Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sat, 4 Aug 2012 11:59:10 +0530
From: Dhiru Kholia <>
Subject: Cracking PDF files with JtR!


I have added a new "npdf" format which handles all versions of
password protected PDF files (unlike the existing pdf format). It is
faster than the exsiting pdf format :-)

1. Get npdf2john (from and
run it on PDF file(s).

I don't know any Perl and I require help in integrating npdf2john with
JtR. Perl hackers, please take a look at the repository!

2. Run john on output of npdf2john

$ ../run/john -fo:npdf -t
Benchmarking: PDF MD5 SHA-2 RC4 / AES [32/64]... (3xOMP) DONE
Many salts:	51264 c/s real, 28013 c/s virtual
Only one salt:	51897 c/s real, 28180 c/s virtual

This new format even handles latest encryption algorithm found in
Adobe Acrobat X. Even Passware doesn't support cracking such files!
This format will / should eventually replace the existing pdf format.
My plug-in uses code from Sumatra PDF and MuPDF which are under GPL.


Can this be a plug-in (as it is now) safely?


I was forced to use OpenSSL's sha instead of your sha2.* because the
latter doesn't have SHA-384 implementation.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