Site Archive (Complete)
ABOUT US | CONTACT | ADVERTISE | SUBSCRIBE | SOURCE CODE | CURRENT PRINT ISSUE | NEWSLETTERS | RESOURCES | BLOGS | PODCASTS | CAREERS
Security Blog: PDF Password Hack
Security
Blog Home | Department Home | More Blogs |
Blog Home | Department Home | More Blogs |
EYE ON SECURITY

The World of Secure Development.

by Kevin Carlson
LOCK IT UP

... Keys to Better Security

by Neil Rerup
March 15, 2007

PDF Password Hack

ElcomSoft has released an Enterprise version of its Advanced PDF Password Recovery program which makes it easy to remove both password encryption and usage restrictions from Adobe Acrobat PDF files.

APDFPR Enterprise comes with support of all Adobe Acrobat versions (up to 8.0), including those that use AES encryption, and guaranteed recovery of PDF files with 40-bit encryption using state-of-the-art "time-memory trade-off" technology.

APDFPR is a computer forensics tool that could be used by law enforcement, military and intelligence agencies to open secure documents. PDF documents protected with access restriction passwords can be decrypted instantly, allowing full access to the document. For documents with "user" passwords (that could not be opened without that password), the program uses brute-force password attempts at a rate of a few hundred thousand passwords per second.

The code has been optimized for most CPUs such as Pentium II/III, Pentium 4, Intel Core/Core 2 (Duo) and Athlon. More sophisticated methods are available, such as applying all words from a dictionary. ElcomSoft's web site has dictionaries for more than 20 different languages, from English to Swahili.

Even if the above methods fail because the password is too long and complex, the program runs a special key search attack which gives a 100 percent success rate on files with 40-bit encryption (used in all Adobe Acrobat 4 files, and most files from more recent versions). If you have a dual processor system, APDFPR takes advantage of it to double the performance of this software.

On modern systems with Intel Core Duo CPUs, the document can be recovered in maximum 3-4 days, regardless of the password length and complexity. And in APDFPR Enterprise, ElcomSoft has introduced a new "rainbow attack" subsystem -- it is shipped with a DVD that contains special pre-computed hash tables that will allow you to decrypt most (an estimated 99.6 percent) PDF files in just minutes instead of days, even on slow computers.


Posted by Jon Erickson at 07:14 PM  Permalink



 
INFO-LINK


| All Feeds
© 2008 Think Services, Privacy Policy, Terms of Service, United Business Media LLC
Comments about the web site: webmaster@ddj.com
Related Sites: DotNetJunkies, SD Expo, SqlJunkies