Monday, July 11, 2016

Simple PDF Brute Force Tool using GhostScript 9.09

I've had to deal with a lot of PDF's that come in either Secured (cannot copy, cannot print) or Password Protected (requires password to open) lately.

Using GhostScript you can make a simple brute force tool to attack these password protected PDF's.

I'm well aware there are commercial options for doing this, but I don't like to pay money for something I can figure out myself. My method is not as fast or feature rich, but it can get the job done.

You'll need to install GhostScript, I used revision 9.09, if you're using a newer or older version adjust the script below accordingly for the executable paths.

You'll also need a dictionary file (%userprofile%\desktop\passwords.txt) <- adjust accordingly.

With the way this script is written, you can simply drag and drop the PDF file onto the batch file icon, or pass it as a variable ex: bruteforece.bat Path.to.PDF.pdf

@echo off
setlocal enabledelayedexpansion
Title Performing Magic, please wait...
for /f "tokens=* delims=" %%a in (%userprofile%\desktop\passwords.txt) do (
echo Trying password: %%a
"C:\Program Files (x86)\gs\gs9.09\bin\gswin32c.exe" -q -sPDFPassword=%%a %1
if !errorlevel! == 0 echo Password is %%a & pause > nul
cls
)
echo password not found
pause
exit

No comments:

Post a Comment

All comments moderated.
Comments like "sweet dude" or "this is awesome" or "thanks" will be denied,
if you've got something genuinely interesting to say, say it. Other than that just sit back and bask in the glory.