PDFcrack
PDFcrack
0.改訂履歴
1.はじめに
このドキュメントでは, PDFcrackツールをコンパイルし,暗号化したPDFの暗号を解読するまでの手順を説明する. 解析するパスワードは,アスキーで4文字,6文字,8文字,10文字としている.
なお,使用しているOSは,MacOS X 10.4.11で,MacPro(DualCore Xeon 2.66MHz)で稼働している.
2.インストール
- 以下の公式サイトからモジュールを入手する.
- ダウンロードしたモジュールを展開して,中身を確認する.
macbook3:/Users/shinnai/Documents/Downloads root# ls -la pdfcrack-0.9.tar.gz
-rw-r--r-- 1 shinnai shinnai 28463 Oct 24 04:36 pdfcrack-0.9.tar.gz
macbook3:/Users/shinnai/Documents/Downloads root# tar xfz pdfcrack-0.9.tar.gz
macbook3:/Users/shinnai/Documents/Downloads root# cd pdfcrack-0.9
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root# ls -la
total 304
drwxr-xr-x 23 500 500 782 Oct 27 2006 .
drwxr-xr-x 42 shinnai shinnai 1428 Dec 14 16:30 ..
-rw-r--r-- 1 500 500 17991 Oct 27 2006 COPYING
-rw-r--r-- 1 500 500 481 Oct 27 2006 Makefile
-rw-r--r-- 1 500 500 1912 Oct 27 2006 README
-rw-r--r-- 1 500 500 1093 Oct 27 2006 TODO
-rw-r--r-- 1 500 500 8093 Oct 27 2006 benchmark.c
-rw-r--r-- 1 500 500 869 Oct 27 2006 benchmark.h
-rw-r--r-- 1 500 500 2435 Oct 24 02:23 changelog
-rw-r--r-- 1 500 500 2071 Oct 27 2006 common.c
-rw-r--r-- 1 500 500 1755 Oct 27 2006 common.h
-rw-r--r-- 1 500 500 8810 Mar 12 2007 main.c
-rw-r--r-- 1 500 500 11460 Oct 27 2006 md5.c
-rw-r--r-- 1 500 500 952 Oct 24 02:38 md5.h
-rw-r--r-- 1 500 500 5861 Oct 24 02:39 passwords.c
-rw-r--r-- 1 500 500 1197 Oct 27 2006 passwords.h
-rw-r--r-- 1 500 500 17950 Oct 24 02:42 pdfcrack.c
-rw-r--r-- 1 500 500 1487 Oct 27 2006 pdfcrack.h
-rw-r--r-- 1 500 500 11008 Oct 27 2006 pdfparser.c
-rw-r--r-- 1 500 500 1238 Oct 27 2006 pdfparser.h
-rw-r--r-- 1 500 500 2073 Oct 27 2006 pdfreader.c
-rw-r--r-- 1 500 500 5951 Oct 24 02:48 rc4.c
-rw-r--r-- 1 500 500 1102 Oct 27 2006 rc4.h
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root#
|
- configureではなくmakeだけ用意されているので,makeする.
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root# make
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o main.o main.c
main.c: In function 'main':
main.c:305: warning: passing argument 3 of 'initPDFCrack' with different width
due to prototype
main.c:305: warning: passing argument 10 of 'initPDFCrack' with different width
due to prototype
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o rc4.o rc4.c
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o md5.o md5.c
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o pdfcrack.o pdfcrack.c
pdfcrack.c: In function 'do_permutate':
pdfcrack.c:175: warning: passing argument 1 of 'isolat1ToUpper' with different
width due to prototype
pdfcrack.c: In function 'initPDFCrack':
pdfcrack.c:518: warning: passing argument 2 of 'initEncKeyWorkSpace' with
different width due to prototype
pdfcrack.c: In function 'loadState':
pdfcrack.c:618: warning: format '%zu' expects type 'size_t *', but argument 3
has type 'int *'
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o pdfparser.o pdfparser.c
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o passwords.o passwords.c
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o common.o common.c
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -c -o benchmark.o benchmark.c
benchmark.c: In function 'pdf_128b_bench':
benchmark.c:204: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:204: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
benchmark.c:211: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:211: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
benchmark.c:219: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:219: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
benchmark.c: In function 'pdf_40b_bench':
benchmark.c:251: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:251: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
benchmark.c:259: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:259: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
benchmark.c:266: warning: passing argument 3 of 'initPDFCrack' with different
width due to prototype
benchmark.c:266: warning: passing argument 10 of 'initPDFCrack' with different
width due to prototype
gcc -Wall -Wshadow -Wwrite-strings -Wsign-compare -Wfloat-equal -Wconversion -
Wmissing-noreturn -Wbad-function-cast -Wmissing-prototypes -Winline -Wredundant-
decls -O3 -o pdfcrack main.o rc4.o md5.o pdfcrack.o pdfparser.o passwords.o
common.o benchmark.o
strip pdfcrack
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root#
|
- 特に問題なくコンパイル終了.
- 作成されたアプリケーションを確認する.
