Monday, September 7, 2009

Security Tools for Mac OS X. Password recovery, FileGuard, etc...

Here are some cool softwares that can help you with security problems on Mac OS X.

http://www.msec.net/software/index.html


 

Crack root password on Mac OS X. Change the password or find it.

Here is a technique to change or get the root password on an apple computer running Mac OS X.

1- Restart your computer in single user mode by holding the CMD+S key at the booting.

2- Type : /sbin/mount -wu / to mount the hard drive

3- Type : /sbin/SystemStarter to start the network services

4- Now you have to choice :

a) Change root password : passwd root

b) Get the root by password :
b.1) Type : nidump passwd
b.2) Now write the line looking like root:rQkFQ37SYveHw:0:0::0:0:System Administrator:/var/root:/bin/tcsh in a text file and crack it with a cracking program like John the Ripper.

Wednesday, September 2, 2009

Get the password of any user in Mac OS X

This is how you can get the password of any user in Mac OS X. It is a technique called Swap File Hack.

You will first need to login as root. First login with an administrator account. If you don't have access to an administrator account please read «Crack Mac OS X Administrator password - create new admin account». Once you're logged in as an administrator, go to Applications » Utilities » NetInfo Manager and open it. In the top menu, go to Security and enable root user. Choose a master password. Than, logout, and log back with the new "root" account, with your master password.

Once your logged in as root, go to System Preferences » Personal » Security. Un-check «Use secure virtual memory».

Next, change the amount of RAM memory in the computer.Changing the amount of memory will create something called swap files, that include the passwords.

After the memory change, log back with the root account, open up Terminal, and enter this:


sudo strings -8 /var/vm/swapfile0 |grep -A 4 -i [longname]



Replace «[longname]» with the long name of the account you want the password. Look around for the word "password", and you should find what you need!

Tuesday, September 1, 2009

Disable rEFIt and boot in Single User Mode or from CD(Mac OS X)

rEFIt is a boot menu and maintenance toolkit for EFI-based machines like the Intel Macs. You can use it to boot multiple operating systems. It is also used in computer labs to disable Mac OS X boot options like Single User Mode, booting from CD or external drive, ...

You can access booting options from rEFIt (if it's not disabled in rEFIt configuration file) by selecting the OS in the rEFIt menu and pressing ‘+’ or F2. A Submenu containing more booting options should appear. If you don't see options like "Boot in single user mode"(wich can be used to crack administrator account) you will need to enable it in the rEFIt configuration file.

-Boot in Mac OS X
-Start the Terminal in Applications/Utilities
-Write: vi /efi/refit/refit.conf
-In the editor find the lines that start with «disable ...» and put a # before (you will need to press «i» to enable the Insert Mode of vi editor)
-When it's done quit and save vi by pressing ESC and «:wq» and ENTER
-You can now close Terminal and reboot your mac to try again the F2 key in rEFIt menu.

Uninstall rEFIt
You can manually uninstall rEFIt by deleting the «efi» folder at the root of your Hard Drive. You can do this directly in the finder or in the "Single User Mode" by typing : rm /efi