Unix 16
This exercise is one of our challenges to help you learn more about Unix/Linux
This lab introduces you to the Unix 16 challenge, part of the Unix Badge. The root user has left a backup of the /etc/shadow
file in /etc
, accessible due to weak permissions. This file contains hashed passwords that you can crack to retrieve the plaintext passwords. The primary focus is on understanding the hashing algorithms identified by specific prefixes: $1$
for MD5, $2a$
for Blowfish, $5$
for SHA-256, and $6$
for SHA-512.
You will use John the Ripper, a popular password-cracking tool, to brute-force potential password values based on dictionaries and rules. It's recommended to download the jumbo release of John the Ripper for future exercises. Once you crack the password, you can switch to the victim user and search for the key in their home directory.