-
-
Save n8felton/fd5bc1cacabab06cc7284f69caf11b2a to your computer and use it in GitHub Desktop.
Create an MDM-compatible PBKDF2 hash and plist for use with AccountConfiguration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Requires passlib: pip install passlib | |
| from passlib.hash import pbkdf2_sha512 | |
| from passlib.util import ab64_decode | |
| from biplist import * | |
| # Checksum size must be 128 bytes for use as OS X password hash! | |
| pbkdf2_sha512.checksum_size = 128 | |
| hash = pbkdf2_sha512.encrypt("password", rounds=38000, salt_size=32) | |
| # Decode the "special" base64 encoding passlib applies and use inside the data key binary instead | |
| outerdict = {'SALTED-SHA512-PBKDF2': {'entropy': Data(ab64_decode(hash.split('$')[4])), 'salt': Data(ab64_decode(hash.split('$')[3])), 'iterations': int(hash.split('$')[2])}} | |
| biplist.writePlist(outerdict,'admin.plist') |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment