Bruteforce password protected PDF

Hello,

in this new post, I just will explain how to bruteforce simple password used to protected a PDF. There are a lot of free tools on Windows or Linux to do that but I chose pdfcrack. I made this demonstration on a Linux Mint 18.1 Serena. To install the tool, simply use standard apt command.

I you have not a protected PDF, you can easily create one using the tool named pdftk. This tool allows you to set a password on a PDF file.

I assume that you have a PDF named demo.pdf. Use this command to set the adm1n password.

The output file is renamed to demoprotected.pdf

Now, to crack it you can simply run the following command:

Password cracking using bruteforce technique is a long and tedious process. Like you know, this tool will try to guess the password with a serie of words which can take a long time, especially since it appears to be a single threaded tool utilizing only one CPU core regardless of you hardware. You can verify this information using htop command. 

To speed up the process, you can set some options. A very useful one is the minimum and maximum password lenght. Indeed, it is very rare for a password to be less than 4 characters. It is therefore not necessary to test all possible passwords from 1 to 3 characters. If you think the maximum size is 8 characters, you can also specify it.

In addition to this, it is possible to define the charset to use. Indeed, if you think that the password only contains lower cases and numbers, you can define it like this:

For this example, the password is 5 characters length and just contains lower cases and a number.

That’s it ! 

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInShare on RedditShare on StumbleUponShare on TumblrPin on PinterestFlattr the authorDigg thisBuffer this pagePrint this page

Leave a Reply

Your email address will not be published. Required fields are marked *