Pickle Rich | TryHackMe Writeup
Pickle Rick is an easy Linux-based machine in TryHackMe
Start with nmap scan found 2 open ports.
lets run directory bruteforce using feroxbuster
got a login page, so let’s browse that in the browser, but we don’t have any credentials for login, so started looking deeper.
going to the website, like a normal website.
But in the source code, the username is commented. so I got a username. The next step is to find the password.
for every website, the first file that should be looking is the robots.txt, from that I got some string.
so I tried this string with the username on the login page and got success.
I checked with the ls command for listing files
I got a Perl revere shell command to get a shell
I run the command and got shellback
I got my first flag from the same directory.
i got the second flag from /home/rick directory
I checked for, the commands that I can run as root and you can see, I can run all commands as root. from the root directory, I got the final flag.