# Panther Password Recovery



## bdemonbr (Jun 29, 2005)

I just got a G4 running Panther os 10.3.6 but the guy I got it from can't remember the admin password. I did a ton of google research but have reached a deadend when attempting to "nidump passwd ." as 10.3 just prints out asterisks. 

Is it even possible to crack the password in 10.3 and up ?


----------



## palmeira (Jul 4, 2005)

To recover from a lost admin password, boot the computer from the install CD. From one of the drop down menus you will find an option to reset the admin password.


----------



## bdemonbr (Jun 29, 2005)

okay thanks - I was hoping there was still a way to just crack it since my friend who can't remember the admin would be the one who has the install disc too :sayno: 

thanks!


----------



## bdemonbr (Jun 29, 2005)

ok - now I'm just trying to reset the password as I do not have access to the install disc(s) - these are the Unix commands I'm giving it:

/sbin/fsck -y
/sbin/mount -uw /
/usr/libexec/register_mach_bootstrap_servers /etc/mach_init.d
cd /var/db/netinfo
netinfod -s local
SystemStarter
passwd root
reboot

But after SystemStarter says "Startup Complete" I get a string of info and nomore localhost prompt - it seems the computer gets stuck here:

2006-01-02 17:39:38.565 open[210] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2006-01-02 17:39:38.774 open[210] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app
2006-01-02 17:39:47.107 open[223] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2006-01-02 17:39:47.125 open[223] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app
2006-01-02 17:39:55.921 open[224] LSCopyItemInfoForURL() returned -35 for path /System/Library/CoreServices/ARD Agent.app
2006-01-02 17:39:55.939 open[224] Couldn´t open file: /System/Library/CoreServices/ARD Agent.app

then I let it sit for a bit and this came up:

arp: 192.168.0.1 moved from 00:13:46:14:9d:2a to 00:12:f0:55:67:87 on eno0
arp: 192.168.0.1 moved from 00:12:f0:55:67:87 to 00:13:46:14:9d:2a on en0

Anybody have any ideas?


----------



## sinclair_tm (Mar 11, 2005)

looks like you hosed your os install. now you have to get your friend with the disks to come over and reinstall everything. as far as resetting the pw, the * ONLY * way to do it is to use the install cd/dvd. apple did that for a reason. sorry for the bad news.


----------



## bdemonbr (Jun 29, 2005)

well I wouldn't say I hosed it - the computer still works the way it did when I got it. That and it seems a lot of people have posted on this blog that it worked for them:

http://www.intelliot.com/blog/archives/2005/02/15/mac-os-x-password-recovery/


----------



## sinclair_tm (Mar 11, 2005)

ok, i see what you mean, i thought at frist that you ment that showed up after you tryed changing the pw, not before. from the blog, it looks like a hit and miss thing. i still say that the best/safest thing is to use the install cd/dvd. that is the way apple set it up to work. i do not recommend mucking around in the unix core unless you know what you are doing, or have the install cd/dvd to reinstall incase you do hose the os. the command-s key stoke puts os x into single user mode. the fsck command runs disk first aid, has nothing to do with the pw. the mount command gives you accuss to your files. but to change anything, you still need to be using an account that has the rights to do so, and that requires a pw. i don't see how this is to work. so i can't help you, maybe there is someone with some unix experience here that can, sorry.


----------



## bdemonbr (Jun 29, 2005)

thanks for all your help - I'm gonna just bum an install disc off of a buddy - this is sort of a "toy" computer and I'm evidently addicted to breaking stuff so...you know where I'm going with this... :laugh:


----------



## bdemonbr (Jun 29, 2005)

okay...so I successfully reset the password on the "admin" account - but when I go into the "accounts" under "system" and attempt to change the password hint -it says "to make changes you need to authenticate - enter current password" I enter the new password that I just logged in with and it doesn't work. That, and my new password is 5 characters long yet I can see that the one it has stored is 7 characters long...

I even changed the root password but it's still not working

what am I missing here? :4-dontkno


----------



## sinclair_tm (Mar 11, 2005)

ignore how many *'s it puts up, it always displays 7 so that others don't know how long it really is. as far as reentering pw, i'd try making another admin account, then log into that one, then delete the old admin, them some of your problems might go away.


----------



## palmeira (Jul 4, 2005)

Having deleted the previous Admin account you will still find the user listed in the User's Directory. Should you wish to completely remove the account, launch Terminal and type in the following command: 
sudo rm -rf '/Users/Deleted Users' <RETURN>
You'll be asked for your password, enter it and the press return. 


However, a much easier option would be, using the Panther install CDs, to do an erase and install.


----------



## bdemonbr (Jun 29, 2005)

Thanks for the help - I just took Sinclair's advice and created a new admin account altogether - everything's perfect!


----------

