Hi mates!
Please see my writeup for the recently retired Scavenger box:
https://medium.com/@bigb0ss/htb-scavenger-write-up-fee11d971774
Super fun box and a lot of things to tackle 
I also added an unintended way to get an instant root access after you gain first code execution via vulnerable Exim SMTP server.
Enjoy!