PDF Open password is an secure mechanism to prevent users from accessing and viewing PDF file. It is also known as PDF User Password and is different from PDF permission or owner Password, which restricts PDF file from printing, copying, and other actions. However, Some of the PDF files you downloaded from online with a password and unfortunately the website owner does not provide it. And PDF open password could be forgotten at times as there are som many passwords to be remembered these days. No matther what the case is, this means you'll need a way to open a password protected PDF file when the password is unknown. Currently, you have to guest out the password by yourself or crack PDF password with computer software. The next few sections of this article showcase several tools for this purpose.
Introduction to PDF Encryption Algorithm
Encryption is a process to turn readable plain text into non-readableciphertext. There is an encryption key (random characters) to be generated during this process. When you are trying to open an encrypted PDF file, the correct password will be converted to a decryption key. Once it is matched, the file will be opened. If not, the file is not accessible. Different encryption algorithms apply different encryption keys to password protect a document.
The first encryption algorithm was introduced by Adobe software in 1996, which was weak and easy to get cracked. Then Adobe released RC4 encryption two years later to improve the security. In the coming years, it introduced 128-bit RC4, 128-bit AES and the latest AES-256 bit encryption in 2017. By default, a newer encryption is stronger than the previous one. Hence, the password is much harder to crack. And not all PDF password cracking software support all the encryption algorithms. That's why some of them does not work for certain PDF files. Usually, if the software was not updated for a long time, then it is impossible to decrypt a PDF file with latest PDF encryption technology. Please don't waste time on trying those out-dated software.
In the following sections, we will introduce 4 best PDF password cracking tools that support most of PDF encryption algorithms listed above. This will save you time and effort on this project.
iSeePassword Dr.PDF is a comprehensive password cracking tool for PDF documents. It can help you recover the original open password using powerful decryption algorithms, and it can also remove permissions password in bulk from a number of PDF documents at a time. The best part of this program is that the password cracking speed is extremely fast due to the GPU acceleration technology. A simple 6 digits password can be cracked in minutes. Plus, it has an ultra easy-to-understand user interface.
Additionally, this PDF password cracker is available for both Windows and Mac. The steps below are the same for both platforms; all you need to do is replicate them on your computer with the file that you need to crack the password for.
Step 1. After installing Dr. PDF, launch it and select the first option from the two choices on the main screen. This is the one to recover the open password from a PDF file.
Step 2. On the next screen, click the 'Add' button to import your locked PDF. You will be able to see the filepath in the corresponding field.
Step 3. Next, choose the attack type you want to use. If you have no idea what the password is, use Brute Force; if you know some aspects or characters of the password, use Brute Force with Mask; and if you have a word list or charset of your own, use Dictionary. The following example is for Burte-force with Mask attack.
Step 4: Set the parameters for the attack type, if required.
Step 5: Click Start and wait for the password to be displayed. You can copy it from the pop-up window and use it to open your PDF file from its original folder location.
One of the reasons Dr. PDF is so popular is that it is very easy to use even if you don't have any experience cracking passwords. As you will see in subsequent sections, most tools are complex and require some degree of expertise. In stark contrast, Dr. PDF can do the same task in just a few clicks, without any command line inputs or complex settings to worry about.
- Bleeding fast password cracking engine.
- Well designed and polish user interface.
- Offer three powerful password attack types.
- Work on latest Windows and macOS.
- Support PDF encryption algorithm from RC4 to AES-256 Bit.
Another well-known tool for Windows is GuaPDF, which also has a command-line version for macOS and Linux. The Windows version has a GUI, which makes it slightly easier to use, as shown below:
Step 1. After installing and launching GuaPDF, you'll see a screen with three tabs at the top.
Step 2. Click File -> Open and select the file to be cracked, then click Choose to import it into GuaPDF.
Step 3. In the next pop-up window, you'll see that the decryption has already begun and the application is awaiting password recovery.
Step 4. Once the password has been recovered, an unlocked version of the PDF will be created. The original will remain as it is but you'll see a copy that's appended with '.decrypted' in the file name. That's the one you can access.
Unfortunately, GuaPDF only works if the file is encrypted with a 40-bit algorithm. Other encryption types or add-ons are not supported. If this tool doesn't work for you, try Dr. PDF, which is guaranteed to work 100% of the time. You can also try this next tool.
- No complex settings.
- Start automatically.
- Not support 128-bit encryption.
- Lack hardware acceleration support.
- Only Brute-force attack available.
This is a very popular professional password cracking because it runs on almost any OS platform and is a very powerful Brute Force password cracking tool. It requires a little bit of experience to use because you can't install it like a normal Windows or macOS software - you will need to compile it from the GitHub source. But once you overcome that hurdle with a few command-line inputs, you can proceed with cracking the PDF open password as follows. These steps are from Kali Linux but very similar to what you'll be using on other platforms as well:
The first task is to generate the hash file for the PDF, which you can do by running the pdf2john.pl tool from the run directory. The command you should run will look something like this:
pdf2john.pl /root/Desktop/pdf_locked.pdf > /root/Desktop/pdf.hash
This extracts the hashes and saves it on your desktop as a .hash file that will subsequently be used by the main John the Ripper tool. One simple command will now trigger the Brute Force cracking process:
If successful, you'll see your password displayed in this format:
The text highlighted in white in the screenshot is the password for the PDF file. You can now use it to open the original PDF. John the Ripper is a very versatile set of tools for professionals, but it might not be suitable for new users or someone with little to no experience. There's also another tool used frequently by the pros, which we'll cover next.
- Multiple OS support.
- Effective password cracking algorithms.
- Support all PDF encryptions.
- Only support command line interface.
- Need more time to learn parameter settings.
Hashcat works in a very similar way to John the Ripper because the hashes need to be extracted before the PDF open password can be cracked. It is promoted as the "world's fastest and most advanced password recovery utility," but you'll need to know a little bit about how to install it and run it before you can use it. This is only recommended for advanced users who are familiar with command line or willing to learn it.
Download the executable for Hashcat and drop it into your PowerShell window. You can also go to this location in Windows PowerShell and run the subsequent command:
This runs Hashcat program but will not do anything because no parameters have been specified.
To extract the hashes, you'll need a tool like
pdf2john.pl, which you can run as shown in the John the Ripper process above. You can also use a command similar to the one shown in the screenshot below:
Once you've got your hash file, run the following command:
hashcat64.exe --potfile-path=encryption_test.pot -m 10400 -a 3 -i "encryption_test - CONFIDENTIAL.hash" ?a?a?a?a?a?a
Once the password has been recovered, it will be displayed in the command line. Copy it and use it to open your password locked PDF.
- Super fast with GPU acceleration support.
- Only in-kernel password cracking engine.
- Work on Windows, Linux and macOS.
- Support distributed password cracking in local network.
- Support 100+ password hashes.
- No graphics user interface.
- Sharp learning curve for beginners.
All of these tools are powerful in their own unique ways, but it's clear that Dr. PDF is the most universally appealing tool because of its simplicity. The user-friendly front-end hides the complex and powerful decryption system at the back-end, so users only see the simple side of the intense and complicated process of PDF password cracking. Happy cracking!