"sudo su" can't enter password iWork '09 trogan

[Tom Foolery]

I downloaded iwork '09. I entered the command 'sudo su' is terminal and when prompted for my password I can't type in anything. all i can do is press enter. does anyone else have this problem and a way to fix it.

 

[Sun Baked]

too bad, don't think we can help too much. Laugh yes, help no.

 

[hacksaw-C87]

Can't say I've got much sympathy. Try booting OSX from disc or restoring from time machine.

 

[jive turkey]

Ugh, I probably shouldn't be helping, but. . . When you type your password in Terminal, you don't see any evidence that you are typing. The cursor will not move until you hit enter. So just type the password and hit enter, then you'll see that it worked.

 

[solaris]

He he he
I am 100% sure you can!

 

[brand]

So you downloaded a pirated copy of iWork '09 and now have the trojan? Serves you right for downloading pirated software.

 

[Cromulent]

I downloaded iwork '09. I entered the command 'sudo su' is terminal and when prompted for my password I can't type in anything. all i can do is press enter. does anyone else have this problem and a way to fix it.

When you type your password in the terminal, nothing happens. You don't see any stars or anything. Just type it in and press return.

 

[Moof1904]

I feel compelled to point out that sympathy is not oozing from my pores...

 

[Jethryn Freyman]

I entered the command 'sudo su' is terminal and when prompted for my password I can't type in anything. all i can do is press enter. does anyone else have this problem and a way to fix it.

You'll need to give more details than that.

Why do you need to use sudo?

When typing your password to authorise sudo in the terminal, the password won't show up on scree, you just have to type it and press return.

 

[Sun Baked]

You'll need to give more details than that.

Why do you need to use sudo?

It was explained in the trojan distributed with the iWork '09 torrent thread, the sudo command was part of the fix to remove the trojan from the pirated software.

Shouldn't be an issue since they may have released a app to remove the trojan from the pirated software.

 

[lostngone]

I'm confused?

Why would you do "sudo su"?

Why not just "su" or "sudo command".

 

[Sun Baked]

I'm confused?

Why would you do "sudo su"?

Why not just "su" or "sudo command".

So you can do 5 lines of monkey script for the worm removal.

 

[Jethryn Freyman]

It was explained in the trojan distributed with the iWork '09 torrent thread, the sudo command was part of the fix to remove the trojan from the pirated software.

Thank you.

 

[dirt farmer]

You'll need to download this Trojan Removal Tool

 

[macrem]

Stringing sudo & su together could only do nothing if you run a secure rig (e.g., your daily use account is a regular account, not a sudoer & leave the root account disabled). Especially with the influx of Windows switchers I bet there is a growing user base of people who work daily with Admin privs.

 

[J the Ninja]

Stringing sudo & su together could only do nothing if you run a secure rig (e.g., your daily use account is a regular account, not a sudoer & leave the root account disabled). Especially with the influx of Windows switchers I bet there is a growing user base of people who work daily with Admin privs.

Running as Admin in OS X isn't anywhere close to as risky as some people make it out to be. Almost all of it's power comes from the fact that Admins are sudoers. Other than that...what.....modify Applications? OOOH! There's nothing special about that directory, it's just there for convenience. Auto-lock your System Preferences panes, and you'll be fine. I tried the "run as normal" thing for a day, and found it to be pretty useless. Oh boy, it no longer auto-fills my user name in. SNAP! The whole point of Admins is that you CAN use them as daily account. Just don't run around as root, that is something else entirely...

 

[macrem]

Running as Admin in OS X isn't anywhere close to as risky as some people make it out to be. Almost all of it's power comes from the fact that Admins are sudoers. Other than that...what.....modify Applications? OOOH! There's nothing special about that directory, it's just there for convenience. Auto-lock your System Preferences panes, and you'll be fine. I tried the "run as normal" thing for a day, and found it to be pretty useless. Oh boy, it no longer auto-fills my user name in. SNAP! The whole point of Admins is that you CAN use them as daily account. Just don't run around as root, that is something else entirely...

You make good points but I am not convinced. Just in having a 2 minute peek, I can see, for instance, that Admin can modify: /Library/Updates/index.plist

Couldn't that be misused to run other code with root privs during the next boot?

I have not dug deeper to see how that works but I see that Admins have write privs to a lot of stuff under /Library and various other folders.

Also by running as a regular user, to gain root privs to your system someone would have to compromise not only yours but a sudoers password. If you can get a sudoers password, you pretty much have control of everything, which is not true for a regular user.

 

[GGJstudios]

From http://kb.iu.edu/data/amyi.html

Using su creates security hazards, is potentially dangerous, and requires more administrative maintenance. It's not good practice to have numerous people knowing and using the root password because when logged in as root, you can do anything to the system. This could provide too much power for inexperienced users, who could unintentionally damage the system. Additionally, each time a user should no longer use the root account (e.g., an employee leaves), the system administrator will have to change the root password.