Problems decrypting hash from 128bit RC4 PDF
#1
Hi,

New user here, unfortunately, I need some help.  

I've been trying to decrypt a PDF document which is a corp document sent to me.  I have the password, but this activity is for demonstration purposes.  I want to demonstrate the issues with password protecting/encrypting PDF.

I've used PDF2John to generate my hash before running it through Hashcat.  Unfortunately, I'm receiving the error message Token Length Exception when attempting the process.

My command is as follows
hashcat64.exe -a 3 -m 10500 -d 1 -o out.txt --outfile-format=14 hash.txt

As my hash starts $pdf$2*3*128*  I'm pretty confident I've got the correct hash mode.
I've used peepdf to check the encryption, it confirms it as;
Code:
Encrypted: True (RC4 128 bits)

I've also tested the process on an additional encrypted PDF file I generated using current Word using the following command, and it worked.
Code:
hashcat64.exe -a 3 -m 10500 -d 1 -o out.txt --outfile-format=14 hash2.txt

I've compared my hash to other examples I've found, and I believe my issue is something to do with the length and structure.
My redacted hash looks like this;

Code:
$pdf$2*3*128*-36*1*0**32*xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx*32*xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

This seems short and also the element values (I think) are 32 rather than 16???? Not sure why

While attempting to resolve this, I've also built the latest jumbo JTR under The-Distribution-Which-Does-Not-Handle-OpenCL-Well (Kali) and Cygwin, PDF2John still spits out the same hash value.

I'm a beyond my understanding of what I might be doing wrong or how to correct this with Hashcat.

Thanks for the help
Reply
#2
"Token Length Exception" does, indeed, mean that your hash does not meet the expectations of the module. The only way I've found of debugging exactly what is wrong is to read the module source to figure out what it wants and why, and occasionally, when I've *really* screwed up, putting a breakpoint on `module_hash_decode` in a debugger and stepping through.

In this case it looks fairly straightforward -- the `0**` is your hash is invalid; the `0` needs to be either `16` or `32`, and there needs to be either 32 or 64 hex digits between those asterisks (it's referred to in the module source as `id`). Without knowing anything about the file format, I can't say for sure whether the problem is in the script or the file you're got.
Reply
#3
(05-23-2020, 09:10 AM)womble Wrote:  I can't say for sure whether the problem is in the script or the file you're got.

Thanks for the input.  Given the pdf doc reads OK, requires a password etc, can the issue really be with the file?
Unfortunately I don't really have the skillset to read through the source, but as you say the issue is probably in the hash.
Reply