- #How to find mac os x administrator password pro#
- #How to find mac os x administrator password password#
At this point the guide went littlebit tricky and led to dictionary attack.
#How to find mac os x administrator password pro#
Please notice that everything is on the same line, there is just wordwrap turned on in sublime-text! Crack with hashcatįor cracking I am using my mid 2012 13″ macbook pro with 2,9GHz i7.Īlright everything was prepared and ready for hashcat. Here is what I did in one screenshot (click for bigger size): Hashcat requires data in this kind of format: Last thing to do was combine all those hex values for hashcat which I used for actual cracking. $ sudo echo “M4Av9jmd309xcQEMDM7437p81znC/EayWCKfCf2IsMk=” | base64 -D > saltĪnd then the copy-paste-removespaces operation blaa blaa…Īnnoying part was almost over. I repeated same process to the salt hash. Then removed “useles” part and spaces and it looked like this: I copied the whole thing to clipboard and pasted it to sublime-text. Hex values are the ones on to middle as highlighted in this screenshot: This time there were some data to be deleted. Once more I had to copy and paste values from terminal to sublime-text and remove spaces. There it was entropy data converted to hex values. $ sudo echo “VhLaOYjn9XIabjfxw7Fd4j97CI4RaF26xtv+Xz4QUYM/b/Ag3fz5cjjWnFA3EK1hUgLxHsNYCjMBD/YWhh/LBQNY0/ZJhchYdJKZPvHTdRXQGScYj9yt0G0Y/qMCFmcTE2KDJpEYeWa58Vag2+c7xgOeONztcleA6L4U+kri6y8=” | base64 -D > entropy On sublime I removed returns and put data on same line. Like before I first copied entropy data to clipboard and then pasted it to sublime-text. As said in the guide entropy and salt were still in base64 format and needed to convert again. I opened shadowhash with nano editor and there was data separated under tags entropy, iterations and salt.
:max_bytes(150000):strip_icc()/005-recover-email-password-from-os-x-keychain-1174067-75461e5bd5fa4810accdbcfd7bc181d3.jpg "how to find mac os x administrator password")
VCAsiKTE2QcTnAAAAAAAAAQEAAAAAAAAACQAAAAAAAAAAAA O1yV4DovhT6SuLrL08QIDOAL/Y5nd9PcXEBDAzO+N+6fNc5wvxGslginwn9iLDJEYi KmFyFh0kpk+8dN1FdAZJxiP3K3QbRj+owIWZxMTYoMmkRh5ZrnxVqDb5zvGA5443 IjhFoXbrG2/5fPhBRgz9v8CDd/PlyONacUDcQrWFSAvEew1gKMwEP9haGH8sFA1jT9 $ sudo echo “YnBsaXN0MDDRAQJfEBRTQUxURUQtU0hBNTEyLVBCS0RGMtMDBĪUGBwhXZW50cm9weVRzYWx0Wml0ZXJhdGlvbnNPEIBWEto5iOf1chpuN/HDsV3iP3s Just hitted return like hundred times and took care that any letters were not deleted.Īfter return maraton I copy pasted it to terminal and entered some commands and did this:
I removed returns and put everyhting on the same line. I copied that data to a clipboard with cmd+c and pasted it to sublime texteditor. Line I was looking were under “ShadowHashData” surrounded by tags. On macs terminal I switch path to Desktop, then create a folder for our mission and moved the hash into that folder:Īnd there was lots of stuff in it. The hash is in binary format by default and we want to convert it in to XML. After all this is actually very simple task. Now this part goes little bit tricky and I spent couple of hours thinking what is actually happening. $ sudo cp /var/db/dslocal/nodes/Default/users/ist Desktop/ist Extract the hash for hashcat
$ sudo ls /var/db/dslocal/nodes/Default/users It did not worked cause I did not have permissions to that folder. Ls: /var/db/dslocal/nodes/Default/users: Permission denied bash: cd: /var/db/dslocal/nodes/Default/users: Permission denied I opened terminal on my mac and tried to acces to /var/db/dslocal/nodes/Default/users.
#How to find mac os x administrator password password#
After reading the article I knew that password hash in Mavericks is located in this path: /var/db/dslocal/nodes/Default/users/.plist. I am not so interested about that since I just like to test how weak my own password is. There is methods to obtain password hash(which is the password protected with mathematical algorithm) when you are unable to log into any account on the machine. It is step by step guide of what I was looking for, perfect! Not so many searches later I found this very decent article about “How to Extract OS X Mavericks Password Hash for Cracking With Hashcat”. Like in router article I did not have any previous experience about cracking OSx password. It is a Finnish word meaning lazy with little bit of leetspeak and it will pass Apples password policy. For this test I changed it to something which I feel is closer to password users normally have.
I have actually learned something in past few months and I have very strong password at the moment. I am now going to crack my macbook pro which is running OSx Mavericks. Last time I tested how easy/hard it is to crack my wap2 secured wlan with weak password. When you read regular articles about security you will almost always face paragraph which tells you that it is very important to have a good password. I have been worried about security for a long time.
0 kommentar(er)
