Exploit-Exercises Nebula level06



The flag06 account credentials came from a legacy unix system.

To do this level, log in as the level06 account with the password level06. Files for this level can be found in /home/flag06.

The hint is in the fact that flag06 account credentials came from a legacy unix system. Traditionally the encrypted passwords were stored under /etc/passwd which can be read by everyone. Nowadays, the password section of that file would be displayed with plain “x”. Another file called /etc/shadow holds the real encryption and this can only be read by the root.

level06@nebula:~$ cat /etc/passwd | grep "flag06"
flag06:ueqwOCnSGdsuM:993:993::/home/flag06:/bin/sh

The password can be decrypted by running John the Ripper on your local machine.

This is an image

Comments