Date: Thu, 2 Jun 2011 14:25:27 -0700 From: Dhiru Kholia <dhiru.kholia@...il.com> To: john-dev@...ts.openwall.com, henning.noren@...il.com Subject: Re: adding PDF password cracking support to JtR [early alpha release] Hi, Here is a new version of the patch (also uploaded to wiki) which applies on top of john-1.7.7-jumbo-5. Thanks magnum for the quick review and porting to jumbo-5 help. Usage Instructions: Apply the patch on top of john-1.7.7-jumbo-5. Run unpdf tool on password protected pdf files. Run john on unpdf's output. Please note that sample password protected pdf files can be downloaded from : http://openwall.info/wiki/john/sample-non-hashes $ ../run/john -test -format=pdf Benchmarking: pdf [32/64]... DONE Many salts: 12424 c/s real, 12424 c/s virtual Only one salt: 19659 c/s real, 19659 c/s virtual This is for a pdf file protected using userpassword and using RC4 128-bit cipher. pdfcrack used to achieve around 35K passwords/sec. I will profile later on to see what is going on. $ ../run/john pdfdump # pdfdump is included in the patch Loaded 4 password hashes with 4 different salts (pdf [32/64]) testpassword (test-5-RC4-128-open-testpassword.pdf) test (test-3-RC4-40-open-test.pdf) testpassword (test-3-RC4-40-open-testpassword.pdf) test (PDF-Example-Password.pdf) TODO: biggest item is adding support for Adobe 7 and later files which use 128-bit AES and 256-bit AES ciphers. This will involve some pdfparser.c hacking. Henning, any tips :-) ? -- Cheers, Dhiru Download attachment "john-1.7.7-jumbo-5-pdf-3.diff.gz" of type "application/x-gzip" (16981 bytes)
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.