Writeup was an easy Linux box that required paying attention to what happened when users interact with the server. Getting user required basic web enumeration and the use of an existing SQL injection exploit to get RCE using CMS Made Simple. After that, privilege escalation involved understanding environment variables and how to properly configure a user’s PATH, and abusing a misconfigured command triggered by SSH logins.