Hi guys hope you are all keeping well, and if not I am yet again going to drain the brightness from your day. If you own a Mac computer and run the latest version of Apple's operating system, macOS High Sierra, then you need to be extra careful with your computer. Apparently anyone and I mean anyone from your two year old to your grandad can break into your mac device and become a superuser. Yes I said it, a superuser a god of elevated privileges a root to all evil, only the geeks in the room will get that one. So here's the thing Apple are calling this a bug when they should really just come out and say:
"look guys we turned on root to do some shit, then we kinda forgot to turn it off, and, em, looks like that's the image we used to roll out 1,000s of machines on, our bad.....
PS the iPhone X is great you should go buy one it comes with enhanced features like stealing your key biometrics data for facial recognition so the CIA don't have to." - This may or may not have been a statement made by Apple T&C's apply.
Here's How to Login as Root User Without a Password
If you own a Mac and want to try this exploit, follow these steps from admin or guest account:
- Open System Preferences on the machine.
- Select Users & Groups.
- Click the lock icon to make changes.
- Enter "root" in the username field of a login window.
- Move the cursor into the Password field and hit enter button there few times, leaving it blank.
This flaw can be exploited in several ways, depending on the setup of the targeted Mac. With full-disk encryption disabled, a rogue user can turn on a Mac that's entirely powered down and log in as root by doing the same trick.
At Mac's login screen, an untrusted user can also use the root trick to gain access to a Mac that has FileVault turned on to make unauthorized changes to the Mac System Preferences, like disabling FileVault.
All the untrusted user needs to do is click "Other" at the login screen, and then enter "root" again with no password. However, it is impossible to exploit this vulnerability when a Mac machine is turned on, and the screen is protected with a password.
I suppose there is no point in doing the scary dance without having a solution to hand and just as easy the potential to carry out this exploit the fix is similarly as simple to fix just follow the steps below.
Here's How to Temporarily Fix the macOS High Sierra Bug
To fix the vulnerability, you need to enable the root user with a password. Heres how to do that:
- Open System Preferences and Select Users & Groups
- Click on the lock icon and Enter your administrator name and password there
- Click on "Login Options" and select "Join" at the bottom of the screen
- Select "Open Directory Utility"
- Click on the lock icon to make changes and type your username and password there
- Click "Edit" at the top of the menu bar
- Select "Enable Root User" and set a password for the root user account
This password will prevent the account from being accessed with a blank password.
Just to be on the safer side, you can also disable Guest accounts on your Mac. for this, head on to System Preferences → Users & Groups, select Guest User after entering your admin password, and disable "Allow guests to log in to this computer."
