Pickle Rick
Task 1: Pickle Rick
What is the first ingredient that Rick needs?
Lets perform a simple
nmap
scan to see which ports are open.
There are two open ports:
Port | Service |
---|---|
22 | ssh |
80 | http |
Let's enter the IP address in the browser and see what comes up.
Let's check the page source for more information.
So we have a username now:
R1ckRul3s
. However we don't know the password yet.On most websites, the
robots.txt
file does the job of disallowing web crawlers from accessing particular pages. Let's see if we can find anything there.
Looks like
Wubbalubbadubdub
is the password.But where should we enter these credentials?
In order to find the login page we will have to perform some directory brute-forcing. There are various tools available, but in this case let's use
gobuster
.
We can see a
/login.php
file. Let's go to the file in the browser.
Let's enter the credentials that we found before i.e.
R1ckRul3s
as username andWubbalubbadubdub
as the password.
We're in and we have a
Command Panel
to enter our commands.We can use the
ls
command to list the files and sub-directories.
The
Sup3rS3cretPickl3Ingred.txt
file seems interesting. Let'scat
the contents of that file.
Oh! So
cat
is disabled. We have to find another way to read the file.We can
grep
all the contents of the file by using the.
regular expression.
Answer
What is the second ingredient in Rick’s potion?
We can check which user are present by using the following command:
Let's check what files
rick
has using the following command:
Let's see what is in to the
second ingredients
.
Answer
What is the last and final ingredient?
Let's look at the
/root
directory using the following command:
As always, we can use
grep
to read the contents of a file.
Answer
Last updated