This was a super fun box. Privesc is usually super hard for me, even tho it took me forever to figure out how to get user and root shells, it was at least nice to know I was looking at the right things, I just had to figure out what was being done so that I could make it do what I wanted, so I was forced to learn some things I didn’t know, which was nice. (How do PHP devs not kill themselves? God that is ugly code)
PM if you need a nudge