This is not a walkthrough guide or tutorial on how to go about obtaining user or root on this system. Simply put, this is a write up of my experience in owning the system Craft.

User/Shell Access

In order to successfully complete this system there are significant points where enumeration is key. In addition, being able to do code review and understand weak/dangerous functions will be critical to getting your initial foothold onto the system.

Root Access

I found the necessary pieces to obtain root fairly quickly running Linux Smart Enumeration in Level 2 (dump all the things) mode. Something popped up in the output that caught my eye in which I’ve never seen this before.