How To Perform a Combinator Attack Using Hashcat

In this tutorial we will show you how to perform a combinator attack using hashcat.

For demonstration purposes, we will be using the MD5 password hashes from the Battlefield Heroes leak in 2013. The password hashes can be obtained here.

The commands used in this tutorial were run using the Kali Linux operating system by Offensive Security. In other environments the commands may be different however, the procedure will be the same.

What is a Combinator Attack?

A combinator attack works by taking words from one or two wordlists and joining them together to try as a password. For example, if wordlist one contained the following:

fast
slow
big

And wordlist two contained:

car
truck
building

A combinator attack will try the following:

fastcar
fasttruck
fastbuilding
slowcar
slowtruck
slowbuilding
bigcar
bigtruck
bigbuilding

Although you will get combinations that make no sense, such as “slowbuilding” and “fastbuilding”. You will get a lot of joined words which do make sense and could potentially be someone’s password. Also, just because some of the joins don’t make sense, it doesn’t mean you should assume someone wouldn’t choose it as a password.

It’s also important to mention with this attack that the words in wordlist one will not be tried with wordlist two in reverse order. For example, “carfast’, “truckfast” etc.

With a single wordlist, the combinator attack will combine each word with itself and every other in the list.

For example, a combinator attack using a single wordlist such as:

fast
slow
big

Would produce:

fastfast
fastslow
fastbig
slowfast
slowslow
slowbig
bigfast
bigslow
bigbig

Performing A Combinator Attack

As previously mentioned, the hashes can be downloaded from the link provided at the top of the page. To demonstrate the different attacks, the following wordlists will be used:

  • 1,000 most common US English words (available here)
  • 500 worst passwords (available here)

Using The CPU Version of Hashcat

From what we could find, the CPU version of hashcat seems to only work with one dictionary at a time (even if you specify two at the command line). If your hashcat installation uses your CPU for cracking, you will have to make a compromise to perform the attack.

If your version of hashcat utilises your GPU, you can skip to the next section.

For CPU hashcat users, you will have to merge your two wordlists into one file and store it on your disk. Within the hashcat-utils suite there is a tool called combinator that will do this for you.

To merge wordlists with the combinator utility, you can use the following command:

# /usr/share/hashcat-utils/combinator.bin 500-worst-passwords.txt 1-1000.txt > combined_wordlist.txt

Now our file combined_wordlist contains the joined words from 1-1000.txt and 500-worst-passwords.txt.

To make sure the command has worked, you can check the word count of the file like so:

# wc combined_wordlist.txt
 500000  500000 5913000 combined_wordlist.txt

Combinator Attack with Two Wordlists Using a GPU

Using the GPU version of hashcat, you can perform a combinator attack with the following command:

# hashcat –m 0 –a 1 bfield.hash 500-worst-passwords.txt 1-1000.txt
Command Meaning
-m 0 Indicates to hashcat we are cracking MD5 hashes.
-a 1 Combination attack mode.
bfield.hash The hashed MD5 passwords.
500-worst-passwords.txt The 500 worst passwords wordlist.
1-1000.txt The 1000 most common US English words wordlist.

You should see the an output similar to below:

…
41962a071e499f2ce2b129eaf8eafc6e:voodooman
ddc88111e7c6437760bf9c1e7f267b47:musica
075f74ae2b8989ab2c7e3c8c91bcf62a:musicman
5811ce413d7b598d29b5852e16976848:alberta


Session.Name...: hashcat
Status.........: Exhausted
Input.Left.....: File (500-worst-passwords.txt)
Input.Right....: File (1-1000.txt)
Hash.Target....: File (bfield.hash)
Hash.Type......: MD5
Time.Started...: Mon Jul 25 11:57:35 2016 (4 secs)
Speed.Dev.#1...:   116.5 kH/s (0.97ms)
Recovered......: 1167/423623 (0.28%) Digests, 0/1 (0.00%) Salts
Recovered/Time.: CUR:N/A,N/A,N/A AVG:16240.79,974447.44,23386738.00 (Min,Hour,Day)
Progress.......: 500000/500000 (100.00%)
Rejected.......: 0/500000 (0.00%)


Started: Mon Jul 25 11:57:35 2016
Stopped: Mon Jul 25 11:57:42 2016

Combinator Attack with Two Wordlists Using a CPU

Here we’ll run the attack with our merged wordlist, the same output as above should be produced:

# hashcat -m 0 bfield.hash combined_wordlist.txt
Command Meaning
-m 0 Indicates to hashcat we are cracking MD5 hashes.
bfield.hash The hashed MD5 passwords.
combined_wordlist.txt The merged wordlist.

