PrivEsc

$2a$10$VM6EeymRxJ29r8Wjkr8Dtev0O.1STWb4.4ScG.anuu7v0EFJwgjjO

Passwords are in a standard linux format: $type$salt$hash

$2a$ here means blowfish which is an encryption algorithm with a key. Previously we learned that there is a password reuse which is a variation of PleaseSubscribe!

With that knowledge we can try to crack it using hashcat and creating a file called pass with the above string and running it with 'rule':

hashcat -m 3200 root pass -r /usr/share/hashcat/rules/best64.rule

We get a password: PleaseSubscribe!21