Recovering Data From An Old Encrypted Time Machine Backup

Recovering data from a backup should be an easy thing to do. At least this is what you expect. Yesterday I had a problem which should have been easy to solve, but it was not. I hope this blog post can help others who face the same problem.

The problem

1. I had an encrypted Time Machine backup which was not used for months
2. This backup was not on an official Apple Time Capsule or on a USB HDD, but on a WD MyCloud NAS
3. I needed files from this backup
4. After running out of time I only had SSH access to the macOS, no GUI

The struggle

By default, Time Machine is one of the best and easiest backup solution I have seen. As long as you stick to the default use case, where you have one active backup disk, life is pink and happy. But this was not my case.

As always, I started to Google what shall I do. One of the first options recommended that I add the backup disk to Time Machine, and it will automagically show the backup snapshots from the old backup. Instead of this, it did not show the old snapshots but started to create a new backup. Panic button has been pressed, backup canceled, back to Google.

Other tutorials recommend to click on the Time Machine icon and pressing alt (Option) key, where I can choose "Browse other backup disks". But this did not list the old Time Machine backup. It did list the backup when selecting disks in Time Machine preferences, but I already tried and failed that way.

YAT (yet another tutorial) recommended to SSH into the NAS, and browse the backup disk, as it is just a simple directory where I can see all the files. But all the files inside where just a bunch of nonsense, no real directory structure.

YAT (yet another tutorial) recommended that I can just easily browse the content of the backup from the Finder by double-clicking on the sparse bundle file. After clicking on it, I can see the disk image on the left part of the Finder, attached as a new disk.
Well, this is true, but because of some bug, when you connect to the Time Capsule, you don't see the sparse bundle file. And I got inconsistent results, for the WD NAS, double-clicking on the sparse bundle did nothing. For the Time Capsule, it did work.
At this point, I had to leave the location where the backup was present, and I only had remote SSH access. You know, if you can't solve a problem, let's complicate things by restrict yourself in solutions.

Finally, I tried to check out some data forensics blogs, and besides some expensive tools, I could find the solution.

The solution

Finally, a blog post provided the real solution - hdiutil.
The best part of hdiutil is that you can provide the read-only flag to it. This can be very awesome when it comes to forensics acquisition.

To mount any NAS via SMB:

mount_smbfs afp://<username>@<NAS_IP>/<Share_for_backup> /<mountpoint>

To mount a Time Capsule share via AFP:

mount_afp afp://any_username:password@<Time_Capsule_IP>/<Share_for_backup> /<mountpoint>

And finally this command should do the job:

hdiutil attach test.sparsebundle -readonly

It is nice that you can provide read-only parameter.

If the backup was encrypted and you don't want to provide the password in a password prompt, use the following:

printf '%s' 'CorrectHorseBatteryStaple' | hdiutil attach test.sparsebundle -stdinpass -readonly

Note: if you receive the error "resource temporarily unavailable", probably another machine is backing up to the device

And now, you can find your backup disk under /Volumes. Happy restoring!

Probably it would have been quicker to either enable the remote GUI, or to physically travel to the system and login locally, but that would spoil the fun.

Related posts

1. Hacking Tools For Windows 7
2. Hack Tools
3. Hacking Tools Mac
4. Hacker Tools For Pc
5. Best Hacking Tools 2020
6. Hacking Tools Github
7. Hacking Tools Online
8. Hacking Tools Kit
9. Hacking Tools Windows 10
10. Pentest Tools Nmap
11. Wifi Hacker Tools For Windows
12. Black Hat Hacker Tools
13. Hacker Search Tools
14. Best Hacking Tools 2019
15. Hack Tools For Mac
16. Pentest Tools For Ubuntu
17. Hacking Tools Mac
18. Pentest Tools Bluekeep
19. Hacker Tools 2020
20. Hacking Tools Hardware
21. Hacker Tools Online
22. Pentest Tools Tcp Port Scanner
23. Hack Tools Online
24. Hacking Tools Download
25. Hack Tools For Ubuntu
26. World No 1 Hacker Software
27. Nsa Hack Tools Download
28. Pentest Tools For Mac
29. Free Pentest Tools For Windows
30. Hacker Hardware Tools
31. Pentest Tools For Mac
32. Growth Hacker Tools
33. Hacking Tools Windows 10
34. Growth Hacker Tools
35. Hacking Tools For Windows
36. Hack Tools For Mac
37. Hacking Tools 2019
38. Pentest Tools Bluekeep
39. Hacker Tools 2020
40. Hacker Tools
41. Hacking Tools Hardware
42. Hacking Tools For Windows 7
43. Best Pentesting Tools 2018
44. Hacker Techniques Tools And Incident Handling
45. Hack Apps
46. How To Make Hacking Tools
47. Hacker Tools Github
48. Pentest Tools Url Fuzzer
49. Hacker Tools Linux
50. Hacker Hardware Tools
51. Hacking Tools 2019
52. Hacker Tools Software
53. Hacker Tools For Pc
54. Pentest Tools For Android
55. Hacking Tools And Software
56. Wifi Hacker Tools For Windows
57. Hacker Tool Kit
58. Hacker Tools Online
59. Hacks And Tools
60. Hacking Tools
61. Hacking Tools 2019
62. Hacker Tools For Mac
63. Pentest Reporting Tools
64. Game Hacking
65. Hack Tools For Windows
66. Hacking Tools For Windows 7
67. Nsa Hack Tools
68. Pentest Tools Free
69. Hack Apps
70. What Are Hacking Tools
71. Hacking Tools 2019
72. Pentest Tools Subdomain
73. Hacking Tools Pc
74. Top Pentest Tools
75. Pentest Tools Website Vulnerability
76. Pentest Tools Port Scanner
77. Best Pentesting Tools 2018
78. Hack Tool Apk No Root
79. What Is Hacking Tools
80. What Is Hacking Tools
81. Hack And Tools
82. Pentest Box Tools Download
83. Tools Used For Hacking
84. Hacking Tools For Windows
85. Bluetooth Hacking Tools Kali
86. Pentest Tools Free
87. Hacking Tools Usb
88. What Is Hacking Tools
89. Pentest Tools
90. Pentest Tools Linux
91. Best Pentesting Tools 2018
92. Hacking Tools Online
93. Pentest Tools Download
94. Nsa Hack Tools Download
95. Top Pentest Tools
96. Hacking Tools Windows
97. Hacking App
98. Hacker Tools Software
99. Hacking Tools
100. Hacker Tools Linux
101. Pentest Reporting Tools
102. How To Make Hacking Tools
103. Hacking Apps
104. Hacking Tools Free Download
105. Game Hacking
106. Hack Tools
107. Pentest Tools Kali Linux
108. Hacking Tools For Mac
109. Pentest Tools Linux
110. Hacker Tools For Ios
111. Hacking Tools For Mac
112. How To Make Hacking Tools
113. Hack Tools 2019
114. Pentest Tools Github