Extract password from a website

This tutorial is 100% for Education Purpose only. Any time the word “Hacking” that is used on this site shall be regarded as Ethical Hacking. Do not attempt to violate the law with anything contained here. If you planned to use the content for illegal purposes, then please leave this site immediately! We will not be responsible for any illegal actions.

https://www.howtogeek.com/thumbcache/2/200/cc3b6af1796e2c51bf6fa25e3e556db4/wp-content/uploads/2019/11/img_5dcdb2cfe6171.png

From the previous article we discussed about how we can perform attacks to a specific website and also some techniques to crack the password.

Cracking Password of a Website from Response Headers ??

Scan WordPress Vulnerability with WPScan

But what if those techniques aren’t working?

So…

In this article, we will learn how to generate list of possibilities password.

There are 2 tools we can use here:

Cewl

CeWL is a ruby app which spiders a given url to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.

CeWL also has an associated command line app, FAB (Files Already Bagged) which uses the same meta data extraction techniques to create author/creator lists from already downloaded.

Source: https://github.com/digininja/CeWL/

Usage Example

Scan to a depth of 2 (-d 2) and use a minimum word length of 5 (-m 5), save the words to a file (-w docswords.txt), targeting the given URL (https://example.com):

Example:

Depth = 2, Min Length of Word = 4, Write in a file ‘result.txt’

Result

Cupp

First, you need to clone the cupp from a repository in GitHub

Mebus/cupp

Quick start

“python3 cupp.py -h”

Options:

Example:

Enter detail information

Result in file

Video tutorial:

Thank you