search

juuso / keychaindump

A proof-of-concept tool for reading OS X keychain passwords
508 stars 129 forks source link

Not Working... I think... #6

Open IsaiahJTurner opened 10 years ago

IsaiahJTurner commented 10 years ago

Maybe it's just my own stupidity but I keep getting this error when compiling it: keychaindump.c:209:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey1, &ks1); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:210:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey2, &ks2); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:211:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey3, &ks3); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:214:5: warning: 'DES_ede3_cbc_encrypt' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_ede3_cbc_encrypt((unsigned char )in, (unsigned char )padded, l... ^ /usr/include/openssl/des.h:178:6: note: 'DES_ede3_cbc_encrypt' declared here void DES_ede3_cbc_encrypt(const unsigned char input,unsigned char *output, ^ keychaindump.c:449:9: warning: implicit declaration of function 'geteuid' is invalid in C99 [-Wimplicit-function-declaration] if (geteuid()) { ^ keychaindump.c:490:21: warning: using the result of an assignment as a condition without parentheses [-Wparentheses] ...(key_len = dump_wrapping_key(key, g_master_candidates[i], buffer, sz)) {


keychaindump.c:490:21: note: place parentheses around the assignment to silence
      this warning
  ...(key_len = dump_wrapping_key(key, g_master_candidates[i], buffer, sz)) {
              ^
      (                                                                   )
keychaindump.c:490:21: note: use '==' to turn this assignment into an equality
      comparison
        if (key_len = dump_wrapping_key(key, g_master_candidates[i], buf...
                    ^
                    ==
6 warnings generated.

And when executing it it prompts for my password and then hangs... forever.
juuso commented 10 years ago

Hi,

The warnings are ugly but harmless, os x has deprecated the library functions but they still work.

And if you run the binary as sudo (as you should), it's normal that it prompts for your password. However, it shouldn't hang after entering your password. Does it print out anything after you enter your pw?

-Juuso

On 22.3.2014, at 5.06, "IsaiahJTurner@gmail.com" notifications@github.com wrote:

Maybe it's just my own stupidity but I keep getting this error when compiling it: keychaindump.c:209:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey1, &ks1); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:210:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey2, &ks2); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:211:5: warning: 'DES_set_key' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_set_key((C_Block )ckey3, &ks3); ^ /usr/include/openssl/des.h:225:5: note: 'DES_set_key' declared here int DES_set_key(const_DES_cblock key,DES_key_schedule schedule) DEPREC... ^ keychaindump.c:214:5: warning: 'DES_ede3_cbc_encrypt' is deprecated: first deprecated in OS X 10.7 [-Wdeprecated-declarations] DES_ede3_cbc_encrypt((unsigned char )in, (unsigned char )padded, l... ^ /usr/include/openssl/des.h:178:6: note: 'DES_ede3_cbc_encrypt' declared here void DES_ede3_cbc_encrypt(const unsigned char input,unsigned char *output, ^ keychaindump.c:449:9: warning: implicit declaration of function 'geteuid' is invalid in C99 [-Wimplicit-function-declaration] if (geteuid()) { ^ keychaindump.c:490:21: warning: using the result of an assignment as a condition without parentheses [-Wparentheses] ...(key_len = dump_wrapping_key(key, g_master_candidates[i], buffer, sz)) {

keychaindump.c:490:21: note: place parentheses around the assignment to silence
this warning
...(key_len = dump_wrapping_key(key, g_master_candidates[i], buffer, sz)) {
^
( )
keychaindump.c:490:21: note: use '==' to turn this assignment into an equality
comparison
if (key_len = dump_wrapping_key(key, g_master_candidates[i], buf...
^
==
6 warnings generated.

And when executing it it prompts for my password and then hangs... forever.

—
Reply to this email directly or view it on GitHub.
IsaiahJTurner commented 10 years ago

2 months later but I use this tool allot for security demonstrations in unison with the USB Rubber Ducky and I just wanted to mention that entering your password is not required if you boot into single user mode and create a reverse shell as the root user :D I made an "Intelligent Active User Detection" feature that I may put up soon that makes it easier to detect which keychains are unlocked if you are logged into SSH as root but the Mac as a user.