password protected files... I forgot the password

Discussion in 'OS X' started by f1davis, Oct 15, 2006.

  1. macrumors newbie

    Joined:
    Oct 15, 2006
    #1
    so I set up a password protected file and I cannot remember the password... OOPS!!!! Is there anyway to retrieve the information safely locked away in this file without the password or is it lost forever?

    HELP!!!! PLEASE!

    Thanks
     
  2. macrumors member

    nakedguy

    Joined:
    Sep 30, 2006
  3. Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #3
    when you first created it there "might" have been an option to save the password in the key chain, go and have a poke around in there.
     
  4. macrumors 6502

    Rickay726

    Joined:
    Dec 29, 2005
    Location:
    New Jersey
    #4
    ahha that stinks, should have wrote it down and hid it espically becasue there i no way of retreving that information
     
  5. macrumors 6502a

    simie

    Joined:
    Aug 26, 2004
    Location:
    Sitting
  6. Moderator

    Nermal

    Staff Member

    Joined:
    Dec 7, 2002
    Location:
    Whakatane, New Zealand
  7. thread starter macrumors newbie

    Joined:
    Oct 15, 2006
    #7
    file type

    The file is a .dmg Pretty much everything I am reading says it is just about impossible to retrieve the info without the password. But I thought wouldn't hurt to throw it out here to see if anyone knew of a way.

    Let me know if there is any way.

    Thanks!!!
     
  8. macrumors 68020

    someguy

    Joined:
    Dec 4, 2005
    Location:
    Still here.
    #8
    If the software you used was worth the time it took to download it, you're probably screwed. Not being able to access that information without the password is kind of the whole idea of password protecting data...
     
  9. macrumors regular

    Revlimit Punk

    Joined:
    Jan 8, 2006
    Location:
    Italy
    #9
    If you are referring to the mac os x built-in .dmg file encryption, there is no way to get your data back without the password.
     
  10. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #10
    As noted...

    Being able to retrieve your password, pretty much defeats the point of an encrypted/password protected disk image.

    Perhaps if you had 149 trillion years, you could crack the 128-bit AES and get your files back. :D
     
  11. macrumors 68000

    Joined:
    Feb 23, 2006
    #11
    was it an actual word that you used to create the password? or was it a string of letters and numbers.

    You can probably use a dictionary attack and crack it open.
     
  12. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #12
    No, you can't.
     
  13. tag
    macrumors 6502a

    tag

    Joined:
    Apr 29, 2005
    Location:
    PA, US
    #13

    I'm not going to get into if it's worth while to try to dictionary attack a .dmg, but it is quite possible, and actually it is far more viable than doing a brute force(which face it, is pointless as stated prior). It's especially more realistic if you say know an average password length that your passwords usually are (say you usually use 6 character passwords, you can use a wordlist of just 6 letter words). Though this method would be nullified if you say mix words and numbers at random, or even just add random numbers behind simple words. Also remember these passwords are case sensitive, so if you always use lowercase passwords, there is another piece to narrow down the list.

    So basically if you generally use set length lowercase/uppercase/proper capitalized words only, then a dictionary attack would be a good possibility to try. Though if you normally use passwords that are like 8-16 numbers long with random capitalization and numbers (ie. a32xZED3w), well bruteforce would be your only option, and as stated, isn't actually an option.


    Metafilter had a Q&A on the subject a bit back, which showed a simple script could dictionary attack a .dmg file (Note if you do some searching there are a few apps that also automate this process, though this script is quite an easy and simple way to do it). Now yes this can take a while if you have a huge wordlist, but hey, leave it for a week or some, and hey you might just have your password (or hey, maybe less if its a real simple password). Remember the more you can narrow down your wordlist(which you would most likely do based upon your other passwords), the better the chances are at a quick recovery.

    The metafilter page isn't coming up for some reason (site seems to be down), but the google cache is.

    It is actually pretty basic, finding a good wordlist is up to you though. I did test this script out with a wordlist that I already had and I have to say this script does work, though for practicalness I created a .dmg with a password that wasn't too far down on my wordlist and so it easily opened the .dmg in a minute or so. Doing it to an unknown password will take much longer.
     
