Rooted this yesterday. Nice misconfiguration/setup that matches some things I’ve seen in the real world.
Hints:
Initial access: Find the interesting pages, figure out how they work (there is a major hint if you look around ) , exploit the oversight in the M*** handling
User shell: Find the interesting script, find when and why it triggers, figure out a way to trigger it in a way that furthers your access
Root shell: Enumerate well, find the other interesting script (note the name of the box), maybe google how to exploit it, but honestly shouldn’t be too hard to figure out if you just try stuff.
Please report if too spoilery
Feel free to DM for hints.