是否有一个快速简便的方法来转储MacOS X的钥匙串中的内容? [英] Is there a quick and easy way to dump the contents of a MacOS X keychain?
问题描述
我正在寻找一种方式来转储(出口)的OS X钥匙串中的内容到一个文件,我可以轻松地处理其他地方,如制表符分隔的明文或诸如此类的东西。
I'm looking for a way to dump (export) the contents of an OS X keychain into a file that I can easily process elsewhere, such as tab-delimited plaintext or something of the sort.
钥匙串访问应用程序不提供任何这样的功能,并获得一个关键的数据涉及依次打开每个并具有在钥匙串的密码,看看每次存储的密钥的密码,键入
The Keychain Access app does not offer any such functionality, and getting a key's data involves opening each in turn, and having to type in the keychain's password to see the password stored with the key, every time.
有点挖后,我发现某人的解决方案通过使用AppleScript和钥匙串脚本应用访问钥匙扣(不能链接到各个岗位;约三分之二向下滚动到页面的末尾):
After a bit of digging, I found somebody's solution by using AppleScript and the Keychain Scripting app to access keychains (can't link to individual post; scroll down about two thirds to the end of the page):
<一个href=\"http://discussions.apple.com/thread.jspa?threadID=1398759\">http://discussions.apple.com/thread.jspa?threadID=1398759
使用钥匙扣脚本,您可以访问所有的按键所有数据字段 - 包括明文密码! - 而且它很容易将这些数据转储到我测试过它的文本文件等,以及它工作得很好。
Using Keychain scripting, you can access all data fields of all the keys – including the plaintext password! – and it's fairly easy to dump this data into a text file etc. I've tested it and it works well.
然而,该解决方案仍包括具有通过点击对话框OK确认访问每个键。这比在钥匙串的密码每次键入要好得多,但它仍然是刺激性的。此外,你要确认访问两次,每次关键;曾经为脚本编辑器(或脚本本身,如果它运行的应用程序),并一次钥匙扣脚本。所以,如果你正在处理100键钥匙链,你必须手动点击对话框200 OK。
However, this solution still involves having to confirm access to each key by clicking OK on a dialog. This is much better than having to type in the keychain's password every time, but it's still irritating. Furthermore, you have to confirm access twice for each key; once for Script Editor (or the script itself if it's running as an app) and once for Keychain Scripting. So, if you're processing a keychain with 100 keys, you have to manually click OK on 200 dialogs.
我现在正在寻找一个解决方案来解决这个问题。我认识到,因为它的钥匙串,以保障敏感数据和prevent precisely的那种,我试图做的事情的目的,任何这样的解决方案可能会涉及到一些黑客。
I'm now looking for a solution to get around this. I realize that as it's the purpose of keychains to safeguard the sensitive data and prevent precisely the kind of thing I'm trying to do, any such solution would probably involve some kind of hack.
我会在你的想法很感兴趣!
I'd be very interested in your ideas!
推荐答案
还好吧,我傻。有一个名为安全,不只是这(和许多其他行动对钥匙扣)。
Allright, I'm stupid. There's a command-line tool called security that does just this (and lots of other actions on keychains).
这是用法示例:
security dump-keychain -d login.keychain
这将倾倒在login.keychain以明文形式的所有数据(对用户来说,默认钥匙串),包括密码。您还是必须确认访问,但只有一次,每个键,它的速度远远超过(并试图访问特定字段时也不会抛出奇怪的错误)使用AppleScript。而且它没有破解。
This will dump all the data in the login.keychain (the default keychain for a user) as plaintext, including the passwords. You still have to confirm access , but only once for each key, and it's much faster than (and doesn't throw weird errors when trying to access certain fields) using AppleScript. And it's no hack.
如果没有 -d 选项,它会转储除密码的所有字段。
Without the -d option, it will dump all the fields except for the password.
一键看起来像这样(为互联网的关键;程序的密钥和证书有其他领域,但是格式是一样的)转储的数据:
The dumped data for a key looks like this (for an internet key; program keys and certificates have other fields, but the format is the same):
keychain: "/Users/<username>/Library/Keychains/login.keychain"
class: "inet"
attributes:
0x00000007 <blob>="tech.slashdot.org (<username for this web login>)"
0x00000008 <blob>=<NULL>
"acct"<blob>="<username for this web login>"
"atyp"<blob>="form"
"cdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"crtr"<uint32>=<NULL>
"cusi"<sint32>=<NULL>
"desc"<blob>="Kennwort des Web-Formulars"
"icmt"<blob>="default"
"invi"<sint32>=<NULL>
"mdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"nega"<sint32>=<NULL>
"path"<blob>=<NULL>
"port"<uint32>=0x00000000
"prot"<blob>=<NULL>
"ptcl"<uint32>="http"
"scrp"<sint32>=<NULL>
"sdmn"<blob>=<NULL>
"srvr"<blob>="tech.slashdot.org"
"type"<uint32>=<NULL>
data:
"<the plaintext password for this key>"
这篇关于是否有一个快速简便的方法来转储MacOS X的钥匙串中的内容?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
