debjit604/DEMON-PDF-Crack

## 📖 目录 - [🔥 概述](#-overview) - [⚔️ 功能](#️-features) - [🏗️ 架构](#️-architecture) - [🎯 攻击向量](#-attack-vectors) - [🌐 字符集覆盖](#-character-set-coverage) - [⚡ 性能基准测试](#-performance-benchmarks) - [📦 安装说明](#-installation) - [🚀 使用说明](#-usage) - [📊 输出与报告](#-output--reports) - [🛡️ 安全与道德](#️-security--ethics) - [🔬 技术深入解析](#-technical-deep-dive) - [📁 项目结构](#-project-structure) - [🤝 贡献指南](#-contributing) - [👤 作者](#-author) - [📜 许可证](#-license) ## 🔥 概述
**DEMON PDF Crack Engine — Phantom Edition** 是一款为网络安全专业人员、渗透测试人员和安全研究人员设计的最先进的多向量 PDF 密码恢复系统。 DEMON 以**高性能、多功能和可靠性**为核心原则从零开始构建，代表了 PDF 密码分析工具的巅峰。它支持**所有已知的字符类型**——从简单的数字到复杂的多字节 Unicode 脚本，并采用**五种不同的攻击向量**协同工作，以最大化密码恢复的成功率。 ### 💡 为什么选择 DEMON？ | 功能 | DEMON v3.0 | 其他工具 | |---------|:----------:|:-----------:| | Unicode 支持（西里尔字母、阿拉伯字母、希腊字母等） | ✅ 完整 | ❌ 有限 | | 马尔可夫链攻击 | ✅ 内置 | ❌ 罕见 | | 智能变异引擎（50+ 规则） | ✅ 高级 | ⚠️ 基础 | | 会话恢复 | ✅ 自动 | ⚠️ 手动 | | HTML/JSON 报告 | ✅ 专业 | ❌ 无 | | GPU 加速 | ✅ 可选 | ❌ 罕见 | | 线程池优化 | ✅ 自适应 | ⚠️ 静态 | | 掩码攻击 | ✅ 基于 Regex | ⚠️ 基础 | | 混合攻击 | ✅ 组合 | ❌ 罕见 | | 实时进度监控 | ✅ 实时 | ⚠️ 基础 | ## ⚔️ 功能

### 🔓 密码字符支持 | 类别 | 字符 | 示例 | |----------|-----------|----------| | **小写字母** | a-z (26) | `abcdefghijklmnopqrstuvwxyz` | | **大写字母** | A-Z (26) | `ABCDEFGHIJKLMNOPQRSTUVWXYZ` | | **数字** | 0-9 (10) | `0123456789` | | **基础特殊字符** | 8 个字符 | `!@#$%^&*` | | **高级特殊字符** | 32 个字符 | `!@#$%^&*()-_=+[]{};:,.<>?/~\`` | | **完整 ASCII** | 95 个字符 | 所有可打印 ASCII 字符 (32-126) | | **扩展 ASCII** | 128 个字符 | Latin-1 补充 (128-255) | | **Unicode Latin** | 190+ 个字符 | `ÀÁÂÃÄÅÆÇÈÉÊË...` | | **西里尔字母** | 256 个字符 | `АБВГДЕЁЖЗИЙКЛМНОП...` | | **希腊字母** | 128 个字符 | `ΑΒΓΔΕΖΗΘΙΚΛΜΝΞΟΠ...` | | **阿拉伯字母** | 256 个字符 | `ابتثجحخدذرزسشص...` | | **希伯来字母** | 128 个字符 | `אבגדהוזחטיכלמם...` | ### ⚡ 核心能力 - **🧠 智能变异引擎**：包含 50 多种转换规则，包括 leet speak、大小写变化、词缀模式、键盘步进、字符重复和元音替换 - **🔄 并行处理**：具有自动 CPU 亲和性和负载均衡的自适应线程池 - **💾 会话弹性**：具有崩溃恢复功能的自动检查点保存/恢复 - **📊 专业报告**：带有深色主题的 HTML 报告和 JSON 数据导出 - **🔍 PDF 取证**：深度加密分析和元数据提取 - **📈 实时统计**：实时速度、ETA 和进度跟踪 - **🎯 多阶段攻击**：从最快到最彻底的顺序攻击编排 ## 🏗️ 架构 ### 数据流 ``` User Input → Argument Parser → Attack Orchestrator │ ┌───────────────┼───────────────┐ │ │ │ ▼ ▼ ▼ Dictionary Attack Hybrid Attack Mask Attack │ │ │ └───────────────┼───────────────┘ │ ▼ Brute-Force Engine │ ▼ Thread Pool Manager │ ┌─────────┼─────────┐ │ │ │ ▼ ▼ ▼ Worker 1 Worker 2 Worker N │ │ │ └─────────┼─────────┘ │ ▼ PDF Decryption Test │ ┌─────┴─────┐ │ │ Found Not Found │ │ ▼ ▼ Result Continue ``` ## 🎯 攻击向量 ### 1. 带有智能变异的字典攻击 ``` Input: "password" → Generates: ├── PASSWORD, Password, pASSWORD ├── password123, password2024, password! ├── p@ssword, p4ssw0rd, pa$$word ├── passwordpassword, drowssap ├── ThePassword, MyPassword123! └── ... (50+ mutations per word) ``` ### 2. 混合攻击 ``` Dictionary Word + Brute-Force Affixes: ├── admin + 0000-9999 → admin0000, admin0001... ├── 000-999 + user → 000user, 001user... └── A-Z + password + 0-9 → Apassword0, Bpassword1... ``` ### 3. 