about the box "time"... as you were asking for a tip...finding user, for me at least, was about the CVE. I couldn't find it in exploit-db or searchsploit, but a google search where i found a website that posts a POC. The code needed a little examination and understanding what was going on, to customize it for this box. (or at least that's how i did this.) the exploit was fairly simple. Figuring out which CVE to search for, can be found out by examining the drop down menu on the main page and poking at it just a little bit.