PickleRickTHM_writeup

1. Use NMAP to check on the opened ports

As we can see we have 2 open ports (22, 80) (ignore the activate windows plz) 🥲

Now lets check what the website (hint: the source code)

As we can see there it is the username commented out in the source code

Looking back at the gobuster output we can see "robots.txt", lets paste that on our passw.. it worked!

As we can see in the website we have a command panel, lets type any commands to see if it works.. it does work!

We can see the "Sup3rS3cretPickl3Ingred.txt" lets paste it in the browser since the cat command is disabled, there is our first ingredient

Lets check what directory we are on now

Lets move to the home directory and check the users

We can see there is a user named rick, lets move to it. There is our second ingredient!

Let us check the user permissions using "sudo -l"

We can see that we can execute any command without any password. Since that is the case, lets sudo to root

We can see a txt file lets use the less command to see its contents.. :)

thats it for the walkthrough for pickle rick. make sure you follow my github for future scripts projects etc

Name		Name	Last commit message	Last commit date
Latest commit History 17 Commits
img		img
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

PickleRickTHM_writeup

1. Use NMAP to check on the opened ports

As we can see we have 2 open ports (22, 80) (ignore the activate windows plz) 🥲

Now lets check what the website (hint: the source code)

As we can see there it is the username commented out in the source code

Looking back at the gobuster output we can see "robots.txt", lets paste that on our passw.. it worked!

As we can see in the website we have a command panel, lets type any commands to see if it works.. it does work!

We can see the "Sup3rS3cretPickl3Ingred.txt" lets paste it in the browser since the cat command is disabled, there is our first ingredient

Lets check what directory we are on now

Lets move to the home directory and check the users

We can see there is a user named rick, lets move to it. There is our second ingredient!

Let us check the user permissions using "sudo -l"

We can see that we can execute any command without any password. Since that is the case, lets sudo to root

We can see a txt file lets use the less command to see its contents.. :)

thats it for the walkthrough for pickle rick. make sure you follow my github for future scripts projects etc

About

Releases

Packages

pl4gu33/PickleRickTHM_writeup

Folders and files

Latest commit

History

Repository files navigation

PickleRickTHM_writeup

1. Use NMAP to check on the opened ports

As we can see we have 2 open ports (22, 80) (ignore the activate windows plz) 🥲

Now lets check what the website (hint: the source code)

As we can see there it is the username commented out in the source code

Looking back at the gobuster output we can see "robots.txt", lets paste that on our passw.. it worked!

As we can see in the website we have a command panel, lets type any commands to see if it works.. it does work!

We can see the "Sup3rS3cretPickl3Ingred.txt" lets paste it in the browser since the cat command is disabled, there is our first ingredient

Lets check what directory we are on now

Lets move to the home directory and check the users

We can see there is a user named rick, lets move to it. There is our second ingredient!

Let us check the user permissions using "sudo -l"

We can see that we can execute any command without any password. Since that is the case, lets sudo to root

We can see a txt file lets use the less command to see its contents.. :)

thats it for the walkthrough for pickle rick. make sure you follow my github for future scripts projects etc

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages