Exploit-Exercises Nebula level06wargames
The flag06 account credentials came from a legacy unix system.
To do this level, log in as the
level06account with the password
level06. Files for this level can be found in
The hint is in the fact that
flag06 account credentials came from a legacy unix system. Traditionally the encrypted passwords were stored under
/etc/passwd which can be read by everyone. Nowadays, the password section of that file would be displayed with plain “x”. Another file called
/etc/shadow holds the real encryption and this can only be read by the root.
[email protected]:~$ cat /etc/passwd | grep "flag06" flag06:ueqwOCnSGdsuM:993:993::/home/flag06:/bin/sh
The password can be decrypted by running John the Ripper on your local machine.