Unix 16

This exercise is one of our challenges to help you learn more about Unix/Linux

< 1 Hr.
Unix Badge


This lab introduces you to the Unix 16 challenge, part of the Unix Badge. The root user has left a backup of the `/etc/shadow` file in `/etc`, accessible due to weak permissions. This file contains hashed passwords that you can crack to retrieve the plaintext passwords. The primary focus is on understanding the hashing algorithms identified by specific prefixes: `$1$` for MD5, `$2a$` for Blowfish, `$5$` for SHA-256, and `$6$` for SHA-512.

You will use John the Ripper, a popular password-cracking tool, to brute-force potential password values based on dictionaries and rules. It's recommended to download the jumbo release of John the Ripper for future exercises. Once you crack the password, you can switch to the victim user and search for the key in their home directory.

Want to learn more? Get started with PentesterLab Pro! GO PRO