Cracking password protected PDF files on a GPU cluster

by Crackq

Posted on September 19, 2015 at 6:05 PM

Created a password-protected PDF and lost your password? This tutorial will demonstrate how to submit password-protected PDF files to the Crackq (GPU cluster) and run it against our 6.3GB dictionary file with custom rules.

Currently, only the PDF 1.4 - 1.6 versions are supported. These versions are the most common. To check your PDF version, open it in any text editor and ensure that the first 8 characters (magic number) correspond to %PDF-1.4, %PDF-1.5 or %PDF-1.6.

The next step is to obtain the latest release of the Crackq client - command-line tool for submitting hashes to the Crackq GPU cluster. For detailed instructions on how to install the Crackq client on Windows, Linux or OS X refer to the installation page.

root@kali:~# git clone
Cloning into 'Crackq'...
remote: Counting objects: 133, done.
Receiving objects: 100% (133/133), 23.28 KiB, done.
remote: Total 133 (delta 0), reused 0 (delta 0), pack-reused 132
Resolving deltas: 100% (45/45), done.
root@kali:~# cd Crackq/
root@kali:~/Crackq# ./ -t pdf /path/to/your/pdffile.pdf
Crackq client 0.3.2

[+] Checking the current client version...
[+] Retrieving email...
[+] Results will be emailed to: support(at)
[+] Submissions left: 49
[+] Sending to the queue...
[+] Done

The result (whether found or not) will be emailed to your registered email address. For PDF processing times and brute-force rules, refer to the Crackq FAQ and PDF rules. If it’s your first time running the crackqcli tool, you’ll be prompted for your API key. This key can be found on the user details page after logging in.

Note that the Crackq client does not send your entire PDF file to the server. Only the encryption information block is extracted from the PDF file and transmitted for processing. The PDF file content is not transmitted or stored on our servers.