DEV Community: Lucky Defaulter

[Boost]

Lucky Defaulter — Fri, 11 Jul 2025 03:34:10 +0000

TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide

Lucky Defaulter ・ Jul 11

TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide

Lucky Defaulter — Fri, 11 Jul 2025 03:31:50 +0000

🥒 TryHackMe Pickle Rick — Full Walkthrough for Beginners

Hey everyone! 👋

In this walkthrough, I’ll take you step by step through the Pickle Rick room on TryHackMe — a fun, beginner-friendly CTF inspired by Rick and Morty.

You’ll learn how to:

✅ Scan for open ports with Nmap

✅ Discover hidden directories with Gobuster

✅ Enumerate Linux file systems

✅ Get root flags and complete the room!

So fire up your terminal, grab your portal gun 🌀, and let’s help Rick turn back into a human! 🚀

✅ Task 1 — Find the First Ingredient

🔍 Step 1 — Run an Nmap Scan

The first step in any CTF is reconnaissance, so I started with Nmap, one of the most powerful network scanning tools for ethical hackers and penetration testers.

I used the aggressive scan (-A flag), which does multiple things at once:

Runs OS detection
Detects service versions
Runs default NSE scripts
Performs a traceroute

This helps find open ports, see which services are running, and gather useful information for the next steps.

Here’s the command I ran:sudo nmap -A 10.10.127.154

🔍 Step 2 — Discover Hidden Directories with Gobuster

After finding the open HTTP port, I visited the website in my browser:
http://10.10.127.154/

The homepage didn’t show much, but when I checked the page source, I found a comment with a username:

R1ckRul3s

To find more hidden files or directories, I used Gobuster, a fast directory brute-forcing tool.

Gobuster checks common paths on the web server that might not be linked anywhere.

Here’s the basic Gobuster command I ran: gobuster dir -u http://10.10.127.154/ -w /usr/share/wordlists/dirb/common.txt

✅ Result:
Gobuster found a robots.txt file. So, I visited it in the browser and found this string:
Wubbalubbadubdub

I used this as the password, combined with the username from the source code.

Next, I looked for a login page.

To find possible login pages, I ran Gobuster again with common extensions:

gobuster dir -u http://10.10.127.154/ -w /usr/share/wordlists/dirb/common.txt -x php,txt,bak

🔍 Step 3 — Login to the Portal & Explore

After finding the username (R1ckRul3s) and password (Wubbalubbadubdub), I looked for a login page.

Thanks to the Gobuster results, I found one at:
http://10.10.127.154/login.php

I entered the credentials:

Username: R1ckRul3s
Password: Wubbalubbadubdub

✅ Login successful!

Once logged in, I checked if I could run commands through the portal.

I used simple Linux commands to explore: ls

This listed the files in the current directory.
I saw some interesting files, including: Sup3rS3cretPickl3Ingred.txt, clue.txt

I tried to read it with cat

So cat was disabled!

I bypassed this by using the strings command instead:

This worked and revealed the first ingredient for Pickle Rick!

🧩 Task 2 — Find the Second Ingredient

✅ Step 1 — Read the Clue

After getting the first ingredient, I found a file named clue.txt.

I used the strings command to read it:
strings clue.txt

✅ Step 2 — Check the /home Directory

User files are usually inside /home, so I listed its contents:
ls /home

I found two user directories: rick ,ubuntu

✅ Step 3 — Check Rick’s Directory

Since this is Rick’s lab, I checked his folder:
ls /home/rick

I saw a file that looked important: second ingredients

✅ Step 4 — Read the Second Ingredient

I used the strings command again to read the file:
strings /home/rick/second\ ingredients

✅ Success!

This gave me the second ingredient for Rick’s potion.

🧩 Task 3 — Find the Third Ingredient

✅ Step 1 — Check Current User

To find out which user I was running as, I used:
whoami

This means I was the web server user, which sometimes has limited permissions — but might still have sudo access.

✅ Step 2 — Try Accessing /root

Since some final clues often hide in the root folder, I checked if I could list its files using sudo:
sudo ls /root

I found a file named: 3rd.txt

✅ Step 3 — Read the Third Ingredient

Finally, I used strings to read the file
sudo strings /root/3rd.txt

✅ This gave me the third and final ingredient for Rick’s potion!

🎉 Conclusion

In this TryHackMe room, Pickle Rick, I practiced basic web enumeration, directory brute-forcing, and simple Linux privilege exploration.

