For those who are struggling let me ask you one thing …which year is this ?
Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!
@sillydaddy you are a legend! Thank you for putting me out of my misery! Suddenly everything makes sense now. Doh! 
Sorry for confusing people with ‘Think like a user’. I was just so happy that for the first time on HTB I had the right idea on guessing creds immediately. In this case it felt ‘obvious’ to me.
But it’s really an issue because the password seems be changed often - so if you try your guessed / tweaked creds the very first time you cannot be sure if you guessed right or the pw was changed. I was lucky.
Again I want to implore everybody: Please don’t brute-force the box or change the pw. Neither is needed for getting root. Do some research on the app - you can either root it based on research only or you can poke around and find out how it works.
i think that we have enough hints now
i got the pw on ftp, and i think like a user, i use P******9 pw to login , it still wrong , someone can give me some hints?
Type your comment> @bl4sph3m said:
Rooted, valuable knowledge for a Windows Machine… if you need some hint, please let me know !! Glad to Help
Tip for root?
Built a wordlist for password, none worked. Maybe I got the hint from @sillydaddy wrong…
Kinda out of thoughts now.
Also I downloaded some file for a running system with configuration, but the important value is encrypted 
Spoiler Removed
Type your comment> @z3r0c001 said:
Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!
no worries
Rooted, Fun little box… Thanks to the creator.
@Lisbeth said:
@sillydaddy you are a legend! Thank you for putting me out of my misery! Suddenly everything makes sense now. Doh!
no worries
I think I have found the creds to login but get denied.
Can someone PM me to confirm I have the correct ones (or have I fallen foul of the password changers!!!)
Type your comment> @sillydaddy said:
Type your comment> @z3r0c001 said:
Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!
no worries
Tip for root?
@LuckSec said:
Type your comment> @sillydaddy said:Type your comment> @z3r0c001 said:
Thank you @sillydaddy ! You saved my day with your last post!!! “Think like a user” was smashing my brain… Remembering the year was a good hint!
no worries
Tip for root?
Search Google …
app name and a common web vulnerabiity . you should get a blog post !!!
Yup done that found the correct place and crafting a command then check back at the FTP server but nowt nowt nowt hahah its killing me this noob box but good fun as i have never user PRTG
The passwords are definitely getting changed. I couldn’t get in with the correct creds the first time I tried, and while I was poking around, it kicked me out and wouldn’t let me back in till I reverted. I don’t think people are intentionally doing it, I am guessing that the “password reset” is rendering the correct one useless once it is clicked.
and I am on VIP
about creds, read some reddit page.
I slapped myself in my face with a big C++ book…
For creds: ENUMERATE. ENUMERATE MORE. ENUMERATE
then it’s straight forward to gain access and priv esc
Getting creds is very easy if you are focusing on right think, simple grep should get you the password