Digg Del.icio.us Reddit Facebook Stumble Upon Twitter
 

Combinator Attack

Description

Each word of a dictionary is appended to each word in a dictionary.

Input

If our dictionary contains the words:

pass
12345
omg
Test

Output

Hashcat creates the following password candidates:

passpass
pass12345
passomg
passTest
12345pass
1234512345
12345omg
12345Test
omgpass
omg12345
omgomg
omgTest
Testpass
Test12345
Testomg
TestTest

Combinator Attack Within oclhashcat

Attention: for (cpu) hashcat (hashcat-cli*) see the paragraph below Combinator Attack Within (cpu) hashcat (there are some slight but important differences).

Using the Combinator Attack within oclhashcat (not standalone version of Combinator Attack).

The command for the Combinator Attack in oclhashcat is -a 1

You need to specify exactly 2 dictionaries in you command line: e.g.

./oclHashcat64.bin -m 0 -a 1 hash.txt dict1.txt dict2.txt

If you wish to add rules to either the left or right dictionary or both at once then you can use the -j or -k commands.

  -j,  --rule-left=RULE              Single rule applied to each word on the left dictionary

  -k,  --rule-right=RULE             Single rule applied to each word on the right dictionary

Example.

Dictionary 1

yellow
green
black
blue

Dictionary 2

car
bike

Commands

-j $-

-k $!

The output would be…

yellow-car!
green-car!
black-car!
blue-car!
yellow-bike!
green-bike!
black-bike!
blue-bike!

Combinator Attack Within (cpu) hashcat

Hashcat (or cpu hashcat, hashcat-cli*) does also support the combinator attack mode.
The only (and important) difference between combinator attacks within oclHashcat and hashcat is that cpu hashcat does the combination of the plains given in a single dictionary file (word list), while for oclHashcat you need to specify exactly 2 files.

This implies that one should specify only and exactly 1 (dictionary) file within the command line for hashcat (besides the hash file).

The combinator attack hence will combine each and every word within the single dictionary file.

Example:

hashcat-cli64 -m 0 -a 1 hash.txt dict.txt

Supported by

This attack is currently supported by: