hashcat Forum
encrypted APFS drive - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: encrypted APFS drive (/thread-12104.html)



encrypted APFS drive - e4me23 - 08-08-2024

Hello

Total newbie here, I have an external encrypted APFS drive. I recently just encrypted the drive, it's not in my keychain. It was late and I was tired and I typed the password twice. The next day I went to check something on the drive and the password that I always use did not work.  I tried a bunch of variations but no luck. So been trying to figure out if hashcat can help and started googling for info.  I downloaded crunch to make a word list to test on a different drive with a script to input a bunch of variations of a password.  I actually got it to work lol, I have no idea of what I am doing. Here is the script. 

#!/usr/bin/env bash

while read -r line
do
  echo $line | tee -a used.txt | diskutil apfs UnlockVolume $1 -stdinpassphrase && break
done < /Users/test/Desktop/list.txt

The command in terminal  sudo /Users/test/Desktop/mount.sh disk5s1

Any ways I only used a 4-letter word just to see if it worked.  Seems like this way would take a few lifetimes.

The password I used for the drive I need to open is way more complex.  This is the format Xx XxxXxxxXxx@1111@@@ X=Uppercase letter, x lowercase letter with space then 3 more words, special characters prob # or maybe not or one next to it, 4 numbers then 3 more characters probably "?//" .  I use this password all the time so I prob just hit one wrong key or different character, numbers or word not sure.

Is this info lost and should I stop wasting my time?  If Hash cat can help how would I set up the argument? I have a Mac M2

Thanks For the Help