Lol, its awesome, we both thought alike on so many things on this exam. No, I would not change the password. 1. If im not mistaken, there are instructions to recover both root passwords. Now, you can change the user passwords all you want, but i wouldnt. 2. Think of this as a live pentest, would you change their root passwords, or any for that matter? If you do, you lock out the user, causing a denial of service, especially if its theri only root account on that system. It will also (hopefully) trigger their incident response mechanisms.

i'd do some research on the type of password hash you have and see if there are any tools that can crack that hash, then google/ youtube/ ask the creators about how to use the tool.

Are there any expolits that I can run without having to do any scripting/coding?

I am pretty much at a stand still with this cert.  Researched everything I could.  Just stuck.  Have roughly two weeks to get root or it's a FAIL.

LOL I don't know how to run the exploits.  Sure I learned stuff in the course but it was mostly aimed at the CEH and not so much CPT and nowhere did we touch running expolits.

I've tried asking the right questions without trying to get inside hints or make it seem like I am cheating but I just have no idea how to run the expoloits.  Finding them is easy.  But how to input them and how to complie them isn't something that I know.  Never been taught.  Besides me and coding don't get along the greatest.

I've been looking and reading but most of this stuff goes way over my head.

It is I agree.  I was able to get Metaspolit runining last night for the first time.  Nothing postive though came from it.  But just being able to get it to run is an accomplishment in itself.

Congrats, Josh!  Well done, and way to stick with it!

Well I haven't officailly passed per se.  I have yet to turn my results in but seeing as the instructions say that to pass I need to get full root access to both systems and then also document everything I should pass.

InfoSec's website to submit my results is not letting me. I am trying to contact them to see what the deal is but when I go to their link and hit submit after loading my either Doc/Docx, or a zip file it says "this option is not available"