culdesac I was just wondering this myself.. no way for me to get the plist via /var/db/... as that returns not permitted or permission denied.
But.. in a Mac Mojave terminal as an authenticated user you can run which returns something like:
At this point I'm a bit stuck, been looking through both hashcat and JTR docs/forums and haven't found a way to use this information for cracking.
But.. in a Mac Mojave terminal as an authenticated user you can run
Code:
dscl . read /Users/<user>/ AuthenticationAuthorityCode:
AuthenticationAuthority: ;ShadowHash;HASHLIST:<SALTED-SHA512-PBKDF2,SRP-RFC5054-4096-SHA512-PBKDF2> ;Kerberosv5;;<user>@LKDC:SHA1.XXXXXXXXXD1BXXXXXX8BBB8AB086XXXXXXXXXXXX;LKDC:SHA1.XXXXXXXXXXXX3086898BBB8AB086XXXXXXXXXXXX; ;SecureToken;At this point I'm a bit stuck, been looking through both hashcat and JTR docs/forums and haven't found a way to use this information for cracking.