13 # http://www.azuzi.me 16 - # 17 - # 18 14 # 19 15 # [License] 20 16 # skipped 20 lines 41 37 import urllib.request, urllib.parse, urllib.error 42 38 import gzip 43 39 import csv 40 + import argparse 44 41 42 + __author__ = "Muris Kurgas" 43 + __license__ = "GPL" 44 + __version__ = "3.2.3-alpha" 45 45 46 46 # Reading configuration file... 47 47 config = configparser.ConfigParser() skipped 66 lines 114 114 ) 115 115 116 116 117 - if len(sys.argv) < 2 or sys.argv[1] == "-h": 117 + def print_cow(): 118 118 print(" ___________ ") 119 119 print(" \033[07m cupp.py! \033[27m # Common") 120 120 print(" \ # User") skipped 1 lines 122 122 print(" \ \033[1;31m(\033[1;moo\033[1;31m)____\033[1;m # Profiler") 123 123 print(" \033[1;31m(__) )\ \033[1;m ") 124 124 print( 125 - " \033[1;31m ||--|| \033[1;m\033[05m*\033[25m\033[1;m [ Muris Kurgas | [email protected] ]\r\n\r\n" 125 + " \033[1;31m ||--|| \033[1;m\033[05m*\033[25m\033[1;m [ Muris Kurgas | [email protected] ]" 126 126 ) 127 - 128 - print(" [ Options ]\r\n") 129 - print(" -h You are looking at it baby! :)") 130 - print(" For more help take a look in docs/README") 131 - print(" Global configuration file is cupp.cfg\n") 127 + print(28 * " " + "[ Mebus | https://github.com/Mebus/]\r\n") 132 128 133 - print(" -i Interactive questions for user password profiling\r\n") 134 129 135 - print(" -w Use this option to improve existing dictionary,") 136 - print(" or WyD.pl output to make some pwnsauce\r\n") 137 - 138 - print(" -l Download huge wordlists from repository\r\n") 139 - print(" -a Parse default usernames and passwords directly from Alecto DB.") 140 - print(" Project Alecto uses purified databases of Phenoelit and CIRT") 141 - print(" which where merged and enhanced.\r\n") 142 - print(" -v Version of the program\r\n") 143 - exit() 130 + def version(): 131 + """Display version""" 144 132 145 - elif sys.argv[1] == "-v": 146 - print("\r\n \033[1;31m[ cupp.py ] v3.2.2-alpha\033[1;m\r\n") 133 + print("\r\n \033[1;31m[ cupp.py ] " + __version__ + "\033[1;m\r\n") 147 134 print(" * Hacked up by j0rgan - [email protected]") 148 135 print(" * http://www.remote-exploit.org\r\n") 149 136 print(" Take a look ./README.md file for more info about the program\r\n") 150 - exit() 137 + 138 + 139 + def improve_dictionary(file_to_open): 140 + """Implementation of the -w option. Improve a dictionary by 141 + interactively questioning the user.""" 151 142 143 + if not os.path.isfile(file_to_open): 144 + exit("Error: file " + file_to_open + " does not exist.") 152 145 153 - elif sys.argv[1] == "-w": 154 - if len(sys.argv) < 3: 155 - print("\r\n[Usage]: " + sys.argv[0] + " -w [FILENAME]\r\n") 156 - exit() 157 - fajl = open(sys.argv[2], "r") 146 + fajl = open(file_to_open, "r") 158 147 listic = fajl.readlines() 159 148 linije = 0 160 149 for line in listic: skipped 112 lines 273 262 print_to_file(sys.argv[2] + ".cupp.txt", unique_list_finished) 274 263 275 264 fajl.close() 276 - exit() 265 + 277 266 267 + def interactive(): 268 + """Implementation of the -i switch. Interactively question the user and 269 + create a password dictionary file based on the answer.""" 