Articles

Open old Mac without password

by Johnotan Soverov
August 9, 2021
Views: 65

Goldfish is a MAC OS X live forensic tool. Its main purpose is to provide an easy to use interface to dump system RAM of a target OS X machine via a firewire connection. It then automatically extracts the current user login password and any open AIM conversation fragments that may be available.

Goldfish was a project by Afrah Almansoori, Pavel Gladyshev, and Joshua James aimed at the extraction of user password and fragments of AIM instant messenger conversations directly from RAM of Apple Mac computers over a FireFire connection. Goldfish software can be used against 32 bit versions of Mac OS X up to and including Mac OS X (10.5) Leopard. A short presentation describing Goldfish is available here: Download presentation.

Goldfish is a set of linux utilities. The installer provided on this web page is based on Debian live distribution, which runs from a USB stick. The source code of the core utility that accesses Mac OS X via firewire is available on Sourceforge at http://sourceforge.net/projects/macfwdump

Source

Johnotan Soverov

http://dfir.quest

I'm passionate about everything whats IT related. In 2015 decided to persuade my dream and started career in LE. In 2018 finally got opportunity to work as digital forensics specialist. From first day I knew digital forensics and incident response (DFIR) is field in which I want to learn more and share my experience with others.

Open old Mac without password

Johnotan Soverov

You Might Like

A Comprehensive Guide to the Best DFIR Tools

Exploring the Benefits and Challenges of Automating DFIR Processes

DDoS Attacks: Prevention, Mitigation, and Recovery