Is it even possible to brute force a PDF password in 24 hours? – Digitalmunition




Home Forums Is it even possible to brute force a PDF password in 24 hours?

This topic contains 1 reply, has 2 voices, and was last updated by  always_emo_chic 1 month, 3 weeks ago.

  • Author
    Posts
  • #334544

    anonymous
    Participant

    It’s a mix of uppercase, lowercase and numbers in the passwords and they are usually 9 characters long. Just want to know if it is even possible.

  • #334545

    always_emo_chic

    If you have the budget, you can spin up a crazy amount of GPU compute in AWS these days to brute force with. Prolly still a low chance of a brute force working in that time frame.

    Personally I would hammer it with a dictionary attack primed with some leaked password lists. Then I would look for vulnerabilities associated with the version of the PDF spec the document was created with and anything related to the PDF tool that created it. All that metadata should be in the PDF file in plain text. You can find all the vulnerabilities on the NVD.

    Long story short, It could be but you’re still at the mercy of statistics.

  • #334546

    qria

    Looks like you’ll need to hash 13 quadrillion times. Putting it to a perspective one bitcoin is found each ~2.7 quadrillion hashes and about 900 bitcoins are mined in a day. So, it’s possible I guess. You’ll probably better off trying one of rainbow tables first though.

  • #334547

    Robman_rob

    Yes

You must be logged in to reply to this topic.