Acquired admin access on my new emac in 2 mins

**´Silæs** · 3 Dec 2009, 7:44 pm

So basically thanks to some really awesome guy, I had admin access within a few minutes

Assuming this is YOUR machine you are trying to break into, the procedure here does not work under Tiger. I used to do the following procedure for Tiger.......It should work still under the latest update. It will basically make your machine think it's had OSX installed on it just now.

1) Boot your machine into Single user mode by holding down Command-S (apple-S).
2) Issue the following commands (without double quotes), followed by Enter:
"mount -uaw"
"cd /var/db"
"rm .applesetupdone"
3) This "hidden" file (.applesetupdone) we just deleted tells OSX that the initial setup has already been done. By deleting it, we are "forcing" OSX to do the initial setup process all over again. During this process we create a "dummy" user account. This dummy account will have admin privileges, so we can use it to RESET the password on the other account (the account you can't remember the password for).

So Reboot the machine (using "reboot" command or "shutdown -h now") and setup your dummy account, reset the "real" accounts password and optionally delete the dummy account once you get access to the "real" account.

Have Fun,
Many

That is so awesome =D

™ · 3 Dec 2009, 7:47 pm

pretty lame security measure

**´Silæs** · 3 Dec 2009, 8:26 pm

Originally Posted by ™

pretty lame security measure

I'm a bit surprised it was that easy

**SonicDaMan** · 3 Dec 2009, 8:57 pm

When I first got my MacBook, I forgot my login password a day later. Popped in the install disc, opened up Keychain and changed the password with no hassle. Too easy!

™ · 3 Dec 2009, 8:58 pm

Hmm, well, now that i think of it, its not a security measure rather than a security flaw. Usually in web application installations, you delete a 'setup' folder that removes the ability to start the configuration/installation process again, the one on your system is kind of backwards

**hinarei** · 4 Dec 2009, 3:45 am

Originally Posted by ™

Hmm, well, now that i think of it, its not a security measure rather than a security flaw. Usually in web application installations, you delete a 'setup' folder that removes the ability to start the configuration/installation process again, the one on your system is kind of backwards

yes it's a flaw o_O that'd be a nightmare for administration purposes, so you'd hope that network admins had the foresight to clear this sort of thing up.

You delete the initial folder of forum installs like vBulletin and phpBB, don't you? The install instructions make you disable the install folder and then delete it once you're done, otherwise the whole process can be initiated again and lead to a possibly buggered board. That does seem backwards on Mac, but only the file naming

Originally Posted by ´Silæs

So basically thanks to some really awesome guy, I had admin access within a few minutes

nifty. Always a pain to crack a Windows box when the admin password's different to the normal ones we use at work, and I've never tried this on a Mac. Never needed to, but nice to know

™ · 4 Dec 2009, 1:13 pm

Theres this utility hinarei, that gives you the password for windows machines. A friend brought it to work one day when a computer didn't have the widely used admin password. I don't remember the name of thing at the moment, i'll ask him when i see him.

**hinarei** · 6 Dec 2009, 5:47 pm

OphCrack? Used that, but it's still a pain to work around

If there was something in the OS that allowed a quickboot like Silas has listed here for his Mac, it'd solve a few problems (although it'd generate a load more, probably... -_- )

Thread: Acquired admin access on my new emac in 2 mins

Thread Tools

Display

Acquired admin access on my new emac in 2 mins

Thread Information

Users Browsing this Thread

Posting Permissions