An easy-to-use wrapper for NTFS-3G on macOS

Overview

ezNTFS

ezNTFS is an easy-to-use wrapper for NTFS-3G on macOS.

ezNTFS can be used as a menu bar app, or via the CLI in the terminal.

Installation

To use ezNTFS, you will need Python 3, FUSE for macOS (osxfuse), and NTFS-3G installed in your system.

To install NTFS-3G, you may compile and install it yourself (recommended, see instructions at the end), or you may also install it via brew.

To install ezNTFS, run:

$ pip3 install ezntfs

It should be accessible from the terminal afterwards.

To configure the menu bar app, run the command after installing ezNTFS:

$ sudo ezntfs-app install

This command adds ntfs-3g to a sudoers file, and automatically launches the app on start-up. The app will also be launched right after install.

NOTE: The app icon will only show up if there are NTFS volumes plugged in. You may also need to grant Python access to removable volumes for this to work.

Usage (CLI)

Mount all read-only NTFS volumes using ntfs-3g (root privileges are needed for mounting):

$ sudo ezntfs all

Mount a specific NTFS volume (run ezntfs list to find the disk id):

$ sudo ezntfs 
   

   

Alternatives

Format as exFAT

  • Natively supported by macOS
  • exFAT is less reliable (no journaling), only use for flash drives

Auto-mount script

  • Setup requires disabling System Integrity Protection (SIP) or Sealed System Volume (SSV)
  • Mounts with NTFS-3G even when not needed, which may slow down reads

Mounty

  • Volumes won't show up on Finder
  • Writing via Apple's native NTFS driver is not officially supported

Tuxera NTFS driver

  • Not free
  • Mature (same developers as NTFS-3G)
  • Kernel driver, should be faster than FUSE

Paragon NTFS driver

Compiling and installing NTFS-3G

We recommend compiling and installing NTFS-3G yourself for security. This allows installing it as root, which keeps things secure when added to sudoers.

Instructions

# Clone the git repo (you may want to clone a newer version if available)
git clone --depth 1 --branch 2021.8.22 https://github.com/tuxera/ntfs-3g.git
cd ntfs-3g

# Install the dependencies needed for compilation
brew install autoconf automake libgcrypt libtool pkg-config gettext

# Compile and install ntfs-3g
export LDFLAGS=-lintl
./autogen.sh
./configure \
    --disable-debug \
    --disable-dependency-tracking \
    --with-fuse=external \
    --prefix=/usr/local \
    --exec-prefix=/usr/local \
    --mandir=/usr/local/share/man \
    --sbindir=/usr/local/sbin
make
sudo make install

# Delete the cloned git repo
rm -r .
Comments
  • ezntfs-app not working on Catalina

    ezntfs-app not working on Catalina

    Hello,

    I believe that this is already a known issue, but I cannot install ezntfs-app on OS X Catalina.

    sudo ezntfs-app install results in the following error:

    >>> /private/etc/sudoers.d/com-lezgomatt-ezntfs: syntax error near line 1 <<<
    sudo: parse error in /private/etc/sudoers.d/com-lezgomatt-ezntfs near line 1
    sudo: no valid sudoers sources found, quitting
    sudo: unable to initialize policy plugin
    

    Are there any safe workarounds to this issue? (@theperspectiv 's fix involved a risk of breaking the OS) Is the app expected to be patched for prior versions of macOS in the future, or is it strictly for OS 11+?

    opened by BotJohn 8
  • Some NTFS partition under GPT table not detected

    Some NTFS partition under GPT table not detected

    At my macOS 10.14, when I run the "diskutil list" I can see the two types of NTFS partition... /dev/disk0 (internal, physical): #: TYPE NAME SIZE IDENTIFIER 0: GUID_partition_scheme *500.1 GB disk0 1: EFI EFI 209.7 MB disk0s1 2: Apple_APFS Container disk2 128.0 GB disk0s2 3: Microsoft Basic Data Win&Mac 171.6 GB disk0s3 >> exFAT 4: Microsoft Basic Data Windows 199.9 GB disk0s4 >> under GPT table, NTFS and exFAT partition shows "Microsoft Basic Data"

    /dev/disk1 (internal, physical): #: TYPE NAME SIZE IDENTIFIER 0: FDisk_partition_scheme *320.1 GB disk1 1: Windows_NTFS Windows 10_old 142.4 GB disk1s1 2: Windows_NTFS Windows 7 42.9 GB disk1s3 3: Windows_NTFS App&Data2 134.7 GB disk1s5 >> Under MBR partition table, NTFS partition shows "Windows_NTFS"(Can detect)

    /dev/disk2 (synthesized): #: TYPE NAME SIZE IDENTIFIER 0: APFS Container Scheme - +128.0 GB disk2 Physical Store disk0s2 1: APFS Volume MacOS 38.3 GB disk2s1 2: APFS Volume Preboot 48.2 MB disk2s2 3: APFS Volume Recovery 507.4 MB disk2s3 4: APFS Volume VM 5.4 GB disk2s4

