06-14-2019, 02:48 PM
Karamba:That is not the case anymore. I have tried this on several new Mojave systems and the new hash version is the one above. Ps. yes, i am trying to extract the hash to recover the lost passwordÂ
Phil, if you need a separate AdminUserRecoveryInfo.plist and the two other files that are stored in the same folder CryptoUserInfo.plist and secureaccesstoken.plist in Preboot/UUID/var/db I am more than happy to supply these in order to have this hash included in hashcat future releases
The file contains the user account with a new format of hash.
I can make a file with a simple login/pw like root/root or test/test123 for login/pw
This is for both APFS systems that are encrypted and non-encrypted. The encrypted wont let you login as single user. But its possbile to extract the files by running a custom made linux and disable the read access to extract them
Phil, if you need a separate AdminUserRecoveryInfo.plist and the two other files that are stored in the same folder CryptoUserInfo.plist and secureaccesstoken.plist in Preboot/UUID/var/db I am more than happy to supply these in order to have this hash included in hashcat future releases
The file contains the user account with a new format of hash.
I can make a file with a simple login/pw like root/root or test/test123 for login/pw
This is for both APFS systems that are encrypted and non-encrypted. The encrypted wont let you login as single user. But its possbile to extract the files by running a custom made linux and disable the read access to extract them