  14. macrumors 68000

    Joined:
    Feb 23, 2006
    #14
    John the Ripper is a fairly good password cracker. I'm just not to well informed on how to use it properly to attack a .DMG file. Hell, I was proud that I compiled it into an executable properly.

    EDIT:
    Original Poster,

    Use a program called MacKrack. That should do the job for you.
     
  15. macrumors 68000

    Joined:
    Feb 23, 2006
    #15
    I just did it two minutes ago on an AES-128 test image. Weak password to generate the hash, cracked in like less than a minute. You don't know jack.
     
  16. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #16
    Alrighty.. apparently I was wrong, sue me, technically you can dick a .dmg.

    But I'm curious, how WEAK a password did you use?

    Because it's still thrashing on the password "weak" and it's been 23 minutes. Maybe I'll try a 2 character password. :rolleyes:
     
  17. macrumors 65816

    mdntcallr

    Joined:
    Aug 1, 2000
    Location:
    Los Angeles, CA
  18. macrumors 68000

    Joined:
    Feb 23, 2006
    #18
    I just made a .dmg, created the password hash using "test" on my Macbook Pro and it cracked that thing in about a minute. Granted, it's a pretty terrible "real-world" test. But let's face it. Your average computer user has about enough self-sufficiency to wipe their own butt.

    What hardware are you using? That could be the difference between my times and yours

    EDIT: Also, sorry for being so snappy. I was in MacroEconomics. That class always brings the worst out in me.
     
  19. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #19
    I've had MacKrack chugging away at a .DMG with the password "on" since 12:04PM (EST) and it STILL hasn't broken it. This is one a 2GHz Core Duo MBP with an assload of RAM. I'm not sure if this is taking longer (or failing) because I grabbed a much larger dictionary or what.

    The other one (dual 1.25GHz G4 MDD / assload RAM) is STILL working on "weak", though it says '4m' to completion.. we'll see.

    I'm going to try some alternate attempts to crack a .DMG here shortly.

    Either way, thanks for pointing out that app. I've been using john up until this point.

    EDIT: screw it, it's been nearly 70 minutes and it couldn't break "weak".
    EDIT2: Well, it took 8 minutes to brute "off" (non-dictionary attack), when I told it specifically that there was only alphabetics and only 3 characters. So at least I see it's possible with this app. Now to continue to see how practical. :)
     
  20. macrumors 68000

    Joined:
    Feb 23, 2006
    #20
    Did you load the dictionary? You might be bruteforcing
     
  21. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #21
    Yes, I loaded the dictionary. :)

    Basically the dictionary attacks failed every time I tried it. The only time a brute worked was when I basically told it there were only 729 combinations the password could be, and it still took 8 minutes.

    For security purposes, provided a person follows some basic "good" password guidelines, there's little chance a brute force attack of any sort will work on a .DMG.

    I'm still not convinced that a dictionary attack will work on a .DMG but I'm continuing to try.
     
  22. macrumors 68000

    Joined:
    Feb 23, 2006
    #22
    I got similar results actually when I made a DMG with the word "weak"

    I suspect that the dictionary provided with MacKrack is not the most comprehensive....

    Wish there was a way to tie in the dictionary that is part of OS X into MacKrack.
     
  23. macrumors 68020

    someguy

    Joined:
    Dec 4, 2005
    Location:
    Still here.
    #23
    I joined the experiment just for fun.

    MacKrack is working on cracking open my personal .DMG file.

    The password is a date in "mm-dd-yy" format w/o quotations.

    I'm using the keyspace method, alphanumeric, with "-" in the Other Characters field.

    I'll let you guys know if it ever works. :)


    EDIT: I've also given it the exact number of characters in the password, as well as removed all Other Characters besides the dash. Only 14,325 days to go! ;)
     
  24. Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #24
    There isn't because it's not a plain text dictionary.. however I pulled a plain text dictionary off the web for my testing above.
     
  25. macrumors G3

    rhett7660

    Joined:
    Jan 9, 2008
    Location:
    Sunny, Southern California
    #25
    **EDIT**

    I was able to get it... Thank god, and I would of never remembered it either. 20 letter/number/symbol password too!
     

Share This Page