If somebody creates a PDF and then loses the password, they can recover the password with the pdfcrack command line password recovery tool. The tool leverages a brute force attack against the PDF password until it opens. The attack proceeds offline and nothing is exchaned via the Internet. Owner passwords can be found with the -o switch. Password cracking of longer passwords can take days or weeks to crack, so we limit the password length to 9 characters. This hack can not and does not work over the Internet with content locked by a 3rd party JS plugin. How could it? It would have to hack into the 3rd party server to do that!
The PDF file of the order comes in the form of a PDF file and a text attachment of a few lines. We need to convert the PDF document to a file that we can work with in a computer. For that we use the PdfDecrypt library. You first cause the PDF file to open, save it's page as a image and then fill the rest of the document with 0x00 bytes. This will make it easy to split a PDF document into several non-compressed text files. After that we can split the document into multiple text files containing the characters of the owner passwords. These are recorded as one or more strings as instructed in the PDF specification. Last but not least, we need a way to convert this text to something usable. We use the RegEx library to give a nice formatted output that will fit nicely into a text file. The regular expressions are represented as labels inside a string.
The output is saved to a file called pdfcrack.txt which contains the formatted strings for owner passwords. We can open the file with our favorite text editor and grep the messages and decrypt the passwords. It's that simple and so powerful. You can search your PDF file for all PDF files and all PDF passwords with the following command d2c66b5586