In this article, I am going to talk about cracking passwords set in pdf files with the help of John tool for security reasons. First, lets talk a little about the logic of John tool and how it decrypts files in pdf format;
What is John Tool?
The John tool is actually a 115 MB tool created a collection of many different tools. It has several sub-tools for getting passwords in many platforms (Telegram, PDF etc). Today, we will take action in this topic by using pdf2john.py tool.
What is logic? How does it work?
The logic is quite simple; this tool uses a very large wordlist of its own and it saves you the trouble of creating wordlist. If it doesnt get a result of the scans it does with wordlist, it starts the combinations of letters, numbers and special characters and tries an unlimited combinations. So we understand from here that; cracking the password varies depending on the security of the password and the speed of our system.
(This topic was prepared using the KaliLinux 2020.2 operating system.)
So lets begin.
1- Lets open a new command line and switch to desktop.
2 - 2- First, lets update our warehouse directory, so it will be easier to access the most up-to-date tools and it will be prevented from getting error when using the tools. Lets update our warehouse directory immediately.
3- Lets install the necessary package for our tool to work.
apt install libssl-dev
4 - 4- Lets start downloading our John tool via GitHub.
5- When the download is complete, our tool will be installed on the desktop. First, lets switch to the directory of our tool.
6 - 6- Lets get access to the run directory that we are going to process inside our John tool.
7 - 7- This is our most important step; with our perl command, we will give our tool work command through perl. After the perl command, first we write the path of the .pdf file that we want to crack the password then we leave space and after typing > (without quotation marks) we leave another space again and after writing the name of the cracked password in which format (I recommend using .txt) and where to register, we run our tool.
8 - 8- When the operation is complete, the directory that we specify is the one with the name that we specify .txt file will be created. (As I mentioned at the beginning of the issue, the duration of the process varies depending on the security of the password and the performance of your system.) But when accessing the generated .txt file, we will receive a hash. Lets solve this again with our John tool.
9 - 9- The directory where John is installed is the desktop, so lets switch back to the desktop.
10- Lets start our John tool again and lets make our tool access to the file in .txt format where the password was previously saved. After waiting for a while, the tool will reflect the decoded version of hash. The password was found as 123456, as seen in our example.
I hope it has been a useful topic; I wish you all peace, healthy and happy days.