Goglides Dev 🌱

Rahul Gautam
Rahul Gautam

Posted on • Originally published at goglides.com on



Challenge name: Shadow

Category: Pwnable

Challenge Description:


Lets download the shadow file and open it


here you can see the shadow file now lets copy the user phindrella and then try to crack it

the wordlist we are about to use is the nepali wordlist

and the took we are using is john the reaper

john --wordlist=/root/Documents/nephack/shadow\ writeup/nepali-wordlist.txt phindrela


here is our password now lets do a ssh connection

we have been give 10010101.10000001.10110010.10011101 as our ip lets convert the binary to ip,

we get

so lets ssh connect as phindrella


ssh [email protected]

and then the password 9841172770

Once you connect with your ssh then do

ls -la to list all the files and you will see a file


cat the .bash_history file then you get your flag


The reason why I dint show the step after this was it was a one time flag CTF and you can edit and change stuffs so people might have deleted the flag once they retrieve it for themselves :)

Top comments (0)