Login with root and no password on any mac running macOS High Sierra

This tweet is currently making rounds on Twitter:

And yes, that actually works: enter root as a username, leave the password empty, and *BOOM* you’re in.

The exploit also works at the login screen, and with remote management (Screen Sharing, etc).

UPDATE 2017.11.29: Apple has released a security update, fixing this nasty bug. Open AppStore.app and check the updates section to download it. No reboot required.

As Mattias detailed a root with no pass gets created upon testing this. Awaiting a security patch from apple you can lock this user down by explicitly setting a password for its account (using Terminal.app):

sudo passwd -u root

If you’re not too fond of the shell, follow the instructions from this video.

And to say Apple already had a huge security slip-up with that Disk Utility Bug which showed the password instead of the password hint but this one is much, much worse … #functionalhighground aye?

Elsewhere , , , ,

Leave a Reply

Your email address will not be published. Required fields are marked *