The first challenging room in the beginners path the Pickle Rick room on Tryhackme
Make connection with VPN or use the attackbox on Tryhackme site to connect to the Tryhackme lab enviroment
First deploy the machine attached to the room. The IP of room will be visible at the top of the page once the machine is booted
The Task for The Pickle Rick room
Task 1
1.1 What is the first ingredient Rick needs?
First we do a nmap scan
nmap -T4 -p- 10.10.165.224
Port 22 and 80 are open. We are going to focus on port 80
First we are going to look at the source and notice an Username
Start up dirb en dirbuster.Always use 2 programs when scanning is the lesson I have learned
dirb http://10.10.165.224
Now we also find a login.php
We already found the username but not the login yet. Dirbuster didi not found anything else but dirb tid find robots.txt and when navigating to the robots.txt there is one long word in it. Using this word as password.
and we are in. We can only use the commands Panel.
Type in:
ls -la
2 files stand out.
Navigatie to the files in the webbrowser http://MACHNE_IP/nameoffile and you will find the first ingedient
1.2 Whats the second ingredient Rick needs?
Looking at the clue.txt
We need to browse the system. Type in
pwd
Now that we know where we are in the sytem. Type in the command Panel
cd ../../../;ls -la;pwd
We pipe 3 commands into one line. 1st we change directory to the root. Then we list the directory and what is the current directory.
This gives us a nice list
Now type in
cd /home;ls -la;pwd
We see 2 users
Type in
cd /home/rick;ls -la;pwd
We can not use the command cat so we gonna try less. Type in the following command
less /home/rick/"second ingredients"
Do not forget the quotes as there is a space in the file. And now you see the second ingredient in the pickle rick room .
1.3 Whats the final ingredient Rick needs?
This one is a little bit tryckier. First type in the command
sudo -L
We now know when usign sudo all commands work
Let’s take a look in the root directory. Type in the command
sudo ls root
Now for reading the file to get the last ingredient type in the command
sudo less /root/3rd.txt
And now you have all the ingredients you need.
Conclusion Pickle Rick room
The was really fun to do. I was on the right track for the first ingredient but I did not found robots.txt . When using a second tool I found it. The second ingredient I could find easily but the last was one that I normally do on boxes but forget it here. the sudo -L command. After knowing all the dots it was easy the find the last ingredient
