Is it even possible to brute force a PDF password in 24 hours? – Digitalmunition

Home Forums Is it even possible to brute force a PDF password in 24 hours?

This topic contains 1 reply, has 2 voices, and was last updated by  always_emo_chic 1 month, 3 weeks ago.

  • Author
  • #334544


    It’s a mix of uppercase, lowercase and numbers in the passwords and they are usually 9 characters long. Just want to know if it is even possible.

  • #334545


    If you have the budget, you can spin up a crazy amount of GPU compute in AWS these days to brute force with. Prolly still a low chance of a brute force working in that time frame.

    Personally I would hammer it with a dictionary attack primed with some leaked password lists. Then I would look for vulnerabilities associated with the version of the PDF spec the document was created with and anything related to the PDF tool that created it. All that metadata should be in the PDF file in plain text. You can find all the vulnerabilities on the NVD.

    Long story short, It could be but you’re still at the mercy of statistics.

  • #334546


    Looks like you’ll need to hash 13 quadrillion times. Putting it to a perspective one bitcoin is found each ~2.7 quadrillion hashes and about 900 bitcoins are mined in a day. So, it’s possible I guess. You’ll probably better off trying one of rainbow tables first though.

  • #334547



You must be logged in to reply to this topic.