Pickle Rick TryHackMe Writeup

This is a blog on how i solved Pickle Rick room on tryhackme. Note that i use linux. First i put the machine IP into env using the export command.

export IP=(your target machine's IP addres)

Enum

Nmap

I did a simple nmap scan on the server:

nmap -sCV -oN nmap-init.log $IP

-sCV is for using the default scripts and check for services version on the machine. -oN is to log the output of nmap into a file.

scan result

PORT      STATE    SERVICE  VERSION
22/tcp    open     ssh      OpenSSH 7.2p2 Ubuntu 4ubuntu2.6 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey: 
|   2048 b0:cb:ec:b6:8c:44:c3:c8:64:4c:00:c0:fb:fd:4b:0a (RSA)
|   256 18:6f:e1:d3:0d:e9:a0:44:e4:31:83:49:dc:41:50:8c (ECDSA)
|_  256 ba:74:77:09:29:45:94:a4:a7:13:ba:27:2d:23:d5:33 (ED25519)
80/tcp    open     http     Apache httpd 2.4.18 ((Ubuntu))
|_http-server-header: Apache/2.4.18 (Ubuntu)
|_http-title: Rick is sup4r cool
1105/tcp  filtered ftranhc
1119/tcp  filtered bnetgame
22939/tcp filtered unknown
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

It shows that there are a web service running on port 80, lets check that with our browser. The website shows some reference to Burp Suite, After viewing the page sources i saw a comment:

  <!--

    Note to self, remember username!

    Username: R1ckRul3s

  -->

Then i tried loading the page in Burp Suite.