![]() ![]()
It might be a day or so before I get it up and running. #Reset admin password mac os x 10.5.8 pro#If you want, I have a pretty powerful Mac Pro I can use to try and crack the passwords if you can extract them. Then get access to the file with the name extracted above, and run this command with result being the long string produced above:Ĭat /var/db/shadow/hash/ result | cut –c 169-216 I was able to run that without admin privileges, so you might can do that from the Guest account before you shutdown to mount the volume. I just tested what is in there, and the command:ĭscl localhost –read /Search/Users/ username | grep GeneratedUID | cut –c 15-ĭoes tell you which file in the /private/var/db/shadow/hash to look at for a particular user's hash. You definitely need admin access to the file system to get the hashes out. It seems to make sense to me, though I have never done it. Or you can take a look at this blog post: #Reset admin password mac os x 10.5.8 professional#If you can mount the drive somehow so you can read that, you can get the encrypted hashes out of that directory.įor cracking them you could buy the professional version of John the Ripper for OS X. Instead the passwords are stored in a file in /private/var/db/shadow/hash. posted by zippy to Computers & Internet (31 answers total) 5 users marked this as a favoriteīest answer: I was just looking around, and it seems that the NetInfo database went away while I wasn't looking. That's not the case here, but I understand if anyone would prefer to correspond with me directly vs here, contact me via my MeMail. ![]() I realize that others could use this information for unethical or illegal purposes. I'm generally knowledgeable about computers and OSs, and fine with trying scripted attacks that exploit known bugs in the OS. Less 2 than ideal: establish a secondary account with administrator privileges, or escalate the guest account to admin. Less than ideal: recover password file and then recover the user or root password using a brute force tool. Is there any way to see if this account is set for auto-login without a password on boot without actually rebooting? The user's account was logged in until today when we unthinkingly switched to the Guest account and were then prompted for a password to return to the user's account. Ideally, I'd like to be logged in as the user, with access to their keychain. I have a possibily complete backup of the user's directory #Reset admin password mac os x 10.5.8 update#Security Update 2010-002 has not been applied The user's password may be as short as 5 characters There is almost certainly not a firewire password The user's account is still logged in and running I have physical access to the machine, and a guest acccount as well. I have other goals, but first, here's what I have to work with. I know that the user favored short passwords from a limited alphabet, so I think this is doable. One of my tasks is to recover access to their keychain. I know that they'd be OK with this, and I have their spouse's OK as well. A friend and co-worker passed away recently, and I'm trying to get into their account on their computer, a Macbook Air. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |