🪓
THM
  • Machines
    • Easy Machines
      • Pickle Rick
        • Findings Log
        • Scouting
          • URL Source Code
          • Wappalyzer
          • NMAP
        • Enumeration
          • Initial Enumeration
            • Gobuster
            • Open Port Vulnerability Check
            • Nikto
          • Portal Page Enumeration
        • Exploitation
          • SSH- Pointless
          • Command Panel
            • Python Webserver
            • Payloadallthethings
          • Cookies
        • Escalation
      • Basic Penetration Testing
      • OhSINT
      • Crack the hash
      • RootMe
      • Simple CTF
Powered by GitBook
On this page
  1. Machines
  2. Easy Machines
  3. Pickle Rick

Escalation

  • After gaining access to the system from payloadallthethings:

  • I'm going to start by getting a more interactive terminal with the following:

python3 -c 'import pty; pty.spawn("/bin/bash")'

  • I browsed through the system and found the second ingredient in /home/rick:

    • 1 jerry tear

  • Well, I spent way too long looking for a way to become root user when it was super easy.

    • sudo su

    • Bam. I'm root. Simple as pi

PreviousCookiesNextBasic Penetration Testing

Last updated 2 years ago