    /dev/disk3 (external, physical): #: TYPE NAME SIZE IDENTIFIER 0: FDisk_partition_scheme *1.0 TB disk3 1: Windows_NTFS BOB_DATA 1.0 TB disk3s1

    Maybe this situation, so when I use ezntfs all, can't remount some partition under GPT tables. (Sorry for my bad English... Chinese is my main language, so I still work hard to learn English...)

    opened by Bob-YsPan 4
  • Error during install in Monterey

    Error during install in Monterey

    sudo ezntfs-app install        
    Traceback (most recent call last):
      File "/Library/Frameworks/Python.framework/Versions/3.10/bin/ezntfs-app", line 8, in <module>
        sys.exit(main())
      File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/ezntfs/app.py", line 339, in main
        return install()
      File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/ezntfs/app.py", line 405, in install
        with open(launchd_config_path, "w") as launchd_config_file:
    FileNotFoundError: [Errno 2] No such file or directory: '/Users/mbp115/Library/LaunchAgents/com.lezgomatt.ezntfs.plist'
    
    where python
    python: aliased to python3
    /opt/local/bin/python
    /usr/local/bin/python
    
    opened by startergo 3
  • fix: diskutil changed param names

    fix: diskutil changed param names

    Hi,

    When I tried to use this awesome app for the first time, it works well, but when I upgraded MacOS to the last version, the script stops working. I tried not to break back compatibility with old versions.

    opened by scor2k 2
  • Catalina workaround for ezNTFS-app

    Catalina workaround for ezNTFS-app

    Apologies if this is out of place, irrelevant, or otherwise dumb. I'm new to Github. Just wanted to share my experience getting ntfs-3g working reliably in Catalina 10.15.7 with the help of ezNTFS after several unsuccessful attempts with other methods.

    NOTE: I have an atypical boot config/environment on modified hardware, so it's unlikely anyone will ever need this. IMPORTANT NOTE: Some of this involves modifying system files, so if you do need this, tread carefully.

    Part 1: Something about monkeys and typewriters...

    I installed ntfs-3g (v2021.8.22) and ezNTFS (v1.0.0) via brew as specified in the very helpful ezNTFS readme, as well as macfuse (v4.2.0) via the latest installer, but ran into the following error after attempting to install the ezNTFS GUI with sudo ezntfs-app install

    Traceback (most recent call last):
      File "/usr/local/bin/ezntfs-app", line 5, in <module>
        from ezntfs.app import main
      File "/usr/local/lib/python3.9/site-packages/ezntfs/app.py", line 18, in <module>
        DEFAULT_ICON = NSImage.imageWithSystemSymbolName_accessibilityDescription_("externaldrive.fill", "ezNTFS")
    AttributeError: No attribute imageWithSystemSymbolName_accessibilityDescription_
    

    I made sure macfuse, ntfs-3g, and python were correctly installed, then started digging and found some Apple AppKit documentation indicating that "ImageWithSystemSymbolName_accessibilityDescription_" is specific to macOS 11 and newer.

    I only have basic experience with Python, and even less with macOS, but I'm a huge fan of accidentally and irreparably breaking core OS functionality by editing things I shouldn't...so I went ahead and started tweaking things in /usr/local/lib/python3.9/site-packages/ezntfs/app.py, and eventually got it working by substituting the incompatible method on lines 18-20 with an older method supported by Catalina ("imageNamed_"). I also substituted the SF symbols with Catalina-compatible images which I found in this handy little list.

    Final result:

    DEFAULT_ICON = NSImage.imageNamed_("NSNavEjectButton.normal")
    BUSY_ICON = NSImage.imageNamed_("NSNavEjectButton.rollover")
    ERROR_ICON = NSImage.imageNamed_("NSStopProgressFreestandingTemplate")
    

    The app installed successfully, loaded, and appeared in the menu bar...though there weren't any options available in the list, just a "Missing privileges to mount via ntfs-3g" error.

    SUPER DUPER IMPORTANT NOTE THAT COULD SAVE YOUR LIFE: If you're reading this because you're in a similar situation as me, consider this your final warning. I don't know how, but somewhere in the next couple steps, I accidentally broke sudo. If you're not comfortable with that risk or don't know what that means, uninstall macfuse & ntfs-3g and buy Tuxera. Seriously. Just trust me. However, if you're ok with potentially screwing up your OS beyond repair, carry on:

    Part 2: F**k around and find out

    I downloaded and compiled the newest version of ntfs-3g from source which (I think) made it impossible to sudo in terminal because of how it changed these two files:

    1. /private/etc/sudoers
    2. /private/etc/sudoers.d/com-lezgomatt-ezntfs.
    sudo ezntfs-app install
    
    >>> /private/etc/sudoers.d/com-lezgomatt-ezntfs: syntax error near line 1 <<<
    sudo: parse error in /private/etc/sudoers.d/com-lezgomatt-ezntfs near line 1
    sudo: no valid sudoers sources found, quitting
    sudo: unable to initialize policy plugin
    

    No idea how that happened...but I was able to temporarily change the permissions in Finder and noticed "%staff" on the first line of File 2. I changed "staff" to "admin" and regained my ability to sudo. Don't ask me why that worked. You may be able to avoid this headache entirely if you know why I would've gotten this message after configuring ntfs-3g:

