Hi fellas today i m gonna teach u how to decode the stored password in Safari browser. Many of u think it will be easy to view the stored passwords like in Firefox and Google Chrome but friends let me remind u that Safari browser belongs to Apple which assures complete security. Here there is no option to view stored passwords, we have to decrypt them. The procedure is as follows:
1. We got to know Safari Stored Password file location
In Win 7
C:>users>username>AppData>Roaming>Apple>computer>preferences
In Win XP
C:>Documents and Settings>username>Application Data>Apple>computer>preferences
stores password in a file named "keychain.plist"
2. Apple by default provides a tool to decode the binary file "plutil.exe" , path to it:
C:\Program Files (x86)\Common Files\Apple\Apple Application Support
plutil.exe -convert xml1 -s -o C:\keychain.xml
"C:>users>username>AppData>Roaming>Apple>computer>preferences>keychain.plist"
Above is a single command to convert cryptic 'keychain.plist' file to easily readable 'keychain.xml' file.
3. Again the generated XML file doesnt contain password, it contains the encrypted password data along with the URL and user inf. It is encoded using BASE 64 algorithm.
Finally u have to use BASE64 decoder algo to get the original password.
NOTE: All salt generation algo and decryption functions are within the CFNetwork.dll file.
No comments:
Post a Comment