Pickle Rick[THM]: Writeup
A write up covering steps taken to solve Beginner level CTF : Pickle Rick room in TryHackMe platform.
This blog is written as part of task of Masters Certification in Red Team Program from HackerU.
Step 1 : Connect to TryHackMe and start target machine.
- Download OpenVPN configuration setting from TryHackMe platform
- Connect to TryHackMe by running the command in kali terminal:
sudo openvpn /pathtoOVPNfile.ovpn
3. Start machine in ‘Pickle rick’ room — target ip address will be displayed in a minute.
Step 2 : Information gathering using Nmap
- Start nmap scan of the target ip:
nmap -A -O <target ip>
Step 3: Detailed Findings
22 : ssh
80 : http
- Accessing port 80
2. View source code > found user name
3. View robots.txt > found a hint
4. Checking dirbuster to find directories and files >Found login.php and portal.php
5. Navigating to login.php, login page is displayed
6. Logging in with found username from source code and password as hint found in robots.txt
Found command execution field
7. Run commands to check contains
8. View details of listed files > found 1 flag >Sup3rS3cretPick3Ingred.txt
Tried reading the content of the file using cat, head, tail, more all were disabled, found less command working.
9. Searching all files with name ingredient
find / — iname ingredients
10. Display content from second ingredients.
less /home/rick/’second ingredients’
11. While searching the second file, found root folder using sudo.
sudo ls /root
12. Reading ‘3rd.txt’ data
sudo less /root/3rd.txt
With these steps, I was able to find all flags required to complete Pickle rick room on TryHackMe.
Thank you for reading this blog..