+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: encrypted APFS drive (/thread-12104.html)
encrypted APFS drive - e4me23 - 08-08-2024
Hello
Total newbie here, I have an external encrypted APFS drive. I recently just encrypted the drive, it's not in my keychain. It was late and I was tired and I typed the password twice. The next day I went to check something on the drive and the password that I always use did not work. I tried a bunch of variations but no luck. So been trying to figure out if hashcat can help and started googling for info. I downloaded crunch to make a word list to test on a different drive with a script to input a bunch of variations of a password. I actually got it to work lol, I have no idea of what I am doing. Here is the script.
#!/usr/bin/env bash
while read -r line
do
echo $line | tee -a used.txt | diskutil apfs UnlockVolume $1 -stdinpassphrase && break
done < /Users/test/Desktop/list.txt
The command in terminal sudo /Users/test/Desktop/mount.sh disk5s1
Any ways I only used a 4-letter word just to see if it worked. Seems like this way would take a few lifetimes.
The password I used for the drive I need to open is way more complex. This is the format Xx XxxXxxxXxx@1111@@@ X=Uppercase letter, x lowercase letter with space then 3 more words, special characters prob # or maybe not or one next to it, 4 numbers then 3 more characters probably "?//" . I use this password all the time so I prob just hit one wrong key or different character, numbers or word not sure.
Is this info lost and should I stop wasting my time? If Hash cat can help how would I set up the argument? I have a Mac M2
Thanks For the Help