Quickpost: Cracking PDF Owner Passwords
2022-6-27 08:0:0 Author: blog.didierstevens.com(查看原文) 阅读量:20 收藏

Quickpost: Cracking PDF Owner Passwords

I added code to John the Ripper to crack PDF owner passwords (JtR cracks PDF user passwords only).

Source code can be found here.

Compiled Windows (Cygwin) and Linux (Ubuntu) executables can be found here.

This change introduces a new format: $pdfo$.

There is no tool for the moment to create this format. Just use pdf2john.pl to create a $pdf$ hash, and then change it into a $pdfo$ hash. To crack the owner password, one needs to recover the user password first.

This is the illustrated process:

There will be a PR for this change.

Cracking PDF owner passwords is just an academic exercise (writing this code was also just an exercise), as tools like QPDF can decrypt PDFs encrypted with a PDF owner password only without requiring the cleartext PDF owner password as argument.


Quickpost info


No comments yet.


文章来源: https://blog.didierstevens.com/2022/06/27/quickpost-cracking-pdf-owner-passwords/
如有侵权请联系:admin#unsafe.sh