掩码攻击 ``` Pattern: ?u?l?l?l?l?l?d?d?d?d ├── Admin2024, User1999, Root0000 ├── ?d?d?d?d?d?d?d?d → 8-digit PINs └── ?u?l?l?l?s?d?d → Word!12 pattern ``` ### 4. 马尔可夫链攻击 ``` Trained on leaked password databases: ├── Learns character transition probabilities ├── Generates statistically likely passwords └── Effective against human-created passwords ``` ### 5. 暴力破解攻击 ``` Systematic enumeration: ├── Full charset coverage ├── Configurable length range ├── Resume from any position └── Guaranteed to find password (given time) ``` ## 🌐 字符集覆盖 ``` # 完整的 charset 层次结构 CHARSETS = { # ─── BASIC LATIN ─── 'lowercase': 'abcdefghijklmnopqrstuvwxyz', # 26 chars 'uppercase': 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', # 26 chars 'digits': '0123456789', # 10 chars # ─── SPECIAL ─── 'special_basic': '!@#$%^&*', # 8 chars 'special_advanced': '!@#$%^&*()-_=+[]{}|;:,.<>?/~`', # 32 chars 'special_all': Full ASCII punctuation, # 32 chars # ─── COMPOSITE ─── 'alphanumeric': a-z + A-Z + 0-9, # 62 chars 'alphanumeric_special': above + special_basic, # 70 chars 'full_ascii': All printable ASCII, # 95 chars 'full_extended': ASCII + Extended ASCII, # 223 chars # ─── UNICODE SCRIPTS ─── 'unicode_latin': À-ɏ (Latin Extended), # 190+ chars 'cyrillic': А-я (Russian, etc.), # 256 chars 'greek': Α-ω (Greek alphabet), # 128 chars 'arabic': ا-ي (Arabic script), # 256 chars 'hebrew': א-ת (Hebrew alphabet), # 128 chars # ─── MEGA SETS ─── 'all_latin': ASCII + Latin Extended, # 285 chars 'all_unicode': All scripts combined, # 669 chars 'maximum': Everything above, # 892 chars } ``` ## ⚡ 性能基准测试 ### 预计破解时间（1M p/s） | 长度 | 数字 (10) | 小写字母 (26) | 字母数字 (62) | 完整 ASCII (95) | |:------:|:-----------:|:--------------:|:-----------------:|:---------------:| | 4 | 0.01秒 | 0.5秒 | 15秒 | 81秒 | | 5 | 0.1秒 | 12秒 | 15 分钟 | 2 小时 | | 6 | 1秒 | 5 分钟 | 16 小时 | 8 天 | | 7 | 10秒 | 2 小时 | 42 天 | 2 年 | | 8 | 2 分钟 | 2 天 | 7 年 | 210 年 | | 9 | 17 分钟 | 60 天 | 447 年 | 2 万年 | | 10 | 3 小时 | 4 年 | 2.7 万年 | 190 万年 | ## 📦 安装说明 ### 一键安装 ``` # Clone 仓库 git clone https://github.com/debjit604/DEMON-PDF-Crack.git cd DEMON-PDF-Crack # 运行 installer chmod +x setup.sh ./setup.sh ``` ### 手动安装 ``` # Clone git clone https://github.com/debjit604/DEMON-PDF-Crack.git cd DEMON-PDF-Crack # 创建虚拟环境（推荐） python3 -m venv venv source venv/bin/activate # Linux/macOS # venv\Scripts\activate # Windows # 安装依赖 pip install --upgrade pip pip install -r requirements.txt # 验证安装 python3 demon_cli.py --help ``` ### 环境要求 ``` Python >= 3.10 pikepdf >= 9.0.0 pycryptodome >= 3.20.0 pymupdf >= 1.23.0 numpy >= 1.24.0 tqdm >= 4.66.0 rich >= 13.0.0 ``` ### 可选：GPU 加速 ``` # NVIDIA CUDA pip install pycuda # OpenCL (AMD/NVIDIA/Intel) pip install pyopencl ``` ## 🚀 使用说明 ### 快速开始 ``` # 基础 