getflag with the
The flag06 account was created on a legacy Unix system.
On old Unix systems, the OS stored a hash of the password in /etc/passwd. Now, the OS only stores an 'x' in that file, and shadows the password hashes into another file.
In this case, displaying the contents of /etc/passwd gives:
We can use a password cracker to get a password with that hash.
This particular password cracker tells us that the password for the flag06 account is
Now we can log into the flag06 account and execute