Get into OS X account without password and without killing the keychain?
March 29, 2010 7:31 PM Subscribe
I would like to get root access on a Macbook Air running Mac OS X 10.5.8. Bonus points - without nuking the existing keychain.
posted by zippy to Computers & Internet (31 answers total) 5 users marked this as a favorite
A friend and co-worker passed away recently, and I'm trying to get into their account on their computer, a Macbook Air. I know that they'd be OK with this, and I have their spouse's OK as well.
One of my tasks is to recover access to their keychain. I know that the user favored short passwords from a limited alphabet, so I think this is doable. I have other goals, but first, here's what I have to work with.
I have physical access to the machine, and a guest acccount as well.
- The user's account is still logged in and running
- Mac OS X 10.5.8
- filevault is off
- VM is encrypted
- I am logged in as Guest
- I have physical access to the machine
- There is almost certainly not a firewire password
- The user's password may be as short as 5 characters
- Security Update 2010-002 has not been applied
- I have a possibily complete backup of the user's directory
Ideally, I'd like to be logged in as the user, with access to their keychain.
The user's account was logged in until today when we unthinkingly switched to the Guest account and were then prompted for a password to return to the user's account. Is there any way to see if this account is set for auto-login without a password on boot without actually rebooting?
Less than ideal: recover password file and then recover the user or root password using a brute force tool.
Less2 than ideal: establish a secondary account with administrator privileges, or escalate the guest account to admin.
I'm generally knowledgeable about computers and OSs, and fine with trying scripted attacks that exploit known bugs in the OS.
I realize that others could use this information for unethical or illegal purposes. That's not the case here, but I understand if anyone would prefer to correspond with me directly vs here, contact me via my MeMail.