dictionary 攻击 python3 demon_cli.py -f locked.pdf -d rockyou.txt # Brute-force 数字 PIN python3 demon_cli.py -f locked.pdf --brute --charset digits --min 4 --max 8 # 复杂密码恢复 python3 demon_cli.py -f secret.pdf --brute --charset full_ascii --min 6 --max 12 -t 64 ``` ### 命令参考 ``` python3 demon_cli.py -f [OPTIONS] REQUIRED: -f, --file Target PDF file ATTACK MODES: -d, --dictionary Dictionary attack with wordlist(s) --brute Brute-force attack --hybrid Hybrid dictionary + brute-force --mask Mask-based pattern attack --markov Markov chain probabilistic attack --all-attacks Run all attacks sequentially BRUTE-FORCE OPTIONS: --charset Character set (default: alphanumeric_special) --min Minimum password length (default: 1) --max Maximum password length (default: 8) PERFORMANCE: -t, --threads Number of threads (default: auto) --batch-size Batch size for processing (default: 20000) SESSION: --resume Resume from session ID --list-sessions Show saved sessions OUTPUT: -o, --output Save password to file --report Generate HTML report --json Generate JSON report INFO: --analyze Analyze PDF without cracking --list-charsets Show all charset presets --system-info Show system details -v, --verbose Verbose output ``` ### 高级示例 ``` # 🔥 全频段攻击（所有 charsets，所有 vectors） python3 demon_cli.py \ -f top_secret.pdf \ --all-attacks \ --charset maximum \ --min 4 --max 16 \ -t 128 \ --report --json \ -o cracked.txt \ -v # 🌍 国际密码（Unicode + Cyrillic） python3 demon_cli.py \ -f russian_doc.pdf \ --brute \ --charset lowercase+uppercase+cyrillic+digits \ --min 6 --max 12 \ -t 64 # 📋 已知 pattern 攻击 python3 demon_cli.py \ -f company_report.pdf \ --mask \ --min 8 --max 12 # 🔄 恢复中断的 session python3 demon_cli.py \ -f locked.pdf \ --resume session_20240101_120000_1234 # 🔍 仅分析 python3 demon_cli.py -f unknown.pdf --analyze ``` ### 字符集组合 ``` # 使用 '+' 自定义组合 --charset lowercase+uppercase+digits+special_basic # 所有 Latin 字符 --charset all_latin # 最大覆盖范围（包括 Unicode） --charset maximum # 仅 Cyrillic + digits --charset cyrillic+digits # Greek + Hebrew + digits --charset greek+hebrew+digits ``` ## 📊 输出与报告 ### 控制台输出 ``` ╔══════════════════════════════════════════════════════════════╗ ║ ██████╗ ███████╗███╗ ███╗ ██████╗ ███╗ ██╗ ║ ║ ██╔══██╗██╔════╝████╗ ████║██╔═══██╗████╗ ██║ ║ ║ ██║ ██║█████╗ ██╔████╔██║██║ ██║██╔██╗ ██║ ║ ║ ██║ ██║██╔══╝ ██║╚██╔╝██║██║ ██║██║╚██╗██║ ║ ║ ██████╔╝███████╗██║ ╚═╝ ██║╚██████╔╝██║ ╚████║ ║ ║ ╚═════╝ ╚══════╝╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═══╝ ║ ║ ║ ║ PDF CRACK ENGINE v3.0 — PHANTOM EDITION ║ ╚══════════════════════════════════════════════════════════════╝ === PHASE 1: Dictionary Attack === ⚫ Attempts: 1,234,567 | Speed: 850,000 p/s | Time: 1.5s === PHASE 2: Brute-Force Attack === ⚫ Attempts: 45,678,901 | Speed: 1,200,000 p/s | Time: 38.1s ╔══════════════════════════════════════════════════════════════╗ ║ ⚫ PASSWORD RECOVERED ║ ╠══════════════════════════════════════════════════════════════╣ ║ Password: S3cur3P@ss!2024 ║ ║ Method: Dictionary Attack + Smart Mutations ║ ║ Attempts: 1,234,567 ║ ║ Time: 1.5s ║ ║ Speed: 850,000 p/s ║ ╚══════════════════════════════════════════════════════════════╝ ``` ### HTML 报告 生成的 HTML 报告具有以下特点： - **深色主题**配以霓虹绿点缀 - **加密分析**部分 - 带有统计信息的**攻击摘要** - **性能指标** - 适合作为客户交付物的**专业排版** ### JSON 导出 ``` { "timestamp": "2024-01-15T14:30:00", "target_file": "confidential.pdf", "file_info": { "pdf_version": "1.7", "file_size": 2048576, "encrypted": true, "page_count": 42 }, "encryption_info": { "algorithm": "AES-256", "revision": 5, "key_length": 256 }, "attack_summary": { "type": "Multi-Vector", "total_attempts": 52345678, "dictionary_attempts": 1234567, "brute_force_attempts": 51111111 }, "result": { "password": "S3cur3P@ss!2024", "method": "Dictionary Attack", "attempts": 1234567, "time_seconds": 1.5, "speed_per_second": 850000 } } ``` ## 🛡️ 安全与道德

``` ╔══════════════════════════════════════════════════════════════╗ ║ ⚠️ ETHICAL USE NOTICE ║ ╠══════════════════════════════════════════════════════════════╣ ║ This tool is designed for LEGITIMATE use only: ║ ║ ║ ║ ✅ Authorized penetration testing ║ ║ ✅ Security research & education ║ ║ ✅ Password recovery for OWN files ║ ║ ✅ Academic cryptanalysis studies ║ ║ ✅ Forensic investigations (with authorization) ║ ║ ║ ║ ❌ Unauthorized access to others' documents ║ ║ ❌ Illegal activities of any kind ║ ║ ❌ Violating privacy or confidentiality ║ ║ ❌ Any malicious or harmful purposes ║ ║ ║ ║ Always obtain EXPLICIT WRITTEN PERMISSION before ║ ║ testing any system or file you do not own. ║ ╚══════════════════════════════════════════════════════════════╝ ```

### 负责任的漏洞披露 如果您使用此工具发现了漏洞： 1. 负责任地记录发现的结果 2. 私下通知受影响方 3. 给予合理的修复时间 4. 遵循协调披露的惯例 ## 🔬 技术深入解析 ### 支持的 PDF 加密标准 | 标准 | PDF 版本 | 算法 | 密钥长度 | 状态 | |----------|:-----------:|-----------|:----------:|:------:| | PDF 1.1 | 1.0-1.1 | RC4 | 40 位 | ✅ | | PDF 1.2 | 1.2 | RC4 | 40 位 | ✅ | | PDF 1.3 | 1.3 | RC4 | 40-128 位 | ✅ | | PDF 1.4 | 1.4 | RC4 | 128 位 | ✅ | | PDF 1.5 | 1.5 | RC4 | 128 位 | ✅ | | PDF 1.6 | 1.6 | AES-128 | 128 位 | ✅ | | PDF 1.7 | 1.7 | AES-128 | 128 位 | ✅ | | PDF 2.0 | 2.0 | AES-256 | 256 位 | ✅ | ### 多线程架构 ``` Main Process │ ├── Thread 1: Progress Monitor │ ├── Thread Pool (N workers) │ ├── Worker 1 → Password Test → PDF Decrypt │ ├── Worker 2 → Password Test → PDF Decrypt │ ├── Worker 3 → Password Test → PDF Decrypt │ ├── ... │ └── Worker N → Password Test → PDF Decrypt │ └── Thread N+1: Checkpoint Manager ``` ### 内存优化 - **流式词表**：永远不会将整个字典加载到内存中 - **基于生成器**：按需生成密码，而非预先计算 - **批处理**：可配置的批处理大小，以平衡内存与性能 - **基于集合的去重**：以极低的开销高效防止重复 ## 📁 项目结构 ``` DEMON-PDF-Crack/ │ ├── 📄 README.md # This documentation ├── 📄 LICENSE # MIT License ├── 📄 