Hello There, Guest!

l Register
Current time: 03-28-2024, 08:00 PM
facebook twitter youtube google+ feedburner
  • http://tricksduniya.com
  • Welcome the world of CRYPTO CURRENCY
  • visit daily
  • For Whatsapp Official Group Contact Our Modrate
  • Mr. Paramjit Singh = 08295205000
  • Mr. Mack = 08295943112


Tricks Duniya -ONLINE SHOPPING GUIDE, MOBILE TRICKS, ANDROID TRICKS, HACKING > RULEBRAKER ZONE > Ethical Hacking > DECRYPT OS X USER ACCOUNT PASSWORDS >

 Replies: 0    views: 438
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
 DECRYPT OS X USER ACCOUNT PASSWORDS
Download App
05-12-2015, 08:36 AM,
Offline
Super Moderator
Joined: Feb 2015
Mesajlar : 704
Konular:
Rep Puanı: 7

Points: 67.2₹
Points: 67.2₹
#1
DECRYPT OS X USER ACCOUNT PASSWORDS

DECRYPT OS X USER ACCOUNT PASSWORDS


[Image: passwordlogin-222x150.jpeg]

PROCEDURE


1. LOG IN AND OPEN TERMINAL.
Log into any account on the computer and open up the Terminal application. This application can be found at /Applications/Utilities/Terminal.app
2. FINDING THE GUID (GLOBALLY UNIQUE IDENTIFIER)
You first need to find out the Globally Unique Identifier. This identifies the user to the Mac OS X authentication system, and is the name of the shadow file in which the password is contained. Depending on your version of OS X, enter one of the following commands:
If you are using 10.5 Leopard or 10.6 Snow Leopard enter this command:
Code:
dscl localhost -read /Search/Users/<username> | grep GeneratedUID | cut -c15-

If you’re on a 10.4 Tiger machine,  enter this command:
Code:
niutil -readprop . /users/<username> generateduid

In both cases replace 

Code:
<username>

 with the shortname of the account you want to find the password for. (i.e. 

Code:
admin

 or 

Code:
root

) You should get a value that looks like 

Code:
A66BCB30-2413-422A-A574-DE03108F8AF2

. This is the GUID. Write it down, we’ll need it later on.

3. OBTAINING THE PASSWORD HASH
Password hashes are the encrypted form of the user’s password. When the user enters their password to log in, the computer encrypts it using an encryption scheme to create a salted SHA1 hash, which it checks against the stored hash in the computer. If they match, the computer logs you in. We will be using the same method the computer uses to authenticate the login to crack the password.
To obtain the password hashes, we need root access. If you have the root password just login as the root user through terminal: type 

Code:
login root

, enter the root password when prompted and then continue to Step 3b. However, if you aren’t lucky enough to have the root password you’ll need to boot into single-user mode.


3A. BOOTING IN SINGLE USER MODE

To boot into single-user mode restart the computer. When you hear the start up chime hold down CMD+S. Soon you should see a black screen with a lot of white text appear. If single-user mode is locked follow one of the other guides on how to gain access.

3B. OBTAINING THE HASH

Enter the following into the command line, replacing  with the GUID you wrote down from Step 2.
Code:
cat /var/db/shadow/hash/<GUID> | cut -c169-216

After running the command, it should spit back out a hash that’s formatted like this: 3

Code:
3BA7C74C318F5D3EF40EB25E1C42F312ACF905E20540226

.


4. DECRYPTING THE HASH

At this point, you need access to another computer (could be the same computer, if you have access for a long time), where we will use the application “John the Ripper” (“John”) to decrypt the hash. John will use ‘brute force’ to determine what the password is in cleartext. That means that the application will systematically generate passwords, encrypt them into the salted SHA1 hash, and check them against the hash you found to see if the password matches. Open up the zip file and drag the “John the Ripper” folder into your base directory. Now it gets a little tricky so be sure to follow the instructions correctly.



4A. CREATE A TEXT FILE CONTAINING THE HASH



Create a text file in your John the Ripper folder called sha1.txt. Inside this file you should have the username and the hash. So if I wanted to find the password for the account crackMe inside sha1.txt I would see: 


Code:
crackMe:33BA7C74C318F5D3EF40EB25E1C42F312ACF905E20540226





4B. NAVIGATING TO JOHN THE RIPPER



Now you need to open up the terminal application and navigate into the directory of your John the Ripper folder. If you followed the directions and put the folder into your base directory the command should be:



Code:
cd /name_of_your_john_folder/


.


If you decided to be a rebel and leave the John the Ripper folder in a different directory, you just need to type in the full path to the directory.



4C. CRACKING THE PASSWORD WITH JOHN THE RIPPER



All we have left is to load the hash into John. To do so, type in the following terminal command:

Code:
./run/john sha1.txt



If John is successful in decrypting the hash, you’ll get a message in the form of:

Code:
Loaded 1 password hash (Mac OS X 10.4+ salted SHA1 [32/64]



Depending on the complexity of the password this process could take anywhere from a second to a day, so be patient. When John is succesful at cracking the hash, it will display something along the lines of:

Code:
password (crackMe) guesses: 1 time: 0:00:00:00 100% (2) c/s: 153000 trying: password



Any text after 


Code:
trying:

 should be the password.



Possibly Related Threads…
Follow These Step And Hack Facebook Account


Pammy signature

PARAMJIT SINGH

05-12-2015, 08:36 AM
Reply
« Next Oldest | Next Newest »
Users browsing this thread: 1 Guest(s)



Possibly Related Threads…
Thread Author Replies Views Last Post
  Follow These Step And Hack Facebook Account admin 3 1,251 11-27-2015, 04:59 PM
Last Post: Ammi Singh
  HOW TO CREATE A NEW ADMINISTRATOR ACCOUNT Pammy 0 465 05-12-2015, 08:38 AM
Last Post: Pammy
  ACCESS SINGLE-USER MODE WHEN COMPUTER LOCKED Pammy 0 346 05-12-2015, 08:29 AM
Last Post: Pammy

Forum Jump:

Powered By Mack Doun
© 2015-2024 Paramjit Singh.
TricksDuniya theme TricksDuniya © 2015.