How NOT to solve the IEEE Day Badge Challenge


Recently, we were taking the IEEE Day Badge Challenge in https://ieee-collabratec.ieee.org/. We wanted to give another go on solving the clues, so instead of following the clues to open the encrypted and password-protected PDFs, we got the clue that the password is composed only of numeric digits and we used pdfcrack to open the files!

We installed pdfcrack using the following command:

sudo apt-get install pdfcrack;
$ sudo apt-get install pdfcrack
[sudo] password for bob: 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  pdfcrack
0 upgraded, 1 newly installed, 0 to remove and 28 not upgraded.
Need to get 31,0 kB of archives.
After this operation, 90,1 kB of additional disk space will be used.
Get:1 http://cy.archive.ubuntu.com/ubuntu focal/universe amd64 pdfcrack amd64 0.18-2 [31,0 kB]
Fetched 31,0 kB in 1s (40,1 kB/s)
Selecting previously unselected package pdfcrack.
(Reading database ... 452721 files and directories currently installed.)
Preparing to unpack .../pdfcrack_0.18-2_amd64.deb ...
Unpacking pdfcrack (0.18-2) ...
Setting up pdfcrack (0.18-2) ...
Processing triggers for man-db (2.9.1-1) ...

To crack the files, we used the following commands that limited the input to the numeric digits and got the password back in seconds on a normal CPU:

pdfcrack -f IEEE+Day+2021+Clue++3.pdf -c 0123456789;
bob@Linux:~$ pdfcrack -f IEEE+Day+2021+Clue++3.pdf -c 0123456789
PDF version 1.7
Security Handler: Standard
V: 2
R: 3
P: -1060
Length: 128
Encrypted Metadata: True
FileID: 79c15a021438224ba4df58b0e7fa9a20
U: 4990feee0d63f411cf4eba3c1346ff2100000000000000000000000000000000
O: cc5e6a95577573cac6f6683d4c7f02d6605fe42e5622feb6dc36636263ba838e
found user-password: '490000'

bob@Linux:~$ pdfcrack -f IEEE+Day+2021+Clue++5.pdf -c 0123456789
PDF version 1.7
Security Handler: Standard
V: 2
R: 3
P: -1060
Length: 128
Encrypted Metadata: True
FileID: cf72bd9b3fb24145a6d2b578fa52c0e4
U: 8cd5ea45b59168ca10674bdd81f06f5800000000000000000000000000000000
O: 70301a6ff93ac7a91c28895180e8ad57a41388d2b7f3a813b83f4b3fd5274945
Average Speed: 49297.7 w/s. Current Word: '348478'
found user-password: '1470000'

Information on the version we used is below:

$ apt info pdfcrack
Package: pdfcrack
Version: 0.18-2
Priority: optional
Section: universe/utils
Origin: Ubuntu
Maintainer: Ubuntu Developers <[email protected]>
Original-Maintainer: Joao Eriberto Mota Filho <[email protected]>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 90,1 kB
Depends: libc6 (>= 2.14)
Suggests: pdf-viewer
Homepage: http://pdfcrack.sf.net
Download-Size: 31,0 kB
APT-Manual-Installed: yes
APT-Sources: http://cy.archive.ubuntu.com/ubuntu focal/universe amd64 Packages
Description: PDF files password cracker
 PDFCrack is a simple tool for recovering passwords from pdf-documents.
 .
 It should be able to handle all pdfs that uses the standard security handler
 but the pdf-parsing routines are a bit of a quick hack so you might stumble
 across some pdfs where the parser needs to be fixed to handle.
 .
 The main PDFCrack features are:
 .
   - Supports the standard security handler (revision 2, 3 and 4) on all known
     PDF-versions.
   - Supports cracking both owner and userpasswords.
   - Both wordlists and bruteforcing the password are supported.
   - Simple permutations (currently only trying first character as Upper Case).
   - Save and load a running job.
   - Simple benchmarking.
   - Optimised search for owner-password when user-password is known.
 .
 This program can be used in forensics investigations or similar activities,
 to legal password crack.

This post is also available in: Αγγλικα

Απάντηση

Αυτός ο ιστότοπος χρησιμοποιεί το Akismet για να μειώσει τα ανεπιθύμητα σχόλια. Μάθετε πώς υφίστανται επεξεργασία τα δεδομένα των σχολίων σας.