Exploit-Exercises Nebula level06
wargamesThe flag06 account credentials came from a legacy unix system.
To do this level, log in as the
level06
account with the passwordlevel06
. Files for this level can be found in/home/flag06
.
The hint is in the fact that flag06
account credentials came from a legacy unix system. Traditionally the encrypted passwords were stored under /etc/passwd
which can be read by everyone. Nowadays, the password section of that file would be displayed with plain “x”. Another file called /etc/shadow
holds the real encryption and this can only be read by the root.
level06@nebula:~$ cat /etc/passwd | grep "flag06"
flag06:ueqwOCnSGdsuM:993:993::/home/flag06:/bin/sh
The password can be decrypted by running John the Ripper on your local machine.