requirements.txt # Python dependencies ├── 📄 setup.sh # One-click installer │ ├── 🐍 demon_cli.py # Main CLI interface │ ├── 📁 core/ # Core engine modules │ ├── __init__.py │ ├── crypto_engine.py # PDF decryption (RC4, AES-128/256) │ ├── charset_manager.py # 30+ charset presets │ ├── password_generators.py # Smart mutations, Markov, Mask │ └── thread_manager.py # Adaptive thread pooling │ ├── 📁 attacks/ # Attack vector implementations │ ├── __init__.py │ ├── dictionary_attack.py # Dictionary + 50+ mutations │ ├── brute_force.py # Systematic enumeration │ ├── hybrid_attack.py # Dictionary + Brute-force │ ├── mask_attack.py # Pattern-based generation │ └── markov_attack.py # Probabilistic generation │ ├── 📁 utils/ # Utility modules │ ├── __init__.py │ ├── pdf_parser.py # PDF structure analysis │ ├── session_manager.py # Save/Resume functionality │ └── report_generator.py # HTML/JSON reporting │ ├── 📁 config/ # Configuration files │ ├── attack_profiles.json # Pre-configured profiles │ └── charsets.json # Extended charset database │ ├── 📁 wordlists/ # Dictionary files │ └── common_passwords.txt # Built-in mini wordlist │ ├── 📁 output/ # Generated outputs │ └── reports/ # HTML/JSON reports │ └── 📁 sessions/ # Saved crack sessions ``` ## 🤝 贡献指南

| 贡献类型 | 指南 | |-------------|-------| | 🐛 Bug 报告 | 提交一个 [Issue](https://github.com/debjit604/DEMON-PDF-Crack/issues) | | 💡 功能请求 | 提交一个 [Issue](https://github.com/debjit604/DEMON-PDF-Crack/issues) | | 🔧 Pull Requests | Fork → Branch → PR | | 📚 文档 | 完善 README，添加示例 | | 🌍 翻译 | 帮助翻译文档 |

### 开发环境设置 ``` git clone https://github.com/debjit604/DEMON-PDF-Crack.git cd DEMON-PDF-Crack python3 -m venv venv source venv/bin/activate pip install -r requirements.txt pip install -r requirements-dev.txt # Development dependencies ``` ## 👤 作者

# Debjit ### 网络安全研究员与开发者
[](https://github.com/debjit604) [](https://linkedin.com/in/debjit-das-48571b236)
``` ╔══════════════════════════════════════════════════════════════╗ ║ "Security is not a product, but a process." ║ ║ — Bruce Schneier ║ ╚══════════════════════════════════════════════════════════════╝ ```

## 📜 许可证 ``` MIT License Copyright (c) 2026 Debjit (debjit604) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ``` ## ⭐ Star 历史

[](https://star-history.com/#debjit604/DEMON-PDF-Crack&Date)

## 🏆 致谢 - **pikepdf** - 优秀的 PDF 处理库 - **PyCryptodome** - 码学原语 - **网络安全社区** - 灵感与知识分享 - **所有贡献者** - 让这个项目变得更好

``` ╔══════════════════════════════════════════════════════════════════════════╗ ║ ║ ║ DEMON PDF CRACK ENGINE v3.0 ║ ║ PHANTOM EDITION ║ ║ ║ ║ Developed with ❤️ by debjit604 ║ ║ ║ ║ GitHub: https://github.com/debjit604/DEMON-PDF-Crack ║ ║ ║ ╚══════════════════════════════════════════════════════════════════════════╝ ```


[⬆ 返回顶部](#-overview)

```

标签：DOS头擦除, PDF处理, Python, SysWhispers, 密码破解, 无后门, 用户模式钩子绕过