3.6 C
United States of America
Wednesday, January 22, 2025

safety – Change consumer password by offering new password as hash in a script


The solutions above couldn’t assist me after I forgot my password, so I wrote a script that replaces a (forgotten) account’s password with the (identified) password of one other account. The script rewrites ShadowHashData within the account’s plist file.

Be aware that you will want to have SIP disabled for the script to work. In any other case you will not have entry to accounts’ plists. To examine if SIP is disabled, run that this command:

csrutil standing

returns:

System Integrity Safety standing: disabled.

To disable and allow SIP, see this text at Apple..

Here is the Python 3 script, examined on macOS 11.5 Large Sur (additionally obtainable right here: https://gist.github.com/mahenzon/70d52a41a880afe19dda2b81828f01c8):

"""
Examined on macOS 11.5 Large Sur
SIP disabled
admin@MBP-Suren ~ % csrutil standing
System Integrity Safety standing: disabled.
run:
sudo python3 /Customers/admin/Paperwork/replace-shadow-hash.py /var/db/dslocal/nodes/Default/customers/admin.plist /var/db/dslocal/nodes/Default/customers/suren.plist
The place 'admin' is consumer with identified password and 'suren' is goal consumer. After working this script 'suren' consumer's password will likely be changed with 'admin' consumer's password.
"""

import plistlib
import sys

field_name = "ShadowHashData"


def load_plist(file_path):
    with open(file_path, 'rb') as fp:
        return plistlib.load(fp)


def save_plist(file_path, information):
    with open(file_path, 'wb') as fp:
        plistlib.dump(information, fp)


def important(source_plist_path, target_plist_path):
    # Load the supply plist to get the worth of field_name
    source_plist = load_plist(source_plist_path)
    field_value = source_plist.get(field_name)

    if field_value is None:
        print(f"Discipline {field_name!r} not discovered within the supply plist.")
        return

    # Load the goal plist to interchange the worth of field_name
    target_plist = load_plist(target_plist_path)
    target_plist[field_name] = field_value

    # Save the modified goal plist
    save_plist(target_plist_path, target_plist)
    print(f"Changed {field_name!r} worth in goal plist with: {field_value}")


if __name__ == "__main__":
    if len(sys.argv) != 3:
        print("Utilization: sudo python3 /path/to/replace-shadow-hash.py /var/db/dslocal/nodes/Default/customers/admin.plist /var/db/dslocal/nodes/Default/customers/suren.plist")
        sys.exit(1)

    source_plist_path = sys.argv[1]
    target_plist_path = sys.argv[2]
    important(source_plist_path, target_plist_path)

To make use of the script:

  1. Reserve it to a location of your selecting with the next title: replace-shadow-hash.py.

  2. Run it as follows:

    sudo python3 path/to/replace-shadow-hash.py /var/db/dslocal/nodes/Default/customers/<supply consumer title>.plist /var/db/dslocal/nodes/Default/customers/<goal consumer title>.plist
    

    the place <supply consumer title> is the consumer title of the account with a identified password and <goal consumer title> is the consumer title of the account that you simply forgot the password.

    To search out out the consumer title of an account, merely open /Customers and search for a reputation just like the account title. For instance, in case your account title is John Appleseed, the consumer title will in all probability be johnappleseed.

After working this script, the password of the account recognized by <goal consumer title> get replaced with the password of <supply consumer title>.

Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles