Password Access (Mac)
A good friend of mine (Huggz) discovered a way of pulling your root password on your Mac. The oveall concept is that you are dumping the human readable text out of /dev/vm/sleepimage into another file in which you will find some interesting stuff including your root password. Kinda scary!
This takes a good while to dump all the content as that file can be upwards to 2GB. Search through the /var/vm/sleepimage-ascii file and you will see some goodies.
mac:~ me$ sudo su -
mac:~ root# cd /var/vm
mac:vm root# strings -n 4 sleepimage > sleepimage-ascii
I found my password all through this file. While most of these will be your password just on a line, and depending on your password, would be hard to know it was a password. However, one line I ran across blatenly says passwordXXXXusernameXXXX (line: 4186701 – for me). If you search throuh more you will see other lines that clearly displays hostname, username, password, home directory (lines: 7810286-7810293 – for me). If you keep digging you can find not only the login information for this particular machine but others for Samba mounts, ftp, web sites, etc. Good stuff!!!
There is also a more complete and detailed write up of other file dumps over at theInterW3bs.