Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Aug 2012 11:59:10 +0530
From: Dhiru Kholia <dhiru.kholia@...il.com>
To: john-dev@...ts.openwall.com
Subject: Cracking PDF files with JtR!

Hi,

I have added a new "npdf" format which handles all versions of
password protected PDF files (unlike the existing pdf format). It is
faster than the exsiting pdf format :-)

1. Get npdf2john (from https://github.com/halfgenius/npdf2john) and
run it on PDF file(s).

I don't know any Perl and I require help in integrating npdf2john with
JtR. Perl hackers, please take a look at the repository!

2. Run john on output of npdf2john

$ ../run/john -fo:npdf -t
Benchmarking: PDF MD5 SHA-2 RC4 / AES [32/64]... (3xOMP) DONE
Many salts:	51264 c/s real, 28013 c/s virtual
Only one salt:	51897 c/s real, 28180 c/s virtual

This new format even handles latest encryption algorithm found in
Adobe Acrobat X. Even Passware doesn't support cracking such files!
This format will / should eventually replace the existing pdf format.
My plug-in uses code from Sumatra PDF and MuPDF which are under GPL.

magnum,

Can this be a plug-in (as it is now) safely?

Jim,

I was forced to use OpenSSL's sha instead of your sha2.* because the
latter doesn't have SHA-384 implementation.

-- 
Cheers,
Dhiru

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