Combinator Attack — Comprehensive Operation

Project reference document Time2Crack

Recipients: developers, security researchers, advanced users

Contents

1. Overview

The concatenous combinator attack of dictionary entries to produce compound candidates (mot1+mot2, sometimes with variants). It specifically targets short passphrases of common words.

2. Historical and academic background

Wordlists from leaks have shown that much of the short human passphrases rely on common words combined. Combinator engines have become standard bricks of hashcat campaigns.

3. Foundations: concatenation of probable tokens

If A and B are two sets of words, the nominal space is |A| * |B|The gain comes from probabilistic density: frequent human combinations are tested early.

4. Architecture of a modern combinator attack

1) Sélection de listes (mots courants, prénoms, contexte)
2) Tri par fréquence
3) Concaténation ordonnée (A+B, parfois B+A)
4) Ajout optionnel de règles simples
5) Test hash GPU

5. Combinator vs. robust passphrase

Two common concatenated words remain vulnerable.

A robust passphrase combines several rare and uncorrelated words, ideally generated randomly.

6. Implementation in Time2Crack: addCombinatorAttacks()

Activation when:

• looksPassphrase,

Category: cat: "combi", note: nPassphrase or nNotPassphrase.

7. Keyspace combinator in Time2Crack

The model uses COMBI_KEYSPACE and budgetTime(...), with specific branch for certain common cases.

8. Calibration and prioritization

In high fidelity, the combinator category is favoured when the passphrase structure is detected.

9. Benchmarks and orders of magnitude

On hash fast, frequent combinations can be tested very quickly.

On slow KDF, the cost of each attempt slows down the attack but does not remove structural vulnerability.

10. Practical examples

11. Limitations of the Combinator Attack

12. Effective defences

13. References