Mac Forums

Mac Forums (http://www.mac-forums.com/forums/)
-   OS X - Operating System (http://www.mac-forums.com/forums/os-x-operating-system/)
-   -   System Administrator Password (http://www.mac-forums.com/forums/os-x-operating-system/10215-system-administrator-password.html)

savers 10-20-2004 12:00 AM

System Administrator Password
 
Friend of my wife's just got a devorce and the jerk took his password protected admin password with him and left her with the computer and he also took the install cd. I'm a windows user mainly and not that familar with this system but can get to superuser (root) status or at least when I type in whoami it tells me I am root but i am unfamilar with the system -

can I make a new user with admin rights from this terminal?

please respond -- email me at skittles123@adelphia.net

she has a emac

rman 10-20-2004 10:38 AM

If you are truly the root user. Then you still have control, some control. if you want to change the root pass word you will need the previous pass word. The only was to change it is get a set of install disks.

You can try to create another user id.

savers 10-20-2004 01:23 PM

Quote:

Originally Posted by rman
If you are truly the root user. Then you still have control, some control. if you want to change the root pass word you will need the previous pass word. The only was to change it is get a set of install disks.

You can try to create another user id.


--------------------------------------------------------------------------

i type in whoami

it replys root

I need the instructions from superuser mode (holding down keys on the keyboard will boot you into this mode) I need to know how to create another admin or to delete the current admin's password. fild locations or instructions type situation for an emac

savers 10-20-2004 08:38 PM

would any of this work?/
--------------------------------------------------------------------------------

if it's running os x and there isn't a firmware password, you can change the password or get the hash in a couple of minutes. well not if the computer is running 10.3, the single user mode locks up if you try to get the hash or change the password. provided the computer is running any os x lower that 10.3 you just do the following:

1) boot up holding the apple + s keys
2) type /sbin/mount -uw / (you don't need to run the /sbin/fsck -y /)
3) type /sbin/systemstarter
4) either type passwd (account goes here) to change the password
or type nidump passwd . to get the hash to brute force if you want to
be a little more subtle with the whole hacking thing.

-------------------------------------------------------------------

you type nidump -r /users/<whatever adminname>/passwd /

to dump the password hash

PLUS, WHY BOTHER TO TAKE 8 HOURS OF YOUR TIME WHEN YOU CAN REMAKE YOUR PASSWORDS VIA NIUTIL.

this just drives me up th wall

use openssl passwd <new password>

niutil -destroyprop /users/<whater admin name> passwd

niutil -createprop /users/<whatever admin name> passwd <hash above>

seriously, you guys need to explore NetInfo commands more.

---------------------------------------------------------------------


The Mac uses the NetInfo database as a password file instead of /etc/passwd. You add new users to the NetInfo database using the nidump and niload commands. For example, as root:

# cd /tmp
# nidump passwd . > passwd.new

This will dump the contents of the NetInfo passwd table into passwd.new. Edit passwd.new to add users, e.g. to add user smith you would add a line something like:

smith::12434:200:0:0::Joe Smith:/afs/www.google.com:/bin/tcsh

Load the file back into the Netinfo database with the command:

# niload passwd . < passwd.new


To modify a password entry, edit the file passwd.new to make the necessary changes, and load it into the NetInfo database with the command:

# niload -d passwd . < passwd.new

----------------------------------------------------------------

savers 10-20-2004 08:50 PM

or would this work?

----------------

Exploit

Step 1) Restart the computer (or turn it on if it's already off) while holding down the command and s keys at the same time. (If the computer is running Mac OS Public Beta, just press the s key.) They have root privileges at this moment, but now it's time to take advantage of these privileges.

Step 1.5) Type "/sbin/fsck -y". (Type this without the quotes, of course.) (This step really isn't necessary at all, but it just takes a second, and they might as well just do a quick check of the hard disk before mounting it.)

Step 2) Type "/sbin/mount -wu /" (This mounts the volume "/" with read/write access.)

Step 3) Type "/sbin/SystemStarter" (This starts the network services, which is necessary to gain access to NetInfo.)

Step 4) Here, one could now just type "passwd root" and override the existing root password with one of their own, or worse yet, someone could just get the current root password (and/or the administrative user account password) so the administrators of that computer don't know that their security has been compromised. One of the easiest ways to do this is to just type "nidump passwd ." and write down the root account's password hash. (The hash will be the text that looks like just a garbled mess of alphanumeric characters between two colons.)


Step 5) Now one can type up what they wrote down into a plain text file like the following example: "root:rQkFQ37SYveHw:0:0::0:0:System Administrator:/var/root:/bin/tcsh".

