Pickle Rick Try HacK Me Walkthrough

 Today the time has come to settle another test called Pickle Rick. It is accessible at TryHackMe for entrance testing practice. The test is of simple trouble on the off chance that you have the right fundamental information and are mindful of little subtleties that are needed in the specification interaction. The credit for making this machine goes to tryhackme. The breakdown of the Machine with the redacted banners is: 

Hiring hacker

Level: Easy 

Infiltration Testing Methodology 

Organization Scanning 

Nmap Scan 

Identification 

Identifying HTTP Service 

Extricating Username from Source Code 

Index Bruteforce utilizing dirb 

Extricating Password from robots.txt 

Index Bruteforce utilizing dirb [Extension] 

Signing nto the Web Application 

Abuse 

Taking advantage of Command Module 

Specifying for Ingredients 

Summoning Reverse Shell 

Separating the First Ingredient 

Specifying Ricks records 

Separating the Second Ingredient 

Advantage Escalation 

Specifying Sudo Permissions 

Taking advantage of Sudo Permissions 

Getting Root Shell 

Separating the Third Ingredient 

Walkthrough 

hiring a hacker

Subsequent to Booting up the objective machine from the TryHackMe:

 Pickle Rick CTF Page, an IP will be relegated to the machine and will be noticeable on that page too. 

IP Address: 10.10.43.98 

Three inquiries are needed to finish this machine. 

Organization Scanning 

We will begin a Nmap check with the - sC for Default Scripts and - sV for Scanning Versions. 

nmap - sC - sV 10.10.43.98 

Nmap had the option to distinguish 2 administrations running on the objective machine. It included SSH (22), HTTP (80). 

Count 

Since we dont have qualifications for the SSH administration, we will start the count from the HTTP administration.

 We see a straightforward Rick and Morty-themed site page. It peruses a message from Rick to Morty.

It tells Morty that Rick has transformed himself into a Pickle once more. The bend is that he can't change back.

 He asks Morty to login into his PC and concentrate 3 mystery fixings that are needed for Rick to return to human from Pickle.

Since Rick has failed to remember the secret word for his PC, Morty is needed to utilize his Hacking Skills to get those fixings. 

http://10.10.43.98/ 

We attempt to search for any pieces of information inside the actual page. We check the source code to find the username R1ckRul3s. 

view-source:http://10.10.43.98/ 

There are two prospects here, either this is a username that can be utilized to sign in by means of SSH or there is another login module inside the web application.

 To specify the subsequent situation, we ran a catalog Bruteforce utilizing dirb as displayed in the picture underneath. We found the robots.txt document 

dirb http://10.10.43.98

After perusing the robots.txt, we found Ricks well known expression Wubbalubbadubdub. This might be the secret key for the client that we saw as before. Presently we really want to specify that login page in case there is any. 

http://10.10.43.98/robots.txt

Back to our catalog Bruteforce, this time we incorporated the expansion channel with the Bruteforce. We checked for the php records.

 In the wake of running for some time, it had the option to separate a login.php. Perhaps this is the entry that can be utilized to login into the web application 

dirb http://10.10.43.98 - X .php 

AftEr opening the login.php in the internet browser, we see that it is the entrance login.

 We utilize the username that we had the option to specify from the source code of the landing page and the secret word that we had the option to identify from the robots.txt. 

Abuse

We had the option to sign in utilizing the accreditations. There were a lot of different pages and choices on the menu. Nonetheless, the Commands tab stood out for us. True to form, it was a board that can be utilized to run framework orders on the objective machine. We ran the ls order to track down a text record by the name of Sup3rS3cretPickl3Ingred.txt 

We took a stab at perusing the Sup3rS3cretPickl3Ingred.txt document utilizing the feline order however we were caught by Mr.

 Meeseek he says that feline order is confined.


Comments

Post a Comment

Popular posts from this blog

Windows Privilege Escalation: Insecure GUI Application

 Presentation  In the series of Privilege heightening, till now we have discovered that Microsoft Windows offers a wide scope of fine-grained consents and advantages for controlling admittance to Windows parts including administrations, documents, and vault sections. Today through applications we will take advantage of the advantages. Numerous GUI applications need higher advantages other than the current client to have, to get to a portion of their specific administrations. Furthermore, only because of misconfiguration of the application. Gives profound jump access to it.  hacker for hire Chapter by chapter guide Presentation  Requirements  Lab arrangement of unreliable GUI Application  Mishndling Insecure GUI Application  Essentials:  Machine A-Window 10 (Ignite as an administrator client)  Notepd+ Installed application on window 10  Lab Setup of Insecure GUI Application  Machine A, has touch off as an administrator client.  ...
Read more

Wireless Penetration Testing: Airgeddon

 Youll find how to utilize airgeddon for Wi-Fi hacking in this article. It empowers the catch of the WPA/WPA2 and PKMID handshakes to begin a beast power attack on the Wi-Fi secret phrase key. It likewise supports the production of an imaginary AP for dispatching Evil Twin Attack by attracting customers into the hostage gateway.  Chapter by chapter list  Introduce Airgeddon and Usage  Catching Handshake and Deauthentication  Aircrack Dictionary Attack for WPA Handshake  Airacrack Brute Force Attack for WPA Handshake  Hashcat Rule-Based Attack for WPA Handshake  Underhanded Twi Attack  find a hacker PMKID Attack  Let start by distinguishing the state for our remote connector by executing the ifconfig wlan0 order. Wlan0 states that our wireless association mode is empowered in our machine.  Introduce Airgeddon and Usage  Airgrddon Features:  Full help for 2.4Ghz and 5Ghz groups  Helped WPA/WPA2 individual organizations ...
Read more