Mac OS X,  Mac OS X Server,  Mac Security

How to Crack a DMG Password

A dmg file is a compressed file structure, capable of containing folders, files, etc.  Dmg files can be used for a variety of purposes, from encrypting a home directory (ie – FileVault) to encrypting a file structure manually.  A dmg file can be encrypted fairly simply. From Disk Utility, create a dmg file by clicking on the File menu and selecting New and then Blank Disk Image. This will bring up a screen where you can provide a name for your home folder and a size, then select either AES 128 or AES 256, which is a bit slower.
Encrypted Disk Image

Go ahead and click on Create and then at the resultant password screen go ahead and provide a password to be used.  And let’s just go ahead and uncheck the option to create an entry in Keychain for the password.

Encrypted Disk Image createIf you would rather do so from the command line I covered how to do so in a previous post.

Now let’s download Spartan, a tool built by Ryan Kubasiak. Now download a dictionary file. I just used one of these (and for expedience sake I paired down the contents to only have about 100 possible passwords, one of which was mine). Now go ahead and open Spartan, clicking on Go! at the splash screen.

Spartan
Spartan

At the Choose a File screen, browse to and then select your password file, clicking Choose once you have done so. At the next Choose a File screen browse to and then select your dmg file which you would like to crack the password for. The password file will then be read into RAM and the password cracking will commence.

Spartan Password Progress Screen, Crack Password, Spartan!, dmg

According to the length of your password this could take a long, long time, but when it’s done you will have your password, assuming it was in the dictionary of passwords you used.  Dictionary files can be downloaded from a variety of sources, some collections taking up gigabytes upon gigabytes of space and covering every possible keyboard combination.  Therefore, the longer the password that you use and the more complex the password is, the longer it will take to break the encryption.

“So, would your holiness care to change her password?” – The Plague