278 270 279 - elif sys.argv[1] == "-i": 280 271 print("\r\n[+] Insert the information about the victim to make a dictionary") 281 272 print("[+] If you don't know all the info, just hit enter when asked! ;)\r\n") 282 273 skipped 393 lines 676 667 unique_list_finished = [x for x in unique_list if len(x) < wcto and len(x) > wcfrom] 677 668 678 669 print_to_file(name + ".txt", unique_list_finished) 679 - exit() 680 670 681 671 682 - elif sys.argv[1] == "-a": 672 + def alectodb_download(): 673 + """Download csv from alectodb and save into local file as a list of 674 + usernames and passwords""" 675 + 683 676 url = config.get("alecto", "alectourl") 684 677 685 678 print("\r\n[+] Checking if alectodb is not present...") skipped 34 lines 720 713 sys.exit() 721 714 722 715 723 - elif sys.argv[1] == "-l": 716 + def download_wordlist(): 717 + """Implementation of -l switch. Download wordlists from ftp repository as 718 + defined in the configuration file.""" 724 719 725 720 ftpname = config.get("downloader", "ftpname") 726 721 ftpurl = config.get("downloader", "ftpurl") skipped 273 lines 1000 995 1001 996 print("[+] files saved to " + dire) 1002 997 ftp.quit() 1003 - exit() 1004 998 1005 999 else: 1006 1000 print("[-] leaving.") 1007 - exit() 1001 + 1002 + 1003 + # the main function 1004 + def main(): 1005 + """Command-line interface to the cupp utility""" 1006 + 1007 + parser = get_parser() 1008 + args = parser.parse_args() 1009 + 1010 + if not args.quiet: 1011 + print_cow() 1012 + 1013 + if args.version: 1014 + version() 1015 + elif args.interactive: 1016 + interactive() 1017 + elif args.download_wordlist: 1018 + download_wordlist() 1019 + elif args.alecto: 1020 + alectodb_download() 1021 + elif args.improve: 1022 + improve_dictionary(args.improve) 1023 + else: 1024 + parser.print_help() 1008 1025 1009 1026 1010 - else: 1011 - print("\r\n[Usage]: " + sys.argv[0] + " [OPTIONS] \r\n") 1012 - print("[Help]: " + sys.argv[0] + " -h\r\n") 1013 - exit() 1027 + # Separate into a function for testing purposes 1028 + def get_parser(): 1029 + """Create and return a parser (argparse.ArgumentParser instance) for main() 1030 + to use""" 1031 + parser = argparse.ArgumentParser(description="Common User Passwords Profiler") 1032 + group = parser.add_mutually_exclusive_group(required=False) 1033 + group.add_argument( 1034 + "-i", 1035 + "--interactive", 1036 + action="store_true", 1037 + help="Interactive questions for user password profiling", 1038 + ) 1039 + group.add_argument( 1040 + "-w", 1041 + dest="improve", 1042 + metavar="FILENAME", 1043 + help="Use this option to improve existing dictionary," 1044 + " or WyD.pl output to make some pwnsauce", 1045 + ) 1046 + group.add_argument( 1047 + "-l", 1048 + dest="download_wordlist", 1049 + action="store_true", 1050 + help="Download huge wordlists from repository", 1051 + ) 1052 + group.add_argument( 1053 + "-a", 1054 + dest="alecto", 1055 + action="store_true", 1056 + help="Parse default usernames and passwords directly" 1057 + " from Alecto DB. Project Alecto uses purified" 1058 + " databases of Phenoelit and CIRT which were merged" 1059 + " and enhanced", 1060 + ) 1061 + group.add_argument( 1062 + "-v", "--version", action="store_true", help="Show the version of this program." 1063 + ) 1064 + parser.add_argument( 1065 + "-q", "--quiet", action="store_true", help="Quiet mode (don't print banner)" 1066 + ) 1067 + 1068 + return parser 1069 + 1070 + 1071 + if __name__ == "__main__": 1072 + main() 1014 1073