User:
Just enumerate well and google about common vulns for the infos you find. Actually, there is an obvius hint that should lead you pretty quick to a shell.
Than just look at the juicy files you tipically cannot read in a CTF and you will escalate to user quickly.
Actually I think is not needed to get the user that has access to user.txt in order to get root - so you can try to enumerate more and directly root the box.
Root:
Standard enumeration, nothing hard, keep things simple, just make sure to CHECK two times your privesc commands to see something strange! Maybe double check these commands with the same commands outputs you have in your attacker machine to spot on something strange.