Mask Attack — Comprehensive Operation

Project reference document Time2Crack
Recipients: developers, security researchers, advanced users

Contents

  • Overview
  • Historical and academic background
  • Conceptual Foundations: Why Masks Work
  • Architecture of a modern mask attack
  • Mask Syntax (Hashcat/JtR)
  • Keyspace reduction: mathematical principle
  • Implementation in Time2Crack: addMaskAttacks()
  • Date detection and structural reduction
  • High fidelity calibration
  • Benchmarks and orders of magnitude
  • Concrete examples of mask cracking
  • Comparison with brute force, hybrid and PCFG
  • Limitations of mask attack
  • Effective defences
  • References

    • 1. Overview

    Mask attack consists of testing passwords that follow a precise positional shape instead of all possible combinations.

    Example: instead of testing all space 8 characters out of 95 symbols (95^8), the attacker targets a probable motive such as:

  • 5 tiny,
  • 2 digits.

    • Either the Hashcat mask ?u?l?l?l?l?l?d?d.

    The central idea: human passwords are not random. They are often structured (Thomas42, Marine2024, Bonjour!1The mask exploits precisely this regularity.

    2. Historical and academic background

    2.1 Origins

    The logic of masks is old: from the first cracking tools, operators observed that password policies produce repetitive formats.

    Industrialization comes with:

  • John the Ripper (incremental modes and patterns),
  • Hashcat (super-optimized GPU mask modes),
  • massive leaks (RockYou, LinkedIn, Adobe), which have identified the most frequent structures.

    • 2.2 Empirical validation

    The offensive/defensive literature converges: a very large fraction of real passwords follow simple patterns (word + digits, capital initial + word + year, etc.).

    Wheeler (USENIX 2016), and the probabilistic works (Markov/PCFG/OMEN), show that the structure is as decisive as the gross length.

    3. Conceptual Foundations: Why Masks Work

    3.1 Humans generate structures, not by chance

    Most users build memory secrets:

  • known word,
  • variation of breakage,
  • digital suffix,
  • optional final symbol.

    • This strategy is predictable and highly compressible in masks.

    3.2 Complexity policies enhance predictability

    A rule of the type "1 capital, 1 digit, 1 symbol" does not impose randomity; it often pushes towards stable patterns:

  • Mot123!
  • Prénom2024
  • Ville75#

    • The mask is the ideal tool to browse these diagrams at a very low cost.

    3.3 Reduction of the effective keyspace

    For a password of length 8 :

  • Total force gross (95^8) 6.63e15 candidates,
  • mask ?u?l?l?l?l?d?d = 26 26^4 10^2 = 1.19e9 candidates.

    • The reduction is several million times, while covering a common human pattern.

    4. Architecture of a Modern Mask Attack

    Pipeline type:

    1) Profilage de la cible / du corpus
   -> structures fréquentes (L8D2, L6D4, U1L5D2, etc.)

    2) Generation of candidate masks
-> ordered by probability
    

    3) GPU execution (Hashcat -a 3)
-> high speed parallel tests
    

    4) Adaptive adjustment
-> we keep the masks high, we spread the weak

    Success depends less on the gross amount of masks than on their prioritization.

    5. Mask Syntax (Hashcat/JtR)

    5.1 Basic classes

  • ?l : tiny (a-z)
  • ?u : capitals (A-Z)
  • ?d : number (0-9)
  • ?s : printable symbol
  • ?a : standard mixed alphabet (often ?l?u?d?s)

    • 5.2 Examples

  • ?u?l?l?l?l?d?d -> Thomas42
  • ?l?l?l?l?l?l?d?d?d?d -> summer2024
  • ?u?l?l?l?l?l?l?s?d -> Marine!7

    • 5.3. Custom masks

    Hashcat allows custom character sets (-1, -2, etc.), for example:

  • -1 ?l?uéèàç for Latin languages,
  • -2 0123456789!@# for probable suffixes,
  • then combined mask ?1?1?1?1?2?2.

    • 6. Keyspace reduction: mathematical principle

    Or a mask of length n with positional cardinalities c1, c2, ..., cn.

    The masked keyspace is:

    Kmask = Π(i)

    Time (budget model):

    T = Kmask / rate

    In a naive, unmasked model:

    Kfull = cs^n

    The mask gain is:

    Gain = Kfull / K_mask

    The stronger the positional constraints (e.g., digits at the end, capital in the head), the greater the gain.

    7. Implementation in Time2Crack: addMaskAttacks()

    Time2Crack implements mask logic in app.js :

  • function: addMaskAttacks(rows, full, len, cs, kbPat, seq, weak, dt, pw)
  • Category: cat: "mask"
  • display: aMask / note nMaskPositional, nKBDetected, nSeqDetected, nDateDetected

    • 7.1. Calculation of the masked keyspace

    The code counts the actual occurrences of each character type in the password:

  • capital letters,
  • tiny,
  • numbers,
  • symbols.