Step 6) Finally, they'll use a cracking program like John the Ripper for the PC, or the Meltino, a Classic Macintosh application, to crack the password hash.

And when it's finally cracked it, they've got the password


3) Capitalization Matters! "/sbin/SystemStarter"

Posted: February 27, 2004, 5:21 pm Post subject:

immdb 10-20-2004 10:23 PM

I'm leaning toward there being a reason you can't get to the admin password. Like rman said, you need an install cd.

Look on the good side…she got the computer, all he got was the install cd and the admin password.

savers 10-20-2004 11:30 PM

yo i have the root which I am thinking is suppose to over everything - why should I need a install cd.. I thought this unix crap was all about open source... no different then windows so if you can't beat them join them..

rman 10-21-2004 12:31 AM

Open source has nothing to do with security.

savers 10-21-2004 07:37 AM

I just asked if it would work... others think it will...

Aptmunich 10-21-2004 11:04 AM

Open source has EVERYTHING to do with security, but not in the sense savers means.

Theoretically if you are root then you should be able to create a new admin right?

Avalon 10-21-2004 03:23 PM

Quote:

Originally Posted by Aptmunich
Open source has EVERYTHING to do with security, but not in the sense savers means.

Theoretically if you are root then you should be able to create a new admin right?

Not just theoretically...
As root in OS X, you can do everything, just like in Linux/UNIX. This includes creating a new user with admin rights, celeting an existing user, even without having his/her password AND messing up the system, which I managed to do while playing around too much... :D

So be careful with what you do, but as long as you're just creating/erasing users, the system won't take any harm...
I played around with system files, resulting in Kernel Panics and happy reinstallation parties :D

antivirus1 06-24-2008 06:58 PM

Quote:

Originally Posted by savers (Post 55174)
would any of this work?/
--------------------------------------------------------------------------------

if it's running os x and there isn't a firmware password, you can change the password or get the hash in a couple of minutes. well not if the computer is running 10.3, the single user mode locks up if you try to get the hash or change the password. provided the computer is running any os x lower that 10.3 you just do the following:

1) boot up holding the apple + s keys
2) type /sbin/mount -uw / (you don't need to run the /sbin/fsck -y /)
3) type /sbin/systemstarter
4) either type passwd (account goes here) to change the password
or type nidump passwd . to get the hash to brute force if you want to
be a little more subtle with the whole hacking thing.

-------------------------------------------------------------------

you type nidump -r /users/<whatever adminname>/passwd /

to dump the password hash

PLUS, WHY BOTHER TO TAKE 8 HOURS OF YOUR TIME WHEN YOU CAN REMAKE YOUR PASSWORDS VIA NIUTIL.

this just drives me up th wall

use openssl passwd <new password>

niutil -destroyprop /users/<whater admin name> passwd

niutil -createprop /users/<whatever admin name> passwd <hash above>

seriously, you guys need to explore NetInfo commands more.

---------------------------------------------------------------------


The Mac uses the NetInfo database as a password file instead of /etc/passwd. You add new users to the NetInfo database using the nidump and niload commands. For example, as root:

# cd /tmp
# nidump passwd . > passwd.new

This will dump the contents of the NetInfo passwd table into passwd.new. Edit passwd.new to add users, e.g. to add user smith you would add a line something like:

smith::12434:200:0:0::Joe Smith:/afs/www.google.com:/bin/tcsh

Load the file back into the Netinfo database with the command:

# niload passwd . < passwd.new


To modify a password entry, edit the file passwd.new to make the necessary changes, and load it into the NetInfo database with the command:

# niload -d passwd . < passwd.new

----------------------------------------------------------------

Hold cmd s is not working for me.. I have an iMac a1224

mf666 05-31-2011 06:23 PM

Too much thought applied here to a simple issue. No need to use any hash utility to change the old user pw. Just create a new admin user. Any admin can change the pw of any other admin even without knowing the old pw.

Boot to single-user mode (hold ⌘ and the S key for 30 seconds at startup).
Type:
/sbin/mount -uw /
Press Return.
Type:
rm /var/db/.applesetupdone
Press Return.
Type:
reboot
Press Return.

chscag 05-31-2011 07:00 PM

You just replied to a post that's three years old and a thread that's even older. Please observe the date of the post before deciding to reply. Thanks.

harryb2448 05-31-2011 07:02 PM

LOL the original post is SEVEN years old!

Tough luck if still unable to access user name by now!


All times are GMT -4. The time now is 01:44 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.