feat(pdf): use JtR to automatically unlock PDFs #7
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
benjamin-awd
force-pushed
the
brute-force
branch
from
721abe0 to
d61bc43
Compare
benjamin-awd
force-pushed
the
brute-force
branch
7 times, most recently
from
3c9a923 to
9c1a5aa
Compare
Some banks like Citibank, or OCBC (if I'm not mistaken) provide a single consolidated bank statement each month, which means we only need to define and pass a single password for these banks. Other banks like HSBC provide a bank statement per credit card, which requires defining several passwords for different credit cards. I've opted to use JtR (or `john`) to automatically unlock (aka brute force) PDFs with a common prefix. For example, HSBC PDFs all begin with a DOB format (e.g. 21Feb1992), and end with the last six digits of the card Using john, we can use pass in a mask like `?d?d?d?d?d?d`, and avoid having to specify the card number within two separate passwords. On the downside, this means that the code executes slightly slower. This PR is a stepping stone to only use one or two environment variables i.e. a DOB like YYYY-MM-DD or personal identification number (e.g. NRIC), instead of having to define a specific password for every bank.
benjamin-awd
force-pushed
the
brute-force
branch
from
9c1a5aa to
90c35ad
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Some banks like Citibank, or OCBC (if I'm not mistaken) provide a single
consolidated bank statement each month, which means we only need to define
and pass a single password for these banks.
Other banks like HSBC provide a bank statement per credit card, which
requires defining several passwords for different credit cards.
I've opted to use JtR (or
john) to automatically unlock (aka brute force)PDFs with a common prefix. For example, HSBC PDFs all begin with
a DOB format (e.g. 21Feb1992), and end with the last six digits of the card
Using john, we can use pass in a mask like
?d?d?d?d?d?d, and avoidhaving to define multiple passwords for a single bank.
On the downside, this means that the code executes slightly slower.
This PR is a stepping stone to only use one or two environment variables i.e.
a DOB like YYYY-MM-DD or personal identification number (e.g. NRIC), instead
of having to define a specific password for every bank.