Requirements

• Physical access to the machine.

If you need to crack passwords on Tiger, Leopard, or Snow Leopard, please use our tried-and-true Decrypt OS X User Account Passwords guide.

Procedure

1. Gain Root OR Admin Access

If you don’t have access to an administrator already, you need to acquire root access.

If you don’t have admin access, boot the computer into Single-User Mode by holding CMD+S on startup, mount the drive, and type the command:

/sbin/mount -uw /

Followed by:

launchctl load /System/Library/LaunchDaemons/com.apple.opendirectoryd.plist

And finally:

passwd

Then, enter your new root password when prompted twice. After the password has been reset, type:

restart

And hit return/enter.

2. Log In

Log into an administrator account that you have access to on the computer, or, if you don’t have access to one, select “Other” in the Login Window (only if you have User Account Pictures enabled), and enter “root” as the username, and then the password that you just set.

3. Download Utility

For 10.7, we’ll be using the DaveGrohl utility to both crack the password and extract the hash.

The utility works by extracting the hash from the User Profile, which is located in:

/private/var/db/dslocal/nodes/Default/users/.plist

With replaced with the name of the target user. It pulls the hash from the ‘ShadowHashData’ field and begins cracking.

Download the DaveGrohl 10.7 cracking utility here.

4. Open Up Terminal and Open the Directory

Once you’ve downloaded the utility, open up Terminal and type:

cd Downloads/DaveGrohl

5. Crack The Password

Type the following to begin cracking the password:

sudo ./dave -u

Replacing with the shortname of the target user and entering your password when prompted (it will not prompt you for a password if you’re logged into the root account).

That’s It!

DaveGrohl will begin cracking your password via wordlists and then continue with brute-forcing until it gets the password.

It can take quite a bit of time, depending on the complexity of the password, so be patient! Passwords we’ve cracked have ranged from a few seconds to several days.

When DaveGrohl has successfully cracked the hash, it’ll spit out a message like this:

-- Found password : 'banana'
-- (dictionary attack)

Finished in 0.772 seconds / 51,860 total guesses...
67,209 guesses per second.

5. Optional: Extract Hashes

If you only have a limited window of access to the target computer, DaveGrohl can give you the hash formatted for cracking in John The Ripper, so you can crack the password on a computer of your choice at your convenience. We cover how to use John in our other guide, so check that out if you’re interested.

To extract a correctly formatted hash, use this command:

sudo ./dave -j

Replacing with the target user’s shortname, and again, entering your password if prompted.

You can then copy and paste the output into a .txt file and load it into John.

Advanced Options

Here are a few advanced options that can be used when cracking passwords with DaveGrohl. Type:

sudo ./dave

before entering any of the following parameters.

-u username : Crack a user’s password.
-i : Incremental attack only.
-c chars : Specify possible characters in the password.
-m # : Specify minimum length of the password.
-M # : Specify maximum length of the password.
-v : Verbose mode. (hella slow)
-j username : Dump a user’s password hash formatted for John the Ripper.
-h : Help

Let us know in the comments if this worked for you!

1. Create a Firmware Password

When you enable a firmware password, the user must enter it before performing tasks like booting from a disk, resetting PRAM, and most importantly, entering single-user mode. Single-user mode is vital for many of our tutorials, like our article on how to create a new administrator account. If a firmware password is enabled, the hacker simply cannot use that tutorial.

Of course, there are ways around a firmware password (as detailed in this article), but that can easily be prevented by not allowing physical access, which we’ll talk about later.

If you want to learn how to set up a firmware password, you can take a look at this article by Apple.

2. Turn off Remote Login

Whenever somebody tries to SSH into your computer, they need remote login to be enabled. If you disable it, they won’t be able to remotely access your computer. I only turn remote login on when I need it for a specific purpose for a short period of time.

To turn off remote login, go to the Sharing tab in System Preferences and uncheck Remote Login if there is a check mark next to it.

3. Choose a Secure Password

This is obvious, but we can’t overstate the importance of having a secure password. Everything you do should have a unique password containing numbers, letters, and symbols. By doing this, you effectively prevent brute force attacks from succeeding. If somebody tries to decrypt your password when it is that secure, it will take so long that you will have a good chance of catching them in the act!

I just have to say it one more time: choose a secure password. It’s amazing how many people ignore this advice!

Check out this tool to help you get an idea for how secure your password is.

4. Don’t Give Others Physical Access

If a hacker is literally sitting in front of your computer, there’s really nothing you can do to stop them from doing what they want. With physical access, there’s a way around everything. However, if you follow the 3 other tips in this article and don’t let them anywhere near your computer, they can’t hack it. Try to keep your computer as secure and isolated as possible, and you won’t have any hacking problems!

