Publication Details
Beyond the Dictionary Attack: Enhancing Password Cracking Efficiency through Machine Learning-Induced Mangling Rules
Password, Rules, John the Ripper, Hashcat, Clustering
In the realm of digital forensics, password recovery is a critical task, with
dictionary attacks remaining one of the oldest yet most effective methods. These
attacks systematically test strings from pre-defined wordlists. To increase the
attack power, developers of cracking tools have introduced password-mangling
rules that apply additional modifications like character swapping, substitution,
or capitalization. Despite several attempts to automate rule creation that have
been proposed over the years, creating a suitable ruleset is still a significant
challenge. The current state-of-the-art research lacks a deeper comparison and
evaluation of the individual methods and their implications. In this paper, we
introduce RuleForge, an ML-based mangling-rule generator that integrates four
clustering techniques, 19 mangling rule commands, and configurable rule-command
priorities. Our contributions include advanced optimizations, such as an extended
rule command set and improved cluster-representative selection. We conduct
extensive experiments on real-world datasets, evaluating clustering methods in
terms of time, memory use, and hit ratios. Our approach, applied to the MDBSCAN
method, achieves up to an 11.67%pt. higher hit ratio than the best yet-known
state-of-the-art solution.
@article{BUT193356,
author="Radek {Hranický} and Lucia {Šírová} and Viktor {Rucký}",
title="Beyond the Dictionary Attack: Enhancing Password Cracking Efficiency through Machine Learning-Induced Mangling Rules",
journal="Forensic Science International: Digital Investigation",
year="2025",
volume="52",
number="1",
pages="1--10",
doi="10.1016/j.fsidi.2025.301865",
issn="2666-2817",
url="https://www.sciencedirect.com/science/article/pii/S2666281725000046"
}