Retrieve network password (network share) from keychain in terminal

macos keychain smb afp

How can I retrieve my NAS password from Keychain using the terminal? Using security I can retrieve both application and internet passwords, but I've been unsuccessful for those where kind is set to network password.

Using the -D flag of find-generic-password doesn't do the trick.


Solution 1:

After searching, it seems the case is important for the kind. The following worked for me with the following keychain config: 

security find-internet-password -D "Network Password" -l "the_share" -w

enter image description here

Of course you can filter a bit more by indicating more element to your research

security find-internet-password -h
Usage: find-internet-password [-a account] [-s server] [options...] [-g] [keychain...]
    -a  Match "account" string
    -c  Match "creator" (four-character code)
    -C  Match "type" (four-character code)
    -d  Match "securityDomain" string
    -D  Match "kind" string
    -j  Match "comment" string
    -l  Match "label" string
    -p  Match "path" string
    -P  Match port number
    -r  Match "protocol" (four-character code)
    -s  Match "server" string
    -t  Match "authenticationType" (four-character code)
    -g  Display the password for the item found
    -w  Display only the password on stdout
If no keychains are specified to search, the default search list is used.
        Find an internet password item.

With the above results here's what are the fields (replace -w by -g)

security find-internet-password -D "Network Password" -l "the_share" -g
keychain: "/Users/bric3/Library/Keychains/login.keychain-db"
version: 512
class: "inet"
attributes:
    0x00000007 <blob>="the_share"
    0x00000008 <blob>=<NULL>
    "acct"<blob>="the_user"
    "atyp"<blob>=<NULL>
    "cdat"<timedate>=0x32303139313233303133323534345A00  "20191230132544Z\000"
    "crtr"<uint32>=<NULL>
    "cusi"<sint32>=<NULL>
    "desc"<blob>="Network Password"
    "icmt"<blob>=<NULL>
    "invi"<sint32>=<NULL>
    "mdat"<timedate>=0x32303139313233303133323534345A00  "20191230132544Z\000"
    "nega"<sint32>=<NULL>
    "path"<blob>=<NULL>
    "port"<uint32>=0x00000000
    "prot"<blob>=<NULL>
    "ptcl"<uint32>="afp "
    "scrp"<sint32>=<NULL>
    "sdmn"<blob>=<NULL>
    "srvr"<blob>="the_share._afpovertcp._tcp.local"
    "type"<uint32>=<NULL>
password: "the password"

E.g. specifying the protocol using -r "smb " will not result in any result for me as it is an afp share, but using -r "afp " will, for this particular (Note that the extra space is mandatory for this particular criteria to work). But it's also possible to search for the account using -a the_user. But for this password specifying other fields (as they are NULL) will not return anything.

macOs 10.15.2

Related

What is "iTunes Device Support Upgrade"?
New MacBook Air - update installation failed
If I delete my WhatsApp data, will my data disappears from my iCloud backup, too?
System using old version of rSync instread of new version
Activity Monitor, my system always runs in the red for CPU load - how to fix?
Crop photo in circle form on an iPad Pro
In Numbers, how can I get a cell value from another sheet with a formula?
External disk does not show in "diskutil list" after premature eject, what can I do?
How can I copy and paste the complete contents of a PEM file?
Is it possible to query the current user's Apple ID from the command line?
What are the files in the /Library/Image Capture/TWAIN Data Sources/ and can they be removed?
Question about adding SSD to my 2012 MBP (non-Retina)