Login with root and no password on any mac running macOS High Sierra

This tweet is currently making rounds on Twitter:

And yes, that actually works: enter root as a username, leave the password empty, and *BOOM* you’re in.

The exploit also works at the login screen, and with remote management (Screen Sharing, etc).

UPDATE 2017.11.29: Apple has released a security update, fixing this nasty bug. Open AppStore.app and check the updates section to download it. No reboot required.

As Mattias detailed a root with no pass gets created upon testing this. Awaiting a security patch from apple you can lock this user down by explicitly setting a password for its account (using Terminal.app):

sudo passwd -u root

If you’re not too fond of the shell, follow the instructions from this video.

And to say Apple already had a huge security slip-up with that Disk Utility Bug which showed the password instead of the password hint but this one is much, much worse … #functionalhighground aye?

Published by Bramus!

Bramus is a frontend web developer from Belgium, working as a Chrome Developer Relations Engineer at Google. From the moment he discovered view-source at the age of 14 (way back in 1997), he fell in love with the web and has been tinkering with it ever since (more …)

Unless noted otherwise, the contents of this post are licensed under the Creative Commons Attribution 4.0 License and code samples are licensed under the MIT License

Leave a comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.