Python script utilising the OSX diskutil command in order to perform a brute force attack on FileVault volumes. It currently attaches a specified .dmg image file and determines the encrypted volume's GUID. It will then attempt to crack the password with a pre-determined password list. Once a password is found the script then gives the user the option to acquire the decrypted partition.
This script will only work for OS X images which have been converted to .dd (the first file being re-named to .dmg).
| Dependancies | How to Install |
|---|---|
| dc3dd | brew install libewf |
- Include the option to create case specific keyword lists.
- Incorportate timekeeping i.e. estimated time remaining etc.
- Create step-by-step guide for usage.
- Add GUI interface.
os.system('mount -o ro,noexec,noload,noatime,loop /mnt/ewf/' + imagefile + 'dd /mnt/raw/')