Suppose you asked an insurance company for a letter. The insurance company kindly sent it as a PDF attached to an email. Sensibly, they protected that PDF with a password which they told you over the phone. You wrote it in a notebook and then left the notebook at work over the weekend.
How could you read the letter in the password-protected file at home, then? Remembering that the password was definitely an English word, and all in lower case, a dictionary attack has got to be worth a try.
Linux provides some handy tools for this. There’s a list of English words in /usr/share/dict/words, and a suite of PDF tools which can attempt to open the file using a password, indicating success or failure. A few minutes with Python and:
#!/usr/bin/python
import os,sys
wf=open('/usr/share/dict/words','r')
while True:
word = wf.readline().strip().lower()
if word == '':
print "No solution found"
break
print word
cmdline = 'pdftotext -upw "'+word+'" '+sys.argv[1]
result = os.system(cmdline)
if result == 0:
break
The same thing must be possible in a more hipsterly fashion using awk, but I couldn’t be bothered to figure out a sufficiently baroque command line.
By the way, the password was ‘orange’. Don’t tell anybody.