Rooted. My hints for this box:
- first part: use one of the most famous hacking techniques for crafting malicious inputs in web-apps
- second part: use the “new” service to load your shell
- third part: look around to see what “new feature” has been added to windows systems
- fourth: use that feature to gain root as you would usually do
p.s. the cool thing is that you can perform phases 2 and 4 in a variety of ways