I had been trying whole day to get user access using exploit on ports 80 and 31337 but couldn’t get through. I don’t think I’m on the right path.
Any hints would be really helpful.

Have you done directory brute forcing?

You need to enumerate more. Look at what folders the web server is serving I’m sure you will find something interesting. There are tools to do this in Kali or you can try manually.

I tried using Dirbuster I found “js” and few image directories, nothing else. Am I going right? Because I’ve been searching for it since 2-3 days now.

bigger wordlist!

Hey guys can any body help me with privesc like hint…like that.
I have enumerated every thing but i am not able to point out the correct one. literally you can say no idea. Please help!

Got the user access. I actually didn’t pay attention to major key and stumbling around. Now I’m looking for root. Is there any scripting required or just enumeration would do?