Shadow

Rahul Gautam

Tech enthusiast, I love looking for web bug and do CTF's

More posts by Rahul Gautam.

Rahul Gautam

31 Jan 2020 • 1 min read

Challenge name: Shadow

Category: Pwnable

Challenge Description:

Lets download the shadow file and open it

here you can see the shadow file now lets copy the user phindrella and then try to crack it

the wordlist we are about to use is the nepali wordlist

and the took we are using is john the reaper

john --wordlist=/root/Documents/nephack/shadow\ writeup/nepali-wordlist.txt phindrela

9841172770

here is our password now lets do a ssh connection

we have been give 10010101.10000001.10110010.10011101 as our ip lets convert the binary to ip,

we get

149.129.178.157

so lets ssh connect as phindrella

with

ssh phindrella@149.129.178.157

and then the password 9841172770

Once you connect with your ssh then do

ls -la to list all the files and you will see a file

.bash_history

cat the .bash_history file then you get your flag

cynical_flag{you_broke_tHE_SHADOW}

The reason why I dint show the step after this was it was a one time flag CTF and you can edit and change stuffs so people might have deleted the flag once they retrieve it for themselves :)

Shadow

Rahul Gautam

Rahul Gautam

Carlsbad Caverns National Park - New Mexico (Vlog)

CAT & DOG

Subscribe to Goglides.com | Travel Guide and Travel Reviews, Make Free Travel Website

Subscribe to Goglides.com | Travel Guide and Travel Reviews, Make Free Travel Website