Created
November 29, 2017 15:11
-
-
Save daguy666/67b9eaca3ab6206f873da091b2a8ac02 to your computer and use it in GitHub Desktop.
Revisions
-
daguy666 created this gist
Nov 29, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,13 @@ ## Lock fun Assuming you have read this [tweet](https://twitter.com/lemiorhan/status/935578694541770752) from lemiorhan talking about how to get the root bypass. After doing the above you are set with a root account with no password. If your remote access settings allow for "All Users" then root can access with no password. If you enter a new a password on the account and disable it, you can bypass all of that by starting the entire workflow over. Click the lock and enter root and leave the password blank. It will overwrite what you originally had set. If you read [this post](https://objective-see.com/blog/blog_0x24.html) by Patrick Wardle it goes over the lower level details on why this happens, and how it stores the password. As of now the best way to mitigate this problem is to set a really strong password for the root account and then keep the root account enabled. This way you can't overwrite the password.