Command Injection Explained | Rickdiculouslyeasy Vulhub Walkthrough

We covered he solution of Rickdiculouslyeasy Vulhub where we demonstrated command injection in the web application running on the instance that allowed us to enumerate and extract sensitive information such as usernames on the machine. Using “string” tool to extract hidden passwords, we were able to login the FTP storage server and extract more hints that led to solving the challenge and extracting the flag.

It is a virtual box that was used to establish a Fedora server. Getting root access to the computer is the major goal. The objective of this straightforward Rick and Morty-themed boot 2 root is to gather as many flags as you can to reach the top, earning a total of 130 points.

The command injection was carried out on /cgi-bin/tracertool.cgi

Get OSCP Certificate Notes

The Complete Practical Web Application Penetration Testing Course

Video Walkthrough

command injection, CTF Writeups, Penetration Testing, vulnhub

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Command Injection Explained | EP2 | Rickdiculouslyeasy Vulhub CTF Walkthrough

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Command Injection Explained | EP2 | Rickdiculouslyeasy Vulhub CTF Walkthrough

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

HackTheBox SPG Challenge Writeup | Cryptography CTF Challenges

Blue Team SOC Real World Case Studies | Complete Walkthrough | TryHackMe Boogeyman 1,2,3

Auditing Explained in IT & Information Security