Binary Protectors Blog

Peace Of Mind Isn’t Priceless.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Bloggers
    Bloggers Search for your favorite blogger from this site.
  • Team Blogs
    Team Blogs Find your favorite team blogs here.
  • Login
    Login Login form

How To HACK Apple MAC Password In 30 Seconds!

Posted by on in Binary Protectors News
  • Font size: Larger Smaller
  • Hits: 2212
  • 0 Comments
  • Subscribe to this entry
  • Print

Macs are always thought to be the safest, most hack-proof computers out there.  Well, we will show you this is not the case.....



All an attacker needs is a $300 device to seize full control of your Mac or MacBook.

Swedish hacker and penetration tester Ulf Frisk has developed a new device that can steal the password from virtually any Mac laptop while it is sleeping or even locked in just 30 seconds, allowing hackers to unlock any Mac computer and even decrypt the files on its hard drive.

So, next time when you leave your Apple's laptop unattended, be sure to shut it down completely rather than just putting the system in sleep mode or locked.

Here's How an Attacker can steal your Mac FileVault2 Password


The researcher devised this technique by exploiting two designing flaws he discovered last July in Apple's FileVault2 full-disk encryption software.

The first issue is that the Mac system does not protect itself against Direct Memory Access (DMA) attacks before macOS is started.

It's because the Mac EFI or Extensible Firmware Interface (similar to a PC's BIOS) let devices plugged in over Thunderbolt to access memory without enabling DMA protections, which allows Thunderbolt devices to read and write memory.

Secondly, the password to the FileVault encrypted disk is stored in clear text in memory, even when the computer is in sleep mode or locked. When the computer reboots, the password is put in multiple memory locations within a fixed memory range, making it readable by hacking devices.

Dubbed PCILeech and costs approximately $300, the hacking device exploits these two vulnerabilities to carry out DMA attacks and extract Mac FileVault2 passwords from a device's memory in clear text before macOS boots, and anti-DMA protections come into effect.

This video shows you step by step how to do it.

Peace Of Mind Isn’t Priceless.

Thank You,
Alex Athineos

Alex Athineos has not set their biography yet

Achievements

Comments

  • No comments made yet. Be the first to submit a comment

Leave your comment

Guest
Guest Wednesday, 08 April 2020