Goglides Dev 🌱

Goglides Dev 🌱 is a community of amazing users

We are working on this space so that IT professionals can grow together.

Create account Log in
Rahul Gautam
Rahul Gautam

Posted on • Originally published at goglides.com on

Shadow

Shadow

Challenge name: Shadow

Category: Pwnable

Challenge Description:

Shadow

Lets download the shadow file and open it

Shadow

here you can see the shadow file now lets copy the user phindrella and then try to crack it

the wordlist we are about to use is the nepali wordlist

and the took we are using is john the reaper

john --wordlist=/root/Documents/nephack/shadow\ writeup/nepali-wordlist.txt phindrela

9841172770

here is our password now lets do a ssh connection

we have been give 10010101.10000001.10110010.10011101 as our ip lets convert the binary to ip,

we get

149.129.178.157

so lets ssh connect as phindrella

with

ssh phindrella@149.129.178.157

and then the password 9841172770

Once you connect with your ssh then do

ls -la to list all the files and you will see a file

.bash_history

cat the .bash_history file then you get your flag

cynical_flag{you_broke_tHE_SHADOW}

The reason why I dint show the step after this was it was a one time flag CTF and you can edit and change stuffs so people might have deleted the flag once they retrieve it for themselves :)

Discussion (0)