Conclusion

Hackers can be very devious (especially if they’ve read the articles on this site!). If you follow the four simple rules in this article, you’ll be safe from them, whether they’re going after your personal information or simply pranking you. Good luck!

Quicksilver has been the de facto application launcher for Mac for a long time, but now competitors are starting to pop up. One I particularly like is Alfred, and this article is going to help you figure out which one is for you.

Design

Design is obviously subject to personal preference, so I’ll just go with what I think here. Quicksilver has many more options for customizing its design and you can make it look like anything you want, essentially. However, I really enjoy the simplicity and appearance of functionality that Alfred’s default window has. It just looks like it works and it stays out of your way. I like that in an app.

Edge: Alfred

Extendability

Alfred is not all that extendable yet. It functions simply and does what it should, but it is missing many of the plugins that Quicksilver has. With Quicksilver, there’s a plugin out there for pretty much anything you could need, making it much more than just an application launcher. Alfred is missing this extendability, and that’s something that I miss when using it.

Edge: Quicksilver

Simple Functionality

In short, Alfred works. It finds what you need and it is easy to customize it so that it will search for files, applications, folders, or anything else you could want – or you can restrict it. If you don’t want it to search for files or folders automatically, you can always type “find file” and it will search for the file.

That said, Quicksilver can do a lot more. Alfred’s only option is to open the application or file when you navigate to it, but Quicksilver can do so much more. With the help of plugins, it can edit images, upload to websites, move files, and practically anything else you can think of.

While I appreciate Quicksilver’s abilities, I think the Alfred gets the edge for simple functionality because it just works the way an application launcher should.

Edge: Alfred

Options

Both Alfred and Quicksilver have a lot of options (especially if you buy the PowerPack for Alfred), but Quicksilver definitely has more. You can customize every aspect of the application and easy assign any number of restrictions to your searches. Alfred can do this to some degree, but it is more cumbersome and not as clean.

Edge: Quicksilver

Speed

Alfred wins hands down in the speed category. Some tests have shown that it gives you the results up to three times faster than Quicksilver, and I can anecdotally support this as well. There isn’t much to discuss in this category – Alfred wins.

Edge: Alfred

Verdict

The choice is up to you. I recommend you try both for a week and see which suits your needs better. But if you were to ask for my option, I like Alfred more. It works smoothly and intuitively, and is quick and well-designed. I couldn’t ask for anything more.

Want to download Quicksilver? Here’s where you can get it: Blacktree Software.

How about Alfred? Here’s where you can get it: Alfred App.

Your iPhone stores a file that contains everywhere you have been with it.

This is becoming a pretty big deal and it is causing a bit of an uproar. Let’s take a look at what’s going on.

How Does it Work?

Instead of using GPS tracking, which can be enabled or disabled, this tracking system uses cell phone towers. The phone triangulates your location based on which cell towers you are nearby and stores this. Unfortunately, this means that you can’t simply turn off the tracking and continue with your life.

The file itself is hidden on your iPhone, but it can be easily accessed.

How Can I Look at the File?

If you want to look at the file, you can use the iPhoneTracker application developed by Pete Warden and Alasdair Allan. When you run it on the computer that you normally sync your iPhone to, it will collect the files and display them for you. You can watch your movement over time or just look at everywhere you’ve been.

To download iPhoneTracker, click here.

How Does This Affect Me?

It really doesn’t do much. As much noise as people are making about this, there is no real security risk that is currently apparent. What it does mean, though, is that in the future, your location data will most likely be readily available; and that is not something that we’re looking forward to.

iOS 5

Notifications Center

The notifications center is an overhaul to the way notifications work in iOS. Notifications now appear on a bar at the top of the screen that can be dragged down into an expanded view. This expanded view incorporates notifications from all apps, including text messages and emails. (Quite a bit like how they deal with notifications on Android) Additionally, notifications are now incorporated into the lock screen. This allows you to swipe the name of a notification on your lock screen and be sent directly into that app.

Newsstand

The newsstand is Apple’s new subscription service for iDevices. You can subscribe to a participating magazine or newspaper and new issues are automatically downloaded in the background. It will work offline and will sync across all your devices. Think of it as iPeriodicals.

Safari

Another feature of iOS that is getting an overhaul is Safari. The two main features that are being introduced are Safari reader and tabs. Tabbed browsing is relatively self-explanitory and a long time coming, but a new feature, Safari Reader is able to take an online article and pull the text and images relevant to an article and save it to view later. It also appears it may be able to pull multiple page articles into one continuous document.

