Naveen Wijesinghe

Posted on Jun 8, 2023

Cracking The Password of a Protected PDF File – For Windows Users

#howto #tutorial #security #cybersecurity

Today we are going to talk about how to decrypt a password-protected PDF file. Most of the time, even if you use alternative ways to decrypt password-protected PDFs, the probability of them being mostly futile is very high.

So today we will see how to do this properly.

First, we need to download 3 very small tools for this. (I have included all the links here)

hashcat
Perl
john the ripper

First, download the hashcat and extract it and add it to a convenient file.

Then the Perl language should be downloaded. Here you need to download the Strawberry Perl related to windows.

Finally, let’s download John the Ripper.

Download the zip file here and extract it. Then add them to a convenient file as before.

This is what it looks like after extracting and adding it to a convenient file for me.

Okay, we are now halfway through this process. And now we have to do the biggest part. So let’s go to that part too.

Now you need to open CMD on your PC. (Open Run as administrator.)

Ok, let’s now access the john the ripper file we downloaded earlier from CMD.

If you have previously downloaded the files in a drive other than the C drive, the first thing you need to do is access those drives.

If you switch to another drive, use the keys like this.

After typing H: and pressing Enter, you will switch to the H drive. (So you can switch to any drive like D, E, F, etc.)

C:\WINDOWS\system32>H:

After moving to the drive where you saved the file, let’s get into the john the ripper file. For that, you must type the name of your john the ripper file correctly in CMD. *Don’t forget to add ” cd ” to the beginning before writing it as such. *

H:\cd john-1.9.0-jumbo-1-win64

Then type ” cd run” as shown in the diagram above.

H:\cd john-1.9.0-jumbo-1-win64>cd run

After doing this correctly, we need to add the protected PDF file that we need. (For your convenience, copy your protected PDF file to the run file in the “john the ripper” file).

Then type the following codes in the CMD as before.

H:\cd john-1.9.0-jumbo-1-win64>\run>perl pdf2john.pl Medical.pdf

What I have typed here as “Medical.pdf” is my Pdf file. Name your file to it. Then after you enter it you will get the hash code of your secret PDF.

If you see the hash code like this, copy this hash code and go to your “hashcat” file and save this code as a txt file. (The things I am putting here have been explained to you through a video. The video is below.)

Ok let’s move on to the last step. Now open a CMD again like last time. (Also run as administrator)

Go to the hashcat file from the newly opened CMD. If you want to change the previous drive, change it and go to the hashcat file.

C:\WINDOWS\system32>H:
H:\>cd hashcat-6.2.6

OK, now let’s find the password in our pdf. The first thing we need to do is connect the hash code we got earlier to this. Now let’s see how to connect it.

Previously, I saved the hash code as a file called pdf.txt. Add the txt file where you saved your hash code to this.

You can find your password by typing this code correctly.

You may face some problem now, What is this nmv.txt?

OK, I’ll explain it in a bit.

Before typing the below text, download a wordlist txt file from Github or another website and save it in the hashcat file. The nmv.txt below is a wordlist I downloaded. I have put the list of words you need below. Download the one you like. (RockYou) Don’t forget to save this wordlist in the same hashcat file.

RockYou wordlist
RockYou2 Wordlist

H:\>cd hashcat-6.2.6>hashcat -m 10500 pdf.txt nmv.txt

As I said before you download a wordlist and replace it where I put it as nmv.txt and then press “Enter”. After some time you will see the password in your PDF.

If you download the wordlist from my link, the name of your wordlist will be rockyou.txt

Finally, you will see the password in the PDF like this. Now you can open the PDF file without fear. Because you found the password.