    • Then built:

    maskKS = 26^U 26 10^D 33^S (approximation via internal constants)

    This models an attacker knowing the structure by type, not just the total length.

    7.2 Special cases

  • weak : estimate via weakGuessTime(a.rate) (minimum flow-dependent range),
  • dt (date detected): reduction via detectDateAndReduce(),
  • otherwise: standard positional keyspace.

    • The time is then estimated by budgetTime(effectiveMaskGuesses, a.rate) (with mask rank factor and Unicode/date processing).

    8. Date detection and structural reduction

    Time2Crack includes a specific date processing (hasDate, detectDateAndReduce) :

  • year detection 1600-2099,
  • detection of date patterns (DD/MM/YYYY, separator variants),
  • replacement of a huge space (10^dateChars) by a plausible set (~200 années or ~36500 dates).

    • Consequence: a type password Mot2024! This is consistent with offensive practice.

    9. High fidelity calibration

    When the high fidelity mode is active, the mask category receives an additional multiplier in applyHighFidelityCalibration() :

  • if keyboard pattern / sequence / date: additional reduction factor,
  • Otherwise: conservative estimate.

    • Intuition: These signals increase the probability of an early ranking in the line of masks tested.

    10. Benchmarks and orders of magnitude

    Orders of magnitude (profile 12x RTX 4090):

    AlgorithmApprox flow rateTime for 1st 9 candidates ------:---: MD5~2.03 TH/s~0.0005 s SHA-1~610 GH/s~0.0016 s SHA-256~272 GH/s~0.0037 s NTLM~3.46 TH/s~0.0003 s bcrypt (cost 10)~69 kH/s~4.0 h Argon2id~800 H/s~14.5 days

    Reading:

  • on hash fast, the mask is overwhelming,
  • on slow hash, it remains very dangerous on frequent patterns but the cost becomes concrete.

    • 11. Concrete examples of mask cracking

    11.1 Thomas42

  • relevant mask: ?u?l?l?l?l?l?d?d
  • Keyspace: 26 26^4 10^2 (order of magnitude ~1e9)
  • on NTLM/MD5: almost instant.

    • 11.2 summer2024

  • relevant mask: ?l?l?l?l?l?l?d?d?d?d
  • if year detected, sharp reduction (years plausible << 10^4).

    • 11.3 Marine!7

  • relevant mask: ?u?l?l?l?l?l?s?d
  • a very common pattern in corporate policies.

    • 12. Comparison with Crude Force, Hybrid and PCFG

    AttackStrong pointLow point --------- Gross strengthComprehensive coverageexponential cost MaskExcellent efficiency on human structuresSensitive to bad mask choice Hybrid/rulesVery good on words + mutationsDepends on a basic word PCFGCapture global grammarMore costly to train/operate

    In practice, operators often combine mask + rules + probabilistic.

    13. Limitations of Mask Attack

  • Dependence on the right mask : a bad set of masks quickly loses in yield.
  • Low generalisation outside structure : on a really random password, the advantage disappears.
  • Combinatory explosion if masks too wide : ?a Repeated on long length returns close to the brute force.
  • Partial language coverage : Unicode/diacritic alphabets require custom games.

    • 14. Effective defences

    14.1 User side

  • use a password manager,
  • generate long random passwords (>= 16),
  • completely avoid patterns Mot+année, Prénom+chiffres, Majuscule+mot+symbole.

    • 14.2. System side

  • storage with Argon2id (or high cost bcrypt),
  • Systematic MFA,
  • blocking compromised passwords,
  • telemetry of connection and detection of anomalies.

    • 14.3 Policy

  • priority length and compromise control,
  • reduce the rules of purely cosmetic complexity that favour predictable patterns.

    • 15. Bibliographic references

    Academic sources

    Wheeler, D.L. (2016). zxcvbn: Low-Budget Password Strength Estimate. 25th USENIX Security Symposium. Weir, M., Aggarwal, S., de Medeiros, B., & Glodek, B. (2009). Password Tracking Using Probabilistic Context-Free Grammars. IEEE Symposium on Security and Privacy. Dürmuth, M., Angelstorf, F., Horsch, J., et al. (2015). OMEN: Faster Password Guessing Using an Ordered Markov Enumerator. ESSoS. Ur, B., Kelley, P. G., Komanduri, S., et al. (2012). How Does Your Password Measure Up? USENIX Security.

    Industrial and technical sources

    Hashcat Wiki.     Mask attack (-a 3). https://hashcat.net/wiki/ Hashcat (benchmarks). https://hashcat.net/hashcat/ Hive Systems (Password Table). https://www.hivesystems.io/password-table

    Web sources cited in the Time2Crack application

    USENIX Security 2016 (Wheeler). https://www.usenix.org/conference/usenixsecurity16/technical-sessions/presentation/wheeler
    Document generated for Time2Crack Project — Version 1.0 — 2026-04-01 Source code: app.js (functions addMaskAttacks, detectDateAndReduce, hasDate, budgetTime, applyHighFidelityCalibration)*