Key search

If the PDF file has both user and owner passwords and they are long and complex, you have nothing to do but try this attack. It tries all possible RC4 encryption keys until it finds the right one, and allows to decrypt the file using that key – the resulting PDF file will have no security at all. That method gives 100% success.

In PDF 1.2/1.3 files (Acrobat 4.x or older), the key length in 40 bits, and so the total number of keys is 2^40, or 1,099,511,627,776. All key space is divided into 65,536 blocks, with 16,777,216 in a block; the whole recovery process takes about 30 days on old and slow PIII-450 computer, and just 3-5 days on modern Intel Core 2 Duo processors.

You have to select the block to start from (Start from block input box) and ending block (End at block box); both values could be from 0 to 65536. During the attack, the program shows the number of the current block, time elapsed, average speed (in keys per second), number of keys already processed and the total number of keys. When the key is found, the program shows it and ask you to decrypt the file; if you already know the key, just put it into the Document key input box and press Decrypt button at the right.

With the Enterprise version of APDFPR, you can seriously speed-up this attack by enabling Use pre-computed hash tables option; press Select user hashes directory button at the right and browse for the folder where the tables are located. This folder should contain the following folders/files (Thunder tablestm):

0\t00_l17000.data

0\t00_l17000.index

1\t01_l17000.data

1\t01_l17000.index

2\t02_l17000.data

2\t02_l17000.index

3\t03_l17000.data

3\t03_l17000.index

4\t04_l17000.data

4\t04_l17000.index

5\t05_l17000.data

5\t05_l17000.index

missing.bin

It is NOT recommended to use the tables directly from DVD (shipped with Enterprise version) because of very slow DVD drive performance. You can copy the DVD contents to the hard drive, or even better, to USB flash drive. USB flash drives have relatively low performance when reading files, but much better (than hard drive) random seek time, while this parameter is the most important for this attack.

With hash tables on hard drive, this attack takes from 10 to 30 minutes to complete; on USB flash drives – from just a few seconds and up to 10-15 minutes (worst case). Tthis option also provides guaranteed recovery.

Finally, please note that Adobe Acrobat 5.0 and later (including the latest version, 8.0) can create PDF files with improved security level: 56..128-bit RC4 encryption (PDF 1.4 specification; look at New feature highlights document on Adobe server), and so that attack is not applicable to them (you will get an error message).