Thank you to @tabacci for this nudge and @3mrgnc3 for the box. It made me remember something that made me try really harder in the initial days.
This is really close to a penetration test. If you think this is just a web application penetration test, you might be highly mistaken. This is NOT just a web application penetration test where you’d run some automated tool, or perform SQLi, and boom, you get in. This requires some work, some patience, some suffering (@3mrgnc3 knows what I’m speaking about 
)
Really enjoyed this box. I +1 it. PMs are not welcomed 