TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide
#tryhackme#ctf#cybersecurity#infosec
Lucky Defaulter

Lucky Defaulter @lucky-cyber3008

Joined:
Jul 9, 2025

TryHackMe Pickle Rick Walkthrough | Complete Beginner’s Guide

Publish Date: Jul 11
0 0

🥒 TryHackMe Pickle Rick — Full Walkthrough for Beginners

Hey everyone! 👋

In this walkthrough, I’ll take you step by step through the Pickle Rick room on TryHackMe — a fun, beginner-friendly CTF inspired by Rick and Morty.

You’ll learn how to:

✅ Scan for open ports with Nmap

✅ Discover hidden directories with Gobuster

✅ Enumerate Linux file systems

✅ Get root flags and complete the room!

So fire up your terminal, grab your portal gun 🌀, and let’s help Rick turn back into a human! 🚀

✅ Task 1 — Find the First Ingredient

🔍 Step 1 — Run an Nmap Scan

The first step in any CTF is reconnaissance, so I started with Nmap, one of the most powerful network scanning tools for ethical hackers and penetration testers.

I used the aggressive scan (-A flag), which does multiple things at once:

  • Runs OS detection
  • Detects service versions
  • Runs default NSE scripts
  • Performs a traceroute

This helps find open ports, see which services are running, and gather useful information for the next steps.

Here’s the command I ran:sudo nmap -A 10.10.127.154

🔍 Step 2 — Discover Hidden Directories with Gobuster

After finding the open HTTP port, I visited the website in my browser:
http://10.10.127.154/

The homepage didn’t show much, but when I checked the page source, I found a comment with a username:

R1ckRul3s

To find more hidden files or directories, I used Gobuster, a fast directory brute-forcing tool.

Gobuster checks common paths on the web server that might not be linked anywhere.

Here’s the basic Gobuster command I ran: gobuster dir -u http://10.10.127.154/ -w /usr/share/wordlists/dirb/common.txt

✅ Result:
Gobuster found a robots.txt file. So, I visited it in the browser and found this string:
Wubbalubbadubdub

I used this as the password, combined with the username from the source code.

Next, I looked for a login page.

To find possible login pages, I ran Gobuster again with common extensions:

gobuster dir -u http://10.10.127.154/ -w /usr/share/wordlists/dirb/common.txt -x php,txt,bak

🔍 Step 3 — Login to the Portal & Explore

After finding the username (R1ckRul3s) and password (Wubbalubbadubdub), I looked for a login page.

Thanks to the Gobuster results, I found one at:
http://10.10.127.154/login.php

I entered the credentials:

  • Username: R1ckRul3s
  • Password: Wubbalubbadubdub

Login successful!

Once logged in, I checked if I could run commands through the portal.

I used simple Linux commands to explore: ls

This listed the files in the current directory.
I saw some interesting files, including: Sup3rS3cretPickl3Ingred.txt, clue.txt

I tried to read it with cat

So cat was disabled!

I bypassed this by using the strings command instead:

This worked and revealed the first ingredient for Pickle Rick!

🧩 Task 2 — Find the Second Ingredient

✅ Step 1 — Read the Clue

After getting the first ingredient, I found a file named clue.txt.

I used the strings command to read it:
strings clue.txt

✅ Step 2 — Check the /home Directory

User files are usually inside /home, so I listed its contents:
ls /home

I found two user directories: rick ,ubuntu

✅ Step 3 — Check Rick’s Directory

Since this is Rick’s lab, I checked his folder:
ls /home/rick

I saw a file that looked important: second ingredients

✅ Step 4 — Read the Second Ingredient

I used the strings command again to read the file:
strings /home/rick/second\ ingredients

✅ Success!

This gave me the second ingredient for Rick’s potion.

🧩 Task 3 — Find the Third Ingredient

✅ Step 1 — Check Current User

To find out which user I was running as, I used:
whoami

This means I was the web server user, which sometimes has limited permissions — but might still have sudo access.

✅ Step 2 — Try Accessing /root

Since some final clues often hide in the root folder, I checked if I could list its files using sudo:
sudo ls /root

I found a file named: 3rd.txt

✅ Step 3 — Read the Third Ingredient

Finally, I used strings to read the file
sudo strings /root/3rd.txt

✅ This gave me the third and final ingredient for Rick’s potion!

🎉 Conclusion

In this TryHackMe room, Pickle Rick, I practiced basic web enumeration, directory brute-forcing, and simple Linux privilege exploration.

Here’s a quick recap:

  • 🔍 Task 1: Scanned the target with nmap, found open ports and credentials hidden in robots.txt.
  • 🗂️ Task 2: Used a clue to navigate the file system and found the second ingredient inside Rick’s home folder.
  • 🔑 Task 3: Checked my privileges as www-data and leveraged sudo to read the third ingredient from /root.

This room is perfect for beginners learning:

  • Basic recon with nmap and gobuster
  • How to inspect source code and hidden files
  • Simple Linux enumeration and privilege usage

If you found this helpful, please leave a ❤️ like and drop a comment below!

Your feedback helps my write-ups reach more beginners and keeps me motivated to share more walkthroughs. 🚀

Thanks for reading — follow for more TryHackMe, CTF, and hacking tutorials!

Happy hacking! 🥒💚

Comments 0 total

    Add comment