Here’s a quick recap:

🔍 Task 1: Scanned the target with nmap, found open ports and credentials hidden in robots.txt.
🗂️ Task 2: Used a clue to navigate the file system and found the second ingredient inside Rick’s home folder.
🔑 Task 3: Checked my privileges as www-data and leveraged sudo to read the third ingredient from /root.

This room is perfect for beginners learning:

Basic recon with nmap and gobuster
How to inspect source code and hidden files
Simple Linux enumeration and privilege usage

✅ If you found this helpful, please leave a ❤️ like and drop a comment below!

Your feedback helps my write-ups reach more beginners and keeps me motivated to share more walkthroughs. 🚀

Thanks for reading — follow for more TryHackMe, CTF, and hacking tutorials!

Happy hacking! 🥒💚

[Boost]

Lucky Defaulter — Thu, 10 Jul 2025 04:18:12 +0000

Lucky Defaulter

Jul 9 '25

“Wireshark for Beginners: TryHackMe Walkthrough & Tips”

#cybersecurity #wireshark #tryhackme #tutorial

Comments

5 min read

“Wireshark for Beginners: TryHackMe Walkthrough & Tips”

Lucky Defaulter — Wed, 09 Jul 2025 07:55:47 +0000

👋 Hello everyone!

This is my detailed walkthrough for the Wireshark: The Basics room on TryHackMe.

✅ Task 1 — Introduction

What I Learned:

Wireshark is an open-source network packet analyzer.
The room provides a VM with two .pcapng files.

✅ Task 2 — Use Cases, GUI & File Analysis

📂 File Used

Exercise.pcapng

🔍 1️⃣ Find the Capture File Comments (Flag)

Opened Exercise.pcapng in Wireshark.
Went to Statistics → Capture File Properties.
A pop-up box appeared showing the file metadata.
Scrolled down to find the Capture File Comments section.
Found the hidden flag inside the comments.

📊 2️⃣ Find the Total Number of Packets

While the file was still open:
- Looked at the bottom right corner in the Status Bar.
- Found the Total Packets count there.

🔐 3️⃣ Find the SHA256 Hash Value

Again, went to Statistics → Capture File Properties.
At the top of the pop-up, found the SHA256 hash of the capture file.

✅ Task 3 — Packet Dissection

📂 File Used

Exercise.pcapng

🔍 What I Did

In this task, I practiced packet dissection by decoding protocol layers in Packet 38.

⚙️ Steps I Followed

1️⃣ Markup Language (HTTP)

I located Packet 38 in the Packet List Pane.
Below, in the Packet Details Pane, I checked the layers.
I expanded the HTTP protocol layer.
Found the markup language directly under HTTP.

2️⃣ Arrival Date

While still in Packet 38, I expanded the HTTP protocol section.
Found the Arrival Date field in the headers/info.

3️⃣ TTL Value

In the Packet Details Pane, I expanded the IP protocol section.
Found the TTL (Time to Live) field listed inside.

4️⃣ TCP Payload Size

Just below the IP protocol, there’s the TCP protocol section.
Without expanding, the Payload Size was already visible in the same line at the end.

5️⃣ E-Tag Value

Again, under the same HTTP protocol section, I looked deeper.
Found the E-Tag field and noted its value.

✅ Task 4 — Packet Navigation

📂 File Used

Exercise.pcapng

🔍 What I Did

In this task, I learned to search, navigate, mark, comment, extract, and verify packets using Wireshark’s advanced features.

⚙️ Steps I Followed

1️⃣ Search for `r4w` String — Artist 1

Opened Exercise.pcapng in Wireshark.
Went to Edit → Find Packet.
In the Find Packet dialog:
- Entered r4w as the search string.
- Set the search to look inside Packet Details.
Wireshark highlighted the packet containing r4w → found the full string → revealed Artist 1’s name.

2️⃣ Get MD5 Hash — Packet Comments

Went to Go → Go to Packet → Entered 12.
Right-clicked the packet → selected Packet Comment.
The comment said: Go to Packet 39765.
Went to Go → Go to Packet → Entered 39765.
Exported the packet bytes:
- File → Export Packet Bytes → saved as test.
Opened terminal → ran: md5sum test

3️⃣ Extract `.txt` File — Find the Alien’s Name

Opened Exercise.pcapng in Wireshark.
Clicked File → Export Objects → HTTP.
A window popped up listing all HTTP objects:
- Columns: Filename, Size, Packet, Host, Content Type.
Sorted the Filename column by clicking the up arrow.
Located note.txt in the list.
Selected note.txt and saved it to my Downloads folder.
Opened my terminal and ran: cat note.txt

🔍 4️⃣ Check Expert Info — Find Number of Warnings

Opened Exercise.pcapng in Wireshark.
Went to Analyze → Expert Information.
This opened the Expert Info dialog box.
The dialog showed various categories: Chat, Note, Warn, and Error.
Looked for the Warnings section (yellow icon).
Checked the Count column next to Warnings.
Got the total number of warnings from there.

