Too much lag on the machine. Finally managed to capture the root flag after 2 resets and doing everything fast.
Hints
User: Enumerate directories, ftp etc. Everything is in there. Do not destroy everything in your path and do not use 100 threads for each task. Be gentle with the machine!
You will also need to use your SQL skills for this common vulnerability. First google result describes everything in detail.
Root: Took me some time to understand that python is a good friend for us and bad for naive roots. When you understand how it works you can use it to your advantage to get a shell, extract a shadow file or simply capture the flag and be on your way.
Hope I didn’t spoil. If I did let me know what to remove.