pdf2john.py problem, commit efc315e926f521cc41c002742a994776edbacc1d broke it #1052
Conversation
pdf2john.py problem, commit efc315e broke it
|
Thanks! |
|
Can I add the sample PDF's you mentioned to http://openwall.info/wiki/john/sample-non-hashes#PDF ? |
|
sure, but remember they are only for a specific algo (-m 10500 in oclHashcat) b/c I tested this algorithm specifically beforehand. Hashcat's devs have (or if missing will have) some samples for every PDF hash type (.pdf file and resulting "hash"): but for now I only have those above to share. Feel free to post them, yes |
|
@jfoug it feels weird to ask this, but would it be possible to test |
|
Wrong tool, but we could build a tool(s) to do this, but I am not 100% sure how. Exactly 'what' are we going to test or use as a check? That john can load the file, thinking it valid? Is that enough? That john can load and crack? It one hash enough, etc, etc. Define what you need, if you can, in a generic enough manner that we could write a tool. It is pretty hard without knowing what is required, and I find little use in having a special tool for each *2john file. If that is the case. then the *2john should almost have their own self test code. |
|
I think it's more important to collect and/or create samples. I think I recall testing all samples we had as well as a bunch of other files. Apparently none of them was this |
Commit efc315e broke pdf2john.py, at least for the pdf files I'm currently testing, i.e. following format (in hashcat)
-m 10500 = PDF 1.4 - 1.6 (Acrobat 5 - 8)
The signature (which I've investigated here) is: $pdf$2_3_128*
Some example hashes (which currently don't work, but with this pull request should work):
https://mega.co.nz/#!7UABCa5J!t1j7SGclg6UA3X_x1tGpWO7tGiu3D7G7oYBOsSRSUMA
The main problem here is the indentation (which for python is very important, yes sucks).
Greetz from hashcat's dev
philsmd, atom