The target for this walkthrough is an Ubuntu machine with a number of vulnerabilities allowing initial access and privilege escalation.
The initial foothold is obtained using a directory traversal vulnerability