Twitter Integration

Apple released a new feature which will allow you to enter your twitter information once, and allow it to be utilized by any compatible app. It is of course optional and an app will ask for your permission before accessing your twitter. For instance, you can take a picture with the Camera app and then click the tweet button and it will automatically upload it to your twitter feed.

iMessage

iMessage is a new BlackBerry Messenger-like feature for iOS. It is a messaging center that allows you to message your friends on their iOS devices. It works over Wi-Fi and 3G and syncs between all your iOS devices. You can send text, photos, videos, and even contacts. It also supports the ability to group chat with other users.

Wireless Sync

Another important feature that Apple released was the ability to sync your iDevice wirelessly. You won’t ever need to plug it into a computer again!! (Unless that is how you charge your personal device) Setting up your device can be done wirelessly and updates are also wireless. When it updates it will only download what has changed since the last time you update as to reduce download sizes.

These are some of the main new features of iOS 5. This is not an exhaustive list, but it is some of the main features. Others include, a camera button on the lock screen, shutter button instead of a volume button, reminder system, and iCloud integration. iOS 5 is slated for release this fall and will be compatible with the iPhone 3GS and 4, iPod 3rd and 4th generation, and iPad 1 and 2.

OS X Lion

Mission Control

Mission control is a new feature in Lion that combines both expose and spaces. It is fully integrated with multitouch gestures. It also can provide you with an overview of every window of every application open on your mac. Moreover, it provides an easy way to switch between full screen applications. Speaking of which…

Full Screen Applications

Lion includes a new feature that allows you to put compatible applications into a full screen mode. This way they can take full use of the available screen real-estate. This is a nice way to clean up your screen when surfing the web or checking your mail. Mission control is fully integrated so you can switch between multiple full screen applications.

Resume/Auto save

The Resume and Versioning feature also comes with Lion: Resume allows you to reopen an application and begin right where you left off. This feature ties in with another new feature Apple has released which is auto saving. This means that you will no longer have to remember to save your document every few minutes when you are working on it, Lion will do it for you. Auto saving can be turned off by clicking on the document title and choosing a different option.

Versions

Another new feature Apple has released is Versions. This allows you to go back through the history of a document, using a time machine like interface, and view previous versions. Say you deleted a picture in one of the previous versions of a document and you want it back? Well now you can just drag it from the earlier draft into the new document you are working on.

Launchpad

Launchpad is an iOS-like aggregator for all applications on your computer. You can create groups of applications, much in the same way you can on iOS, and launchpad is also easily controlled by multitouch gestures. A four fingered pinch now brings up the menu, and you can swipe your way through applications to your hearts content.

You may recognize many of these features from iOS. This is because it appears that one of Apple’s main goals with Lion is to bring user interface elements that worked on their portable devices and apply them to Macs. And, again, there are many other features of Lion not covered in this overview, like the newly released API’s, App store integration, and more, but this is a quick look at some of the more interesting features coming to Lion.

What Are They?

The commands are ssh and telnet.

We’ve already talked a lot about SSH and how to use it. If you need a refresher, you can check out our SSH Basics article. If you want to go a bit further, read our guide on using SSHSudo –- it talks about controlling multiple computers with SSH and executing commands as a superuser.

We haven’t really mentioned telnet yet on the site. Telnet was much more popular before SSH came around, as they essentially accomplish the same function. The syntax is almost the same and it performs similarly, but there are a few key differences.

What Makes Telnet Different?

The first thing you should know about telnet is that it sends all the information in plaintext. That means that none of the information you type in – including usernames and passwords – is encrypted.

Read that again. The information is sent over an unencrypted connection when you use telnet.

This differs from SSH, which establishes a secure, encrypted connection with the target computer. The acronym SSH even stands for Secure Shell.

Telnet also does not perform any authentication when you connect remotely, which can be dangerous.

What Is the Syntax for Telnet

If you went back and read our posts on SSH, the syntax for telnet should look very similar:

telnet 1.1.1.1

Of course, replace the 1.1.1.1 with the IP address of the computer you are targeting. Next, when prompted, enter the username and password that you are targeting and hit enter to be logged in.

From here, you can do things just as if you were using SSH, including executing AppleScript from the command line.

The Verdict

You should always use SSH when possible. It is more secure and encrypts the information that you send. In addition, its compression is better so it may be faster in certain cases. There is no reason to use telnet anymore when remotely connecting to another computer.

We’ve been hard at work on creating a community here at HackMac.org, and we think it’s time to really open up the discussion. After hearing from you guys over and over again that you wanted a forum, we’ve finally created one!

