Decrypt this writeup by providing the root/administrator hash. Linux: root hash from /etc/shadow Windows: extracted NTLM hash