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root# ls -la pdfcrack
-rwxr-xr-x 1 root 500 46816 Dec 14 16:32 pdfcrack
macbook3:/Users/shinnai/Documents/Downloads/pdfcrack-0.9 root#
|
gacky:~/Documents shinnai$ cat macPro.txt
Results 206.00
System Info
Xbench Version 1.3
System Version 10.4.11 (8S2167)
Physical RAM 9216 MB
Model MacPro1,1
Drive Type WDC WD5000AAKS-41TMA0
CPU Test 138.48
GCD Loop 314.59 16.58 Mops/sec
Floating Point Basic 152.33 3.62 Gflop/sec
vecLib FFT 111.19 3.67 Gflop/sec
Floating Point Library 98.53 17.16 Mops/sec
Thread Test 528.40
Computation 489.03 9.91 Mops/sec, 4 threads
Lock Contention 574.66 24.72 Mlocks/sec, 4 threads
Memory Test 139.81
System 138.19
Allocate 135.79 498.68 Kalloc/sec
Fill 145.17 7058.34 MB/sec
Copy 134.11 2769.92 MB/sec
Stream 141.48
Copy 139.89 2889.39 MB/sec
Scale 138.88 2869.19 MB/sec
Add 145.17 3092.38 MB/sec
Triad 142.14 3040.68 MB/sec
Quartz Graphics Test 187.34
Line 150.03 9.99 Klines/sec [50% alpha]
Rectangle 195.27 58.30 Krects/sec [50% alpha]
Circle 186.77 15.22 Kcircles/sec [50% alpha]
Bezier 174.29 4.40 Kbeziers/sec [50% alpha]
Text 262.40 16.41 Kchars/sec
OpenGL Graphics Test 195.07
Spinning Squares 195.07 247.45 frames/sec
User Interface Test 417.44
Elements 417.44 1.92 Krefresh/sec
gacky:~/Documents shinnai$
|
- Xbenchで206.00というスコアを付けている.
3.パスワード解読の実行
- 解析を実行するには,pdfcrackコマンドの後ろに対象ファイル名を指定すれば良い.
- 4文字のパスワードをつけたPDFを分析してみる.
gacky:~/Documents shinnai$ ./pdfcrack protect4.pdf
PDF version 1.3
Security Handler: Standard
V: 1
R: 2
P: -4
Length: 40
Encrypted Metadata: True
FileID: 3bc70c8bc9eb0706e601f57ed8b4a454
U: 88b29ad6f366e2d672b6e1911288b14fdd7843174ccac76ca21141f6c3f41467
O: 551755f795bdee747370c194da4b8d07309255f7f284c0583da91c2fe6da4774
found user-password: 'qwer'
gacky:~/Documents shinnai$
|
gacky:~/Documents shinnai$ date;time ./pdfcrack protect4.pdf;date
Sat Dec 15 18:16:49 JST 2007
PDF version 1.3
Security Handler: Standard
V: 1
R: 2
P: -4
Length: 40
Encrypted Metadata: True
FileID: 3bc70c8bc9eb0706e601f57ed8b4a454
U: 88b29ad6f366e2d672b6e1911288b14fdd7843174ccac76ca21141f6c3f41467
O: 551755f795bdee747370c194da4b8d07309255f7f284c0583da91c2fe6da4774
found user-password: 'qwer'
real 0m6.305s
user 0m6.285s
sys 0m0.004s
Sat Dec 15 18:16:56 JST 2007
gacky:~/Documents shinnai$
|
- 7秒で完了.4文字だと一瞬でパスワードが解読できた.
- 次に,6文字のパスワードとしてみる.
gacky:~/Documents shinnai$ date;time ./pdfcrack protect.pdf;date
Sat Dec 15 18:20:17 JST 2007
PDF version 1.3
Security Handler: Standard
V: 1
R: 2
P: -4
Length: 40
Encrypted Metadata: True
FileID: 49f8975fd8abf140fc92e45716c23a05
U: c930ee1d414aa747625103ac6d964677ecaeebb4d8e12d5c28e383abe551f55e
O: 0f98f1d06ff6e406a3cedabee48d955b29c83793e6cc1f58f586d4ef34a16383
Average Speed: 686556.4 w/s. Current Word: 'ZeL4'
Average Speed: 660080.8 w/s. Current Word: 'iA9Xa'
Average Speed: 682369.9 w/s. Current Word: 'DTpTb'
〜略〜
Average Speed: 681141.8 w/s. Current Word: '22fu7g'
Average Speed: 681062.9 w/s. Current Word: 'Lypp8g'
Average Speed: 680912.7 w/s. Current Word: '1hyk9g'
Average Speed: 680773.7 w/s. Current Word: 'riGfah'
Average Speed: 680735.1 w/s. Current Word: 'p6Nabh'
Average Speed: 680881.3 w/s. Current Word: 'yFW5bh'
Average Speed: 681041.2 w/s. Current Word: 'f450ch'
Average Speed: 681051.4 w/s. Current Word: 'fwfWdh'
Average Speed: 681094.9 w/s. Current Word: 'hcpReh'
Average Speed: 681076.4 w/s. Current Word: 'lMyMfh'
found user-password: 'asdfgh'
Sat Dec 15 21:21:47 JST 2007
gacky:~/Documents shinnai$
|