 

The output produced should be similar to:

…
4c4157d546b649d329e7e7e5f041fee2:victoras   
11ebbc4eca59bc42a3ab2b4f8cce3cfd:tuckerboy  
ff24622dc3ebc7cb01d38d9733e3bc45:5150time   
51238ad8f7fef704732c247e7ff64298:bubbadog   
[s]tatus [p]ause [r]esume [b]ypass [q]uit =>


Input.Mode: Dict (combined_wordlist.txt)
Index.....: 1/1 (segment), 500000 (words), 5913000 (bytes)
Recovered.: 1167/548686 hashes, 0/1 salts
Speed/sec.: 746.72k plains, 746.72k words
Progress..: 500000/500000 (100.00%)
Running...: --:--:--:--
Estimated.: --:--:--:--



Started: Mon Jul 25 07:09:43 2016           
Stopped: Mon Jul 25 07:09:44 2016

In this case, we didn’t tell hashcat to perform a combinator attack (-a 1). This is because we had already merged our wordlists beforehand. Instead we used the default “straight mode” which uses our single dictionary of combined words.

Combinator Attack with One Wordlist (CPU or GPU)

To combine each entry in a wordlist with every other, one a time, the following command can be run:

# hashcat –m 0 –a 1 bfield.hash 1-1000.txt

The parameters mean the following:

Command Meaning
-m 0 Indicates to hashcat we are cracking MD5 hashes.
-a 1 Combination attack mode.
bfield.hash The hashed MD5 passwords.
1-1000.txt The 1000 most common US English words wordlist.

 

The output produced should look like:

...
722afaed8390857b289c4b3c34ab2712:eastcoast  
72e584f5f5292dca057d77de1e781730:paintbox   
7529bcfbfbd960846f8e5891872672e2:paintball  
b0710317c620d5d52bd5b4dc3312e825:paintshop  
[s]tatus [p]ause [r]esume [b]ypass [q]uit =>


Input.Mode: Dict (1-1000.txt)
Index.....: 1/1 (segment), 1000 (words), 5840 (bytes)
Recovered.: 3167/548686 hashes, 0/1 salts
Speed/sec.: 906.39k plains, 906 words
Progress..: 1000/1000 (100.00%)
Running...: 00:00:00:01
Estimated.: --:--:--:--




Started: Mon Jul 25 08:02:12 2016           
Stopped: Mon Jul 25 08:02:14 2016

When You May Want to Perform a Combinator Attack

As shown above, running the previous attacks allowed cracking of some passwords that are unlikely to be in a common password dictionary. From our comparison we found the passwords “moongame”, “fulltool” and “doublebrown” as examples of this.

The table below gives some insight into the number of passwords cracked with the combinator using different wordlists. The far right column shows the number of passwords that were cracked only using that wordlist.

Wordlist Total Number of Combinations Passwords Cracked Number of Cracked Passwords Not Found in the Other Lists
1-1000.txt 1,000,000 3167 492
500-worst-passwords.txt 250,000 949 162
combined_list.txt

 

500,000 1167 181
rockyou.txt (normal dictionary run) 14,442,063 119693 116610

From the table you can see that each wordlist was able to crack some passwords that others couldn’t. A normal dictionary attack using the rockyou wordlist was added to the table to show that other attacks will give better results when run first. If there are still password hashes to be cracked after a dictionary, you could then try a combinator attack.

A specific example of where you may use this attack could be if a default password generation procedure is a random phrase of words. Overall though, we believe most situations will call for a different method of cracking, such as mask, or rule-based dictionary attacks.

Summary

In this article we have explained in a step-by-step procedure how to perform a combinator attack using hashcat. Due to limitations in the CPU version of hashcat, we have also provided a workaround that enables CPU version users to run a combinator attack. The commands for the GPU version have also been demonstrated.

To finish, we've tried to highlight the use cases of a combinator attack and show that in some cases it can potentially crack hashes that other methods can't.

 

Author image

William Hurer-Mackay

Will is a Computer Networks Engineering graduate of the University of Northampton who is undertaking 4ARMED's Security Tester internship programme aimed at bringing new recruits into the cyber security sector.

Related Blog Articles