Hashcat OS Mojave Help
#1
Hi,

I'm trying to decrypt what i believe to be a SHA2-256 .txt hash using hashcat i know the approximate length and that it is mainly special characters, I've installed hashcat properly(i believe, as tests I've run seem to work), would really appreciate some assistance.
Reply
#2
if you have real good knowledge about the pw you are looking for see

https://hashcat.net/wiki/doku.php?id=mask_attack
Reply
#3
(07-30-2021, 12:22 PM)Snoopy Wrote: if you have real good knowledge about the pw you are looking for see

https://hashcat.net/wiki/doku.php?id=mask_attack

Thank you for mentioning this in regards to OSX as it may help in what looks like a challenging attempt at recovering my admin login password within OSX High Sierra. I am new here and doing my due diligence reading (before posting) up on what may be the hardest challenge/fuck up of my life as far as computers go.  I have a 2010 imac I bought new and used for gaming so I have dual partition and Bootcamp with Windows 7. I haven't used it in about 4 years but I took it out of storage as I need to recover important data for a legal dispute. Fortunately it still boots and runs OK (it is hot and loud as the fans and the hdd really need to be replaced. My goal is to get all the data backed up before replacing it with a SSD.

In 2017 I was concerned my ex was accessing my data after a nasty breakup and I thought to change my computer.  I was pretty emotional and there may have been red wine involved but I had only ever had one password on that machine so whatever happened that night escapes me. My best recollection was writing down a long alpha numeric password on a sticky and calling it a day. I have tried all the stickies.  This person has also broicked an iphone and done other malicious things to my property when she was angry.  I was hoping this was over and done but now there is a pressing legal concern and I need to exhaust any and all avenues to get back into the iMac.

I believe both the windows 7 and the osx high sierra login name and password were identical for the first 7 years and I only changed the OSX version. When I boot up I have to select my sons (non-admin) account which will not let me change to windows7 as startup disk without the admin login. But at some point I was accessing data from one "desktop" or "library" to the other in either operating system. I have another PC and a macbook that I can use to explore it as a drive but I thought this was such a specific case I may need to reply on older posts so asking for help might save time. I don't believe file vault is on and no I can't reset the login by way of appleID. I guess online TFAoption was not built in at launch as I spent hours and hours with Apple supportto no avail.
Reply
#4
If I understand it correctly, you guys want to crack your macOS login ?
You need to obtain this file: /private/var/db/dslocal/nodes/Default/users/[yourusername].plist

Then, extract the hash from that file with for example https://github.com/openwall/john/blob/bl...ac2john.py
Format the hash just like the example-hash, as found here: https://hashcat.net/wiki/doku.php?id=example_hashes
Run hashcat with -m 7100.
Reply
#5
(07-31-2021, 07:14 PM)lightz Wrote:
(07-30-2021, 12:22 PM)Snoopy Wrote: if you have real good knowledge about the pw you are looking for see

https://hashcat.net/wiki/doku.php?id=mask_attack

Thank you for mentioning this in regards to OSX as it may help in what looks like a challenging attempt at recovering my admin login password within OSX High Sierra. I am new here and doing my due diligence reading (before posting) up on what may be the hardest challenge/fuck up of my life as far as computers go.  I have a 2010 imac I bought new and used for gaming so I have dual partition and Bootcamp with Windows 7. I haven't used it in about 4 years but I took it out of storage as I need to recover important data for a legal dispute. Fortunately it still boots and runs OK (it is hot and loud as the fans and the hdd really need to be replaced. My goal is to get all the data backed up before replacing it with a SSD.

In 2017 I was concerned my ex was accessing my data after a nasty breakup and I thought to change my computer.  I was pretty emotional and there may have been red wine involved but I had only ever had one password on that machine so whatever happened that night escapes me. My best recollection was writing down a long alpha numeric password on a sticky and calling it a day. I have tried all the stickies.  This person has also broicked an iphone and done other malicious things to my property when she was angry.  I was hoping this was over and done but now there is a pressing legal concern and I need to exhaust any and all avenues to get back into the iMac.

I believe both the windows 7 and the osx high sierra login name and password were identical for the first 7 years and I only changed the OSX version. When I boot up I have to select my sons (non-admin) account which will not let me change to windows7 as startup disk without the admin login. But at some point I was accessing data from one "desktop" or "library" to the other in either operating system. I have another PC and a macbook that I can use to explore it as a drive but I thought this was such a specific case I may need to reply on older posts so asking for help might save time. I don't believe file vault is on and no I can't reset the login by way of appleID. I guess online TFAoption was not built in at launch as I spent hours and hours with Apple supportto no avail.

Hello,

  Did you get past the login screen?  
regards,
Reply