Comments (13)
my os x version : 10.12.6
from chainbreaker.
I have exactly the same issue using the same mac os version. It works very well decrypting the user keychain but the system keychain fails. I have done my test using the same password on both keychain.
The following condition fails because my value of pad is equal to 188. I have tried to debug the problem without success.
However, thanks for your great work !
from chainbreaker.
@AlessandroZ Did you try the 24bytes System Key on macOS?
It's stored on '/private/var/db/SystemKey'
from chainbreaker.
I have tried.
my os x version : 10.13.1
@n0fate
MBP:run kevin$ sudo hexdump -e '16/1 "%02x" ""' -s 8 -n 24 /private/var/db/SystemKey |xargs python -c 'import sys;print sys.argv[1].upper()'
Password:
1C7F6F3340C29050C826B6B29EB507F3770BAE942E6D0CEE
MBP:chainbreaker-master kevin$ python chainbreaker.py -f /Library/Keychains/System.keychain -k 1C7F6F3340C29050C826B6B29EB507F3770BAE942E6D0CEE
[-] DB Key
00000000: 00 .
[+] Symmetric Key Table: 0x00007968
Traceback (most recent call last):
File "chainbreaker.py", line 968, in <module>
main()
File "chainbreaker.py", line 779, in main
passwd = keychain.KeyblobDecryption(ciphertext, iv, dbkey)
File "chainbreaker.py", line 599, in KeyblobDecryption
plain = kcdecrypt(dbkey, magicCmsIV, encryptedblob)
File "chainbreaker.py", line 696, in kcdecrypt
cipher = triple_des(key, CBC, iv)
from chainbreaker.
On 10.12.6, doing exactly what @Explorer1092 did sudo hexdump -e '16/1 "%02x" ""' -s 8 -n 24 /private/var/db/SystemKey |xargs python -c 'import sys;print sys.argv[1].upper()'
it works for me.
The system keychain is well decrypted. It's weird that it failed on newer version. I will try to upgrade later, to check again.
Thanks a lot !
from chainbreaker.
@AlessandroZ Thank you.
@Explorer1092 I will check it asap ;-)
from chainbreaker.
@Explorer1092 It seems to be the DB Key decryption failed. It's occurred when the master key is invalid.
I modified some code for stability(?).
I will comment it when I find some bug on my code.
from chainbreaker.
Hi, just to let you know, I have updated my system and I have tried chainbreaker using your last commit and it worked very well for me.
Here is my Mac OS version:
Mac OS High Sierra
Version: 10.13.1
I won't have access to a Mac anymore, that's why I did a last try :). The issue has been fixed for me. Thanks for your work.
Have a nice day.
from chainbreaker.
@AlessandroZ Thank you.
I don't know why the issue of @Explorer1092 is occurred.
I can't solve problem until @Explorer1092 send keychain file to me. ;-(
It's security(and privacy) issue. So I can not request your keychain file.
from chainbreaker.
@n0fate do you have a email?i can send the example keychain file to you.
from chainbreaker.
@Explorer1092 I got your email. but you didn't attach a SystemKey file.
from chainbreaker.
/var/db/SystemKey
is a "blob" not just the raw key. I have added support for it in #6
from chainbreaker.
I have merged @ve6yeq 's code.
from chainbreaker.
Related Issues (20)
- Local HOT 3
- Missing parentheses
- This doesn't appear to support "Local items"
- ImportError: No module named Crypto.Util HOT 2
- where can I find the macosxml.mem and mem? HOT 1
- What am i doing wrong??
- macOS 11 Big Sur Private Key Table is not available HOT 22
- _APPL_DB_HEADER invalid offset for header? HOT 1
- macOS Monterey Public Key Table is not available HOT 1
- Private key export from macOS Monterey system keychain fails with [Invalid Password / Keychain Locked] HOT 7
- Macos Big Sur 11.6.2 [Invalid Password / Keychain Locked] HOT 2
- Update chainbreaker.py to work with Python 3.x HOT 20
- How do I export an `non-extractable` certificate HOT 2
- Dump passkeys
- Chainbreaker2 question
- Chainbreaker2 hashing issue
- how to access to local items db ?
- chain break wont grabbing Web form password
- Application Bundles Using Chainbreaker Crashing HOT 1
- cannot import name 'args_control' from partially initialized module
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chainbreaker.