footold;
nmap it, make sure to scan all ports. focus on port 80, try to see things behind the scenes, and something will make sense to you.
user;
a great way to learn a little about the topic, once you’re done with the exploit, address it to the “leet” port.
root;
no python or netcat, but you still can get something nice out of ssh. focus on the home directory, it has all the files needed to get root. google about the database type, try to find attack vectors and then, read --help, maybe there’s an option to pass something you already have in addiction.
it will all make sense after that, remember that this is a CTFish box, so clues might be hidden
over all a great box to step into R** and exploitation, nothing more than that