Python script to replace password for macOS user if you have sudo rights

replace-shadow-hash.py

"""
Tested on macOS 11.5 Big Sur

SIP disabled

admin@MBP-Suren ~ % csrutil status
System Integrity Protection status: disabled.

run:

sudo python3 /Users/admin/Documents/replace-shadow-hash.py /var/db/dslocal/nodes/Default/users/admin.plist /var/db/dslocal/nodes/Default/users/suren.plist

Where 'admin' is user with known password and 'suren' is target user. After running this script 'suren' user's password will be replaced with 'admin' user's password.
"""

import plistlib
import sys

field_name = "ShadowHashData"


def load_plist(file_path):
    with open(file_path, 'rb') as fp:
        return plistlib.load(fp)


def save_plist(file_path, data):
    with open(file_path, 'wb') as fp:
        plistlib.dump(data, fp)


def main(source_plist_path, target_plist_path):
    # Load the source plist to get the value of field_name
    source_plist = load_plist(source_plist_path)
    field_value = source_plist.get(field_name)

    if field_value is None:
        print(f"Field {field_name!r} not found in the source plist.")
        return

    # Load the target plist to replace the value of field_name
    target_plist = load_plist(target_plist_path)
    target_plist[field_name] = field_value

    # Save the modified target plist
    save_plist(target_plist_path, target_plist)
    print(f"Replaced {field_name!r} value in target plist with: {field_value}")


if __name__ == "__main__":
    if len(sys.argv) != 3:
        print("Usage: sudo python3 /path/to/replace-shadow-hash.py /var/db/dslocal/nodes/Default/users/admin.plist /var/db/dslocal/nodes/Default/users/suren.plist")
        sys.exit(1)

    source_plist_path = sys.argv[1]
    target_plist_path = sys.argv[2]
    main(source_plist_path, target_plist_path)