Brute Force A Password Protected PDF Using The BeagleBone

The biggest benefit to using the BeagleBone is it’s 700 MHz ARM processor. If you’re just messing around with basic I/O that power is going unused, but [Nuno Alves] is taking advantage of its power. He built a PDF password cracker based on the $85 development board.

We recently saw how easy it is to perform basic I/O using the BeagleBone. Those techniques are in play here, used to drive a character LCD and sample a button input from the breadboard circuit. [Nuno] even published separate posts for each of these peripheral features.

The password protected PDF file is passed to the device on a thumb drive. Since the BeagleBone is running embedded Linux you don’t need to mess around with figuring out how to read from the device. A click of the button starts the process. Currently the code just uses a brute force attack which can test more than 6000 four-character passwords per second.  This is quite slow for any password more than four or five characters long, but [Nuno] does mention the possibility of running several ARM processors in parallel, or using a dictionary (or rainbow table) to speed things up. Either way it’s an interesting project to try on the hardware. You can see his video demo of the device after the break.


19 thoughts on “Brute Force A Password Protected PDF Using The BeagleBone

  1. I have an old apple][ that would make a KILLER brute force password breaker. I think the next hack after that would be using a pocket calculator and enter all the calculations manually. That would be really cool.

  2. Because when I look for a computer to perform password cracking, the features I look for:

    -power efficient
    -underpowered processor
    -budget price

    Why not use a raspberry pi for bit coin farming while you’re at it?

  3. I originally thought it was a reasonable idea to do this, as an exercise ‘just because’ or even as a teaching tool starting with something relatively simple. Then I read the premise behind why this was done on a beaglebone and it really doesn’t make sense. If you really want to avoid the issues, then run it in a VM and disable the network connection. You can take a snapshot of the vm before the software is installed. And of course there has been linux based password cracking software for years.

    I still think it’s a good exercise to showcase doing stuff on low-power arm devices though :D

    1. I agree with you reggie… It doesn’t make much sense doing this on the BeagleBone. When I did this, I was trying to see how fast beaglebone really was when compared against my macpro. I also wanted to see how easy it was to create a “single serving” embedded system on the BeagleBone. I was happy with the process, not with the outcome. Its now time to move on to more interesting projects :)

  4. His reasoning is wierd, which makes me believe that he just tried to come up with a “reason” after the fact.

    Not that impressive as it runs linux. a brute force cracker is really easy to write in any language, you can write a rs232 terminal cracker on a duino.

    as an example that the beagle board can do anything a desktop computer can, yes it is a good example.

    But honestly, the beagle board is not best suited for this. and brute forcing is not the fastest way to crack a PDF password. there are other attack vectors that work a lot faster.

    1. Honestly I was trying to see if I could come up with a portable pdf-file cracker that is low power, user friendly and efficient. The beaglebone is definitely low power and user friendly. Unfortunately the CPU is not as powerful as I was expecting.

    1. Yea! Let us see what YOU have done in any field. To be critical of someone and their endeavors without any substantial comparison to what you have done is unwarranted.

  5. Willaim, who needs to? A bit of googling will turn up a myriad of other ways to achieve what he’s doing. As a pdf cracking solution, it’s not that great :) As an exercise in showing that you can do real world stuff with a beaglebone, it’s fine :)

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.