The hashcat guys have been working on code for oclHashcat guaranteed to crack PDFs within 4 hours. This is for PDF versions 1.1 – 1.3, which uses RC4-40,(v5 and 6 implement 128 bit RC4, v7 128 bit AES and X and later 256 bit AES).
- Guaranteed to crack every password protected PDF of format v1.1 – v1.3 regardless of the password used
- All existing documents at once as there’s no more salt involved after the key is computed
- In less than 4 hours (single GPU)
More info: hashcat forums
Older similar code for john the ripper using cpu https://github.com/kholia/RC4-40-brute-pdf which would take about 2 days