Apple uses a key strengthening algorithm on their passwords, similar in concept to Bcrypt - I think they've increased the number of rounds past the 1000 mentioned since this paper came out: http://people.cis.ksu.edu/~sakthi/src/data/filevault_sakthi....
If you've already compromised an account and have access as that user, it's likely that what you're going after isn't going to be their password...
... although, if you were to nab the password file and their keychain file (which contains passwords to other accounts that they access) which is generally encrypted with the same password (the system nags you if it's not the same), you could potentially do some real damage.
If you've already compromised an account and have access as that user, it's likely that what you're going after isn't going to be their password...
... although, if you were to nab the password file and their keychain file (which contains passwords to other accounts that they access) which is generally encrypted with the same password (the system nags you if it's not the same), you could potentially do some real damage.