Click here to access the forum.

What can you do on the forums? A whole lot, including:

• Ask questions about the articles on our main site
• Ask questions about technical problems you’re having with your computer
• Answer other people’s questions
• Talk about whatever you feel like in the off-topic section
• Write guides or articles of your own

And of course, you can pretty much talk about whatever else you want. You should head over to the forums right now and register!

Why Forward Your Ports?

Port forwarding can be very useful if you want to connect to your computer from a remote location. For instance, if you try to SSH into your computer from another using your external IP address, the connection will time out. Why? Because the SSH command is pointing to the router, and not the particular computer. The router doesn’t know where to direct the SSH. With port forwarding, you can configure your router to forward any incoming connections to port 22 (the port SSH uses) to your specific computer. This can also be used to host multi-player servers, or even allow you to connect over the internet via Apple Remote Desktop.

You do have to keep in mind some of the dangers when forwarding your ports; your router usually provides some degree of protection from hackers trying to SSH into your computer, and you’re opening up that port. There’s nothing to stop the hackers from trying to guess or bruteforce your password. If they succeed, they would then have full access to your computer from anywhere. Keep that in mind when forwarding your ports, and as always, remember to keep your password secure.

How do I forward my ports?

The process for port forwarding is different for every router. Thankfully, someone has compiled all of that information (along with screenshots and default router passwords) together into one website.

Portforward.com has router specific guides with screenshots that should help you get started.
They don’t have everything, but their list is pretty extensive.

They also have a list of default router passwords, which will be very useful if you haven’t changed your router password — most don’t, but you should!

How do I know which ports to forward?

Portforward.com has got that too, including everything from Minecraft Server (port 25565) to Age of Empires III (ports 80 and 2300) and Apple Remote Desktop (it has three ports to forward, 3283, 5900, and 5988). Here’s the full list.

It’s main function is to display the computer screen live, and allow you to use the computer remotely. everyAir supports “pinch to zoom” functionality, so that you can focus on certain portions of the screen. During testing on an iPod touch it was determined that some resolution differences can make it more difficult to control. On one of our Mac Pros with a 32 inch monitor (1990×6969 resolution), it took a lot of pinching and zooming to navigate around the screen. This problem was not present with one of our MacBook Pros, and was very cool. Beyond just using it to control the screen from a distance, it functions very well as a tablet.

PandaElf, the creators of everyAir, extol its ability to play video games such as Starcraft and World of Warcraft, and they included a D-Pad and joystick set of controls to make gaming easier. However, it’s difficult to game when using an iPod, due to the small screen size, but when using an iPad it truly is glorious. It takes a little getting used to, like every remote desktop application, because the gestures to control the machine are vastly different than you’re used to, but playing Starcraft and Minecraft is very, very fun. I am, however, rather old fashioned when it comes to gaming and think I will continue playing World of Warcraft with the classic option: a mouse and keyboard.

As for connectivity, everyAir is intended for use over a Local Area Network (LAN), although with port forwarding you can connect to your machine remotely. I would advise caution when exposing your computer to the Internet as it makes your machine much more vulnerable to hackers and unauthorized users. While the low latency on local networks is fantastic, expect far worse performance when connecting via the internet.

All in all I am quite pleased with everyAir. It had exceeded my expectations and it’s well worth the five bucks. It still has some features that have yet to be implemented, such as a live audio feed (it currently only sends video), but PandaElf says they are working on this along with other new and exciting features.

I strongly recommend this app for anybody who wants to be able to control their computer from their iDevice.

Check out the everyAir iOS application and download it!

You should remember how to:

• Use SSH syntax
• Open up a connection to that computer
• Execute commands remotely

Just one more time, here’s the syntax for SSH:

ssh user@hostname

If you don’t remember what all the parts of that command do, head back to our Basic SSH article.

What’s a SuperUser?

We’ve mentioned it a couple times before, but I’d like to go into a bit more depth about what sudo is and what it can do for you.

First of all, let’s talk about what a superuser is. A superuser is an account on a computer that has all permissions. That is, they can do anything to any file or account on the computer – think of the superuser as the ultimate account.

Sudo allows you to execute a command as a superuser, meaning there are no restrictions on the command.

How do you use sudo?

Just type:

sudo command

It will prompt you for the root password, which you should then type in and hit enter (nothing will show up as you type). Assuming you typed the password right, the command will be executed without any restrictions. If you don’t know what the root password is, you should subscribe to our newsletter over in the sidebar – we tell you exactly how to get into the root account and change the password to whatever you want!

How can sudo be useful?

Sudo is useful when you want to perform commands like deleting files or changing passwords when you’re logged into an account that doesn’t have permission to perform those tasks.

You might be asking right now why you shouldn’t just be logged into a superuser all the time. That is not smart since any command you type will be immediately executed without any need for a password. That means that even if you type a very dangerous command (imagine you type the command to delete the contents of your hard drive), it will be executed.

I recommend staying on a normal user account and only using sudo when you need to.

Remotely Controlling Multiple Computers

We’re going to move to a slightly different topic now: using ssh to access multiple computers.

The slow way to do this is pretty simple: just run the same commands over and over again changing the target computer’s IP address and username, if applicable. This is fine if you’re running the same command on just two or three computers, but any higher than that and it starts to become an annoyance.

Introducing SSHSudo

There’s a tool that hugely simplifies this whole process: sshsudo.

Not only does sshsudo allow you to remotely perform commands on multiple computers, but it also allows you to painlessly run tasks via sudo on their computers.

Where might this be useful? Imagine you’re in a place where all the administrator account are the same, like a workplace or school. You could remotely control all the computers at once and run commands as the superuser on all of them! That’s pretty cool.

Installing SSHSudo

Installing SSHSudo is pretty easy. Just head to the website and download the file. It’s really small. Put the file in whatever directory you want. I’ll just put it in my home directory, so the path is:

~/Users/evansavage/sshsudo

Now we’re going to make the script executable. This is a vital step – without it, we won’t be able to run it. So type into Terminal:

chmod +x ~/Users/evansavage/sshsudo

Of course, replace the path to the file with where ever you put yours. Now you can run the script!

Using SSHSudo

Now here’s the part you’ve been waiting for – how to remotely control multiple computers!

Here’s the SSHSudo syntax (don’t worry, we’ll go through each part of it):

sshsudo -r -v [-u user] AccountList Command [arguments]

Whew! Let’s start at the beginning:

sshsudo is the start of the command – that’s the path to your ssh sudo file. I’ll show you how I recommend simplifying getting to the file in a minute, though.

-r is a modifier for the command sshsudo. You can choose to add it or not. If you do put it there, it will copy whatever script you’re running on the target computer to the target computer instead of running it remotely from your computer. This is useful if you want the script to execute more quickly, since the whole thing will be on the target computers.

-v is another modifier. It makes the shell display verbose output. This just means it will show more details of what is going on – you probably don’t need this.

-u is yet another modifier. This sets the default user for the script. If you do this, you don’t need to specify the username in the AccountList part of the command. If you choose not to specify the user, it will use whatever you put after -u. If you don’t put anything here, you will need to type the username for each computer you’re targeting. You may want to do that if you’re targeting a different account on each computer, but if you want to run a command as, say, admin on all those computers, this can be very useful.

AccountList is where you put the accounts. They should be formatted like this: user1@computer1,user2@computer2,user3@computer3 and so on. If you put a default username after the -u modifier, the format could be like this: computer1,computer2,computer3 etc. Alternatively, this could be the path to a file where you have the username and account syntax, one per line. Where I put computer1, computer 2, and computer 3, you should put the IP addresses, just like we did in the SSH Basics article.

Arguments is where you put the actual command that you want to run. If you need a refresher on what you can do here, go back to our first SSH article or check out How to Run AppleScript from the Command Line.

So a sample workflow would be:

1. Open up Terminal
2. Type cd ~/Users/evansavage and hit enter
3. Type sshsudo -u admin 1.1.1.1,2.2.2.2,3.3.3.3 say Im in your computer and hit enter

This will make the computers on the local network with IP addresses 1.1.1.1, 2.2.2.2, and 3.3.3.3 all say “Im in your computer” out loud via the account name admin.

By using cd ~/Users/evansavage, I navigated to where my SSHSudo script was. That way when I execute the sshsudo command, I won’t need to type in a path to the file. Of course, change that to where you put your SSHSudo file

If you noticed, we left out the apostrophe in I'm, shortening it to Im. That’s because Terminal uses single quotes (the same character as an apostrophe) to call for other functions. If you type the command using I'm, leaving the apostrophe in, the command won’t run properly.

By the way, if you want to know more about pranking people by using SSH, sign up for our newsletter over in the right sidebar. It will send you a screencast after a couple days detailing exactly how to pull some awesome pranks on your friends.

I hope that by now, you’re realizing how many options you have. You can do so much with SSHSudo, from pranking a group of people to installing an app on multiple computers. Let us know in the comments if you have any questions about any of this, and we’ll be glad to answer them!