Ethical Unix OSX Lion Crack Keychain
New here? Learn about Bountify and follow @bountify to get notified of new bounties! x

Unfortunately, my brother passed away unexpectedly and I need to access his keychain on his old MacBook. I have complete legal representation of this and I own all rights. What I'm looking for is the generated UID and to then use that has to then decrypt the old keychain.

Since the computer is so old – very slow and needs someone with an older Xcode version – looking for some help. I'll upload the keychain remotely and can provide links for those who are adept at the terminal. The quicker the better – this is very time sensitive.

I will keep attempting to crack myself while I wait for answers.
https://github.com/octomagon/davegrohl-old

since time consuming part, could we try another tool? eg. johntheripper ?
valerysntx 1 month ago
https://hub.docker.com/r/knsit/johntheripper/ - could be run on nvidia docker to use opencl for speedboosted hashing
valerysntx 1 month ago
hey- can I send you the chain to extract?
simpletwist 1 month ago
sure johntheripper could work too
simpletwist 1 month ago
email: jpr4gjkshoj0@opayq.com, waiting for input files :)
valerysntx 1 month ago
Were you able to receive the input files? It is just one.keychain.
simpletwist 1 month ago
email: jpr4gjkshoj0@opayq.com
valerysntx 1 month ago
I sent last night
simpletwist 1 month ago
got it...
valerysntx 1 month ago
docker run valerysntx/keychain -c "cd / && john --show keychain"
valerysntx 1 month ago
awarded to valerysntx

Crowdsource coding tasks.

1 Solution

Winning solution

docker run -it syakesaba/john-jumbo

  • look around... cd / && ls
  • there is /john sources directory, no need to compile...
  • download wordlist file... /# wget https://wordlists.capsop.com/... (i took mangled.txt)
  • /# keychain2john $(somebinaryfile.bak) > keychain
  • /# john --format=keychain --wordlist=/wordlist/mangled.txt keychain
  • i've pushed container with all things to valerysntx/keychain, so
  • doing docker run valerysntx/keychai -c "cd / && john --show keychain"
    • should say 'Blueberry9'
docker run valerysntx/keychain -c "cd / && john --show keychain"
valerysntx 1 month ago
These are not my passwords but I do not want to make them public. So the main content was what you listed above? To further get into the keychain I should move anything more than the password but you have on the lowest line right ?
simpletwist 1 month ago
  1. there was only one password that i've got for the first one minute running docker inside of fast ec2 container
  2. should I drop valerysntx/keychain repository immediately, and remove everything put on cloudup.com/ ... or give you a chance to get more passwords if any?
valerysntx 1 month ago