Rooted :mrgreen:
C:\Users\Administrator>whoami
whoami
nt authority\system
C:\Users\Administrator>hostname
hostname
ServMon
Fun easy box,
Read the exploit you will find online for an idea on how it is exploited, then read the docs. I did manage to view the webui but it was slow as f so ended up using the API instead.
You do not have to reset, refresh or reload this box or any part of it. Priv esc can be done consistently with 2 curl commands from kali.
Sounds like some people could do with watching this:
Thanks @dmw0ng