Have you forgotten a password to a critical PDF document that you
password protected? There could be some hope with a couple of useful
tools for password recovery. One is
hashcat which can be installed with
wajig install hascat. Another I’ve tried out is john the
ripper. Both are open source and
John the ripper is a password recovery app that tries a brute force approach to password recovery through dictionary lookup.
snap install john-the-ripper wget https://github.com/magnumripper/JohnTheRipper/archive/bleeding-jumbo.zip unzip bleeding-jumbo.zip perl john-bleeding-jumbo/run/pdf2john.pl myenc.pdf > myenc.hash john myenc.hash
Breaking this down to each step.
snap install john-the-ripper
For a pdf document the encryption hash needs to be extracted as a
separate step using a perl script called
pdf2john. Obtain the
script from the github zip file and unzip it locally:
wget https://github.com/magnumripper/JohnTheRipper/archive/bleeding-jumbo.zip unzip bleeding-jumbo.zip
You can then run the
pdf2john script to extract the hash:
perl john-bleeding-jumbo/run/pdf2john.pl myenc.pdf > myenc.hash
The hash file looks like this (though I have truncated the very long line of some 230 characters in this instance.
This format can be used directly by jack the ripper but for hashcat the filename and the colon need to be removed.
Running the password recovery program is then a matter of calling
john with the file containing the hash. This will now utilise all
cores on your computer and run time can be 6 hours or more.
Using default input encoding: UTF-8 Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64]) Cost 1 (revision) is 4 for all loaded hashes Will run 8 OpenMP threads Proceeding with single, rules:Single Press 'q' or Ctrl-C to abort, 'h' for help, almost any other key for status Almost done: Processing the remaining buffered candidate passwords, if any. 0g 0:00:00:00 DONE 1/3 (2023-01-22 10:55) 0g/s 152943p/s 152943c/s 152943C/s Enab1900..Pdf1900 Proceeding with wordlist:/snap/john-the-ripper/current/run/password.lst Enabling duplicate candidate password suppressor
You can get a status at any time with s:
0g 0:00:25:37 3.75% 2/3 (ETA: 22:18:58) 0g/s 111340p/s 111340c/s 111340C/s 26316082..rockers1782 Remaining hashes 1 (0 removed) Remaining salts 1 (0 removed) Time in seconds 1537 (1537.00 new) Successful guesses 0 (0 new, 0 g/s) Passwords tested 171130171 (171130171 new, 111340 p/s) dupe suppressor is enabled since accepted candidate 45884 and it accepted 171084544 (90.62%, 111310 p/s) rejected 17710356 (9.38%, 11522 p/s) out of total 188794900 (122833 p/s) Hash computations 171130171 (171130171 new, 111340 c/s) Hash combinations 171130171 (171130171 new, 111340 C/s)
Your donation will support ongoing availability and give you access to the PDF version of this book. Desktop Survival Guides include Data Science, GNU/Linux, and MLHub. Books available on Amazon include Data Mining with Rattle and Essentials of Data Science. Popular open source software includes rattle, wajig, and mlhub. Hosted by Togaware, a pioneer of free and open source software since 1984. Copyright © 1995-2022 Graham.Williams@togaware.com Creative Commons Attribution-ShareAlike 4.0