How to crack PDF with Brute Force using John Ripper on Kali Linux?

John Ripper is a fast password cracker currently available for many variants of Unix, macOS, Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. In addition to the hash type of several crypt passwords most commonly found in various Unix codes, Kerberos / AFS and Windows LM hashes, as well as DES-based tripcodes and hundreds of additional hash and encryption versions in -jumbo.

In this article, we will now see how to crack and obtain a PDF password by attacking Brute Force with John The Ripper.

We will open Kali Terminal and extract the JohnTheRipper ("bleeding-jumbo" 1.8.0-Jumbo-1 based) source code from the repository in Github with the following command.

This creates a directory named JohnTheRipper in the current directory. Switch to JohnTheRipper’s src directory with the following command:

We download the necessary packages with the following command.

Now we install libssl:

After the package has been copied, we continue to enter the source directory containing the JohnTheRipper source code:

We continue compiling in this directory with the following command:

This version of Jumbo has Autoconf, which supports the very common chain that allows us to compile resources on a Unix-like system. When the compilation is finished, we move to the working directory inside the JohnTheRipper directory:

If we want to see all the packages downloaded and welcome, we can use the code below.

In this series, we can see all packages of JohnTheRipper.

 JohnTheRipper
JohnTheRipper

Now that we have the necessary tools, we can start the Brute Force attack.

Now we need to create the hash file of the PDF using the pdf2john.pl tool. This tool allows us to get the hash of the file with this Perl script, which can be extracted to a new file with the following command:

This command creates a file in the .hash defined directory. The file we will use to work with the JohnTheRipper tool is:

cembarut_com_tr.hash Contains text such as the file:

Now we have the .hash file, we need to prepare our Password List before we can make Brute Force using the john CLI tool.

For this, we will use the Crunch program in Kali

Here we have created numbers of 0-8 digits.

Crunch
Crunch

You can access it from Password Attacks> Crunch section.

pass.ls
pass.ls

You can find detailed information on this page to generate 0 8 = 8 digit numbers.

password_list
password_list

The password list is generated, but this may take some time.

Now that we have the .hash file of the PDF containing the password we want to unlock, we need to migrate the file independently to JohnTheRipper’s (in the run directory) CLI tool.

hash file
hash file

This uses UTF-8 as the default input encoding and starts guessing the password of the PDF file using the password list we created. Displays the password and path of the protected PDF, if found:

I hope it was a useful article.