✅ Task 5 — Packet Filtering

📂 File Used

Exercise.pcapng

🔍 1️⃣ Apply Filter — Get Filter Query

Went to Packet 4 in the capture.
In the Packet Details Pane below, found the HTTP protocol layer.
Right-clicked on the HTTP protocol.
Chose Apply as Filter → Selected.
The filter was applied automatically.
The filter query appeared in the Filter Bar at the top.

🔍 2️⃣ Displayed Packets Count

After the filter was applied:
- Looked at the Status Bar in the bottom right corner.
- Verified the number of packets displayed.
- Used this number as the answer.

🔍 3️⃣ Follow HTTP Stream — Total Number of Artists

Went to Packet 33790 in the capture.
Right-clicked the packet.
Selected Follow → HTTP Stream.
A new window opened showing the HTTP response.
Searched for artist in the source code.
Counted the total number of artists listed.

🔍 4️⃣ Name of Second Artist

In the same HTTP Stream window:
- Checked the displayed list of all artists.
- Found and noted the name of the second artist in the list.

✅ Task 6 — Conclusion

🎉 What I Learned

How to open and navigate .pcapng files in Wireshark.
How to use Capture File Properties to find metadata like flags and hashes.
How to dissect packets layer by layer using the Packet Details Pane.
How to apply filters, follow streams, and extract files from packets.
How to use Expert Info, Mark Packets, and Packet Comments for deeper analysis.
How to search with Find Packet, navigate with Go To Packet, and export objects.

🙌 Thanks for Reading!

🙏 If this helped you, please ❤️ this post, leave a comment, and share it with your friends!

💬 I’d love to hear: Did you find this TryHackMe room useful? Drop your thoughts below!

💻 TryHackMe Profile
🐙 GitHub

Happy Packet Sniffing! 🦈✨

DEV Community: Lucky Defaulter

[Boost]

TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide

Lucky Defaulter ・ Jul 11

TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide

🥒 TryHackMe Pickle Rick — Full Walkthrough for Beginners

✅ Task 1 — Find the First Ingredient

🔍 Step 1 — Run an Nmap Scan

🔍 Step 2 — Discover Hidden Directories with Gobuster

🔍 Step 3 — Login to the Portal & Explore

🧩 Task 2 — Find the Second Ingredient

✅ Step 1 — Read the Clue

✅ Step 2 — Check the /home Directory

✅ Step 3 — Check Rick’s Directory

✅ Step 4 — Read the Second Ingredient

✅ Success!

🧩 Task 3 — Find the Third Ingredient

✅ Step 1 — Check Current User

✅ Step 2 — Try Accessing /root

✅ Step 3 — Read the Third Ingredient

🎉 Conclusion

[Boost]

“Wireshark for Beginners: TryHackMe Walkthrough & Tips”

“Wireshark for Beginners: TryHackMe Walkthrough & Tips”

✅ Task 1 — Introduction

✅ Task 2 — Use Cases, GUI & File Analysis

📂 File Used

🔍 1️⃣ Find the Capture File Comments (Flag)

📊 2️⃣ Find the Total Number of Packets

🔐 3️⃣ Find the SHA256 Hash Value

✅ Task 3 — Packet Dissection

📂 File Used

🔍 What I Did

⚙️ Steps I Followed

1️⃣ Markup Language (HTTP)

2️⃣ Arrival Date

3️⃣ TTL Value

4️⃣ TCP Payload Size

5️⃣ E-Tag Value

✅ Task 4 — Packet Navigation

📂 File Used

🔍 What I Did

⚙️ Steps I Followed

1️⃣ Search for r4w String — Artist 1

2️⃣ Get MD5 Hash — Packet Comments

3️⃣ Extract .txt File — Find the Alien’s Name

🔍 4️⃣ Check Expert Info — Find Number of Warnings

✅ Task 5 — Packet Filtering

📂 File Used

🔍 1️⃣ Apply Filter — Get Filter Query

🔍 2️⃣ Displayed Packets Count

🔍 3️⃣ Follow HTTP Stream — Total Number of Artists

🔍 4️⃣ Name of Second Artist

✅ Task 6 — Conclusion

🎉 What I Learned

🙌 Thanks for Reading!

1️⃣ Search for `r4w` String — Artist 1

3️⃣ Extract `.txt` File — Find the Alien’s Name