    ****************************************************************************
    * WARNING  WARNING  WARNING  WARNING  WARNING  WARNING  WARNING  WARNING   *
    * The FUSE user space binaries were NOT installed with root directory      *
    * executable prefix. This means that automounting NTFS volumes during boot *
    * could fail. This can be fixed the below way by reinstalling FUSE using   *
    * the right 'configure' option during FUSE compilation:                    *
    * 	./configure --exec-prefix=/                                        *
    * 	make && sudo make install                                          *
    * WARNING  WARNING  WARNING  WARNING  WARNING  WARNING  WARNING  WARNING   *
    ****************************************************************************
    

    I probably should have looked into that more, but it seemed like it was more informational that cautionary. And everything seems to be working fine right now. (Though if you see a huge problem with how I solved the sudo issue, please let me know.)

    Anyway, after sorting out that little "snafu" (ie, accidentally almost borking root permissions), I was able to run the ezNTFS GUI and it is working great -- plus now I also know how to set custom icons in the menu bar! Thanks for your work, @lezgomatt

    Best of luck.

    opened by theperspectiv 1
Owner
Matthew Go
Stuck in a rabbit hole. Send help!
Matthew Go
macOS persistence tool

PoisonApple Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters for cy

Cyborg Security, Inc 212 Dec 29, 2022
macOS Initial Access Payload Generator

Mystikal macOS Initial Access Payload Generator Related Blog Post: https://posts.specterops.io/introducing-mystikal-4fbd2f7ae520 Usage: Install Xcode

Leo Pitt 206 Dec 31, 2022
Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile.

Orthrus is a macOS agent that uses Apple's MDM to backdoor a device using a malicious profile. It effectively runs its own MDM server and allows the operator to interface with it using Mythic.

Mythic Agents 37 Dec 6, 2022
This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things.

Fuzzing PDFs like its 1990s This is the fuzzer I made to fuzz Preview on macOS and iOS like 8years back when I just started fuzzing things. Some discl

Chaithu 14 Sep 30, 2022
this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows and macos

Keylogger this keylogger is only for pc not for android but it will only work on those pc who have python installed it is made for all linux,windows a

Titan_Exodous 1 Nov 4, 2021
the swiss army knife in the hash field. fast, reliable and easy to use

hexxus Hexxus is a fast hash cracking tool which checks more than 30 thousand passwords in under 4 seconds and can crack the following types bcrypt sh

enigma146 17 Apr 5, 2022
A toolkit for web reconnaissance, it's fast and easy to use.

A toolkit for web reconnaissance, it's fast and easy to use. File Structure httpsuite/ main.py init.py db/ db.py init.py subdomains_db directories_db

whoami security 22 Jul 22, 2022
Mad Spammer is a python webhook spammer which is very easy and safe to use.

Mad Spammer ?? Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be

null 1 Nov 26, 2021
Vulnerability Scanner & Auto Exploiter You can use this tool to check the security by finding the vulnerability in your website or you can use this tool to Get Shells

About create a target list or select one target, scans then exploits, done! Vulnnr is a Vulnerability Scanner & Auto Exploiter You can use this tool t

Nano 108 Dec 4, 2021
A web-app helping to create strong passwords that are easy to remember.

This is a simple Web-App that demonstrates a method of creating strong passwords that are still easy to remember. It also provides time estimates how long it would take an attacker to crack a password using the zxcvbn library developed by Dropbox.

null 2 Jun 4, 2021
Complet and easy to run Port Scanner with Python

Port_Scanner Complet and easy to run Port Scanner with Python Installation 1- git clone https://github.com/s120000/Port_Scanner 2- cd Port_Scanner 3-

null 1 May 19, 2022
Port scanner tool with easy installation

ort scanner tool with easy installation! Python programming language is used and The text in the program is Georgian <3

null 2 Mar 24, 2022
This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data.

Scrambler App This collection of tools that makes it easy to secure and/or obfuscate messages, files, and data. It leverages encryption tools such as

Mystic 2 Aug 31, 2022
Fast and easy way to rollout on multiple GitLab project file a particular content.

Volatile Fast and easy way to rollout on multiple GitLab project file a particular content. Why ? After looking for a tool to simply enforce a develop

Lujeni 4 Jan 17, 2022
Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework)

Industry ready custom API payload with an easy format for building Python APIs (Django/Django Rest Framework) Yosh! If you are a django backend develo

Abram (^o^) 7 Sep 30, 2022
RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

null 53 Nov 1, 2022
Format SSSD Raw Kerberos Payloads into CCACHE files for use on Windows systems

KCMTicketFormatter This tools takes the output from https://github.com/fireeye/SSSDKCMExtractor and turns it into properly formatted CCACHE files for

Black Lantern Security 35 Oct 25, 2022
Use FOFA automatic vulnerability scanning tool

AutoSRC Use FOFA automatic vulnerability scanning tool Usage python3 autosrc.py -e <FOFA EMAIL> -k <TOKEN> Screenshots License MIT Dev 6613GitHub6613

PwnWiki 48 Oct 25, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022