﷽
My friend just ask me how to crack her own PDF payslip file, the PDF file is protected with 4 digits numerical password, so here is the manual using the famous John The Ripper bruteforce method :
1. Locate John library.
$ locate john
...
/usr/share/john/1password2john.py
/usr/share/john/7z2john.pl
/usr/share/john/DPAPImk2john.py
/usr/share/john/__pycache__
...
$ cd /usr/share/john
2. Convert PDF file to John hash file.
$ /usr/share/john/pdf2john.pl 23000271.PDF > 23000271.hash
3. Start bruteforcing the 4 digit numerical password.
$ john --mask=?1?1?1?1 -1=[0-9] 23000271.hash
Using default input encoding: UTF-8
Loaded 1 password hash (PDF [MD5 SHA2 RC4/AES 32/64])
Cost 1 (revision) is 3 for all loaded hashes
Will run 8 OpenMP threads
Press 'q' or Ctrl-C to abort, almost any other key for status
9111 (/home/spikecursed/23000271.PDF)
1g 0:00:00:00 DONE (2023-03-24 11:15) 50.00g/s 140800p/s 140800c/s 140800C/s 0652..5182
Use the "--show --format=PDF" options to display all of the cracked passwords reliably
Session completed.
4. It's only take a blink of second to crack, what lesson we learn ? always use strong password combination, thats all.
Baarakallahu fiikum.