Type your comment> @nob0dy73 said:
I just rooted the box and have some questions about the initial foothold. The way that r**s is set up on the box, is that a normal setup? I was surprised how my attack actually worked.
There are more than one configuration items which bears the imprint of a CTF-like implementation. One of them is applying the DenyUser option in sshd_config, and an other one is using the command rename option in the r***s configuration file.
Purpose of these settings are exclusion of alternative solutions.