After cracking the “easy” PDF of John’s challenge, I’m cracking the “tough” PDF (harder_encryption).
Using the same steps as for the “easy” PDF, I confirm the PDF is encrypted with a user password using 40-bit encryption, and I extract the hash.
Since the password is a long random password, a brute-force attack on the password like I did in the first part will take too long. That’s why I’m going to perform a brute-force attack on the key: using 40-bit encryption means that the key is just 5 bytes long, and that will take about 2 hours on my machine. The key is derived from the password.
I’m using hashcat again, but this time with hash mode 10410 in stead of 10400.
This is the command I’m using:
hashcat-4.0.0\hashcat64.exe --potfile-path=harder_encryption.pot -m 10410 -a 3 -w 3 "harder_encryption - CONFIDENTIAL.hash" ?b?b?b?b?b
I’m using the following options:
- –potfile-path=harder_encryption.pot : I prefer using a dedicated pot file, but this is optional
- -m 10410 : this hash mode is suitable to crack the key used for 40-bit PDF encryption
- -a 3 : I perform a brute force attack (since it’s a key, not a password)
- -w 3 : I’m using a workload profile that is supposed to speed up cracking on my machine
- ?b?b?b?b?b : I’m providing a mask for 5 bytes (I want to brute-force keys that are 40 bits long, i.e. 5 bytes)
And here is the result:
The recovered key is 27ce78c81a. I was lucky, it took about 15 minutes to recover this key (again, using GPU GeForce GTX 980M, 2048/8192 MB allocatable, 12MCU). Checking the complete keyspace whould take a bit more than 2 hours.
Now, how can we decrypt a PDF with the key (in stead of the password)? I’ll explain that in the next blog post.
Want a hint? Take a look at my Tweet!
Update: this is the complete blog post series:
-
- Cracking Encrypted PDFs – Part 1: cracking the password of a PDF and decrypting it
- Cracking Encrypted PDFs – Part 2: cracking the encryption key of a PDF (what you are reading now)
- Cracking Encrypted PDFs – Part 3: decrypting a PDF with its encryption key
- Cracking Encrypted PDFs – Conclusion: don’t use 40-bit keys
Didier Stevens 
[…] performed a brute-force attack on the password of an encrypted PDF and a brute-force attack on the key of (another) encrypted PDF, both PDFs are part of a challenge published by John […]
Pingback by Cracking Encrypted PDFs – Part 3 | Didier Stevens — Thursday 28 December 2017 @ 0:01
[…] Cracking Encrypted PDFs – Part 2: cracking the encryption key of a PDF […]
Pingback by Cracking Encrypted PDFs – Part 1 | Didier Stevens — Thursday 28 December 2017 @ 9:34
[…] is no longer the case: in this series of blog posts, I show how to recover the password, how to recover the key and how to decrypt with the key, all with free, open source […]
Pingback by Cracking Encrypted PDFs – Conclusion | Didier Stevens — Friday 29 December 2017 @ 0:00
[…] Cracking Encrypted PDFs – Part 2 […]
Pingback by Week 52 – 2017 – This Week In 4n6 — Sunday 31 December 2017 @ 0:16
[…] Cracking Encrypted PDFs – Part 2 […]
Pingback by Overview of Content Published In December | Didier Stevens — Tuesday 2 January 2018 @ 0:01