A medium rated Linux machine that has the attacker exploit an authenticated RCE CVE to obtain user shell. Pivoting from there, the user will need to scan for other wireless networks and obtain a PSK using a Pixie Dust attack. After generating a WPA passphrase and connecting to the wireless network, the attacker is able to connect via SSH.

An easy rated Linux box that involves exploiting a Server-Side Template Injection (SSTI) vulnerability to get a reverse shell and then cracking a hash to get root.