Task 1  Pickle Rick

Answer the questions below

What is the first ingredient that Rick needs?

The first thing I always do is check the souce code which had a comment

    Username: R1ckRul3s, next I checked the robots.txt file only to find Wubbalubbadubdub.

So I ran a nmap scan to see if there are any ports we could use which there is a 22 and 80. Next I ran gobuster with they syntax gobuster dir -u http://10.10.177.66 -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt  but all that showed up really was the /asset dir again. So let’s dive deeper to see if there are any hints. Looking at the folder we can see there’s a portal.jpg which could be a clue, logins have portals so after some stumbling and hinting around I found out its located at /login.php. So lets try the username from the source and the weird mumble of words from the robots.txt file. Great that got us in but after looking we need to be the “real” rick so all we have is the command panel. Lets try to pass some commands first if we ls we can see some files including Sup3rS3cretPickl3Ingred.txt if we try to cat it it gets denied  but if use the less command we find our first ingredient.

What is the second ingredient in Rick’s potion?

The next thing I looked at was the clue.txt by using the less command and it says to look around the file system. So by using sudo -l we can see it’s set to nopassd so then we can use ls /../../../ to view the directories and we can see a home directory and if we move through there we can see the second ingredient so we can less /home/rick/”second ingredients” and we get it

What is the last and final ingredient?

After poking the bear a bit I saw the root folder then I ls’d into there and saw 3^rd.txt so I sudo less 3^rd.txt and bang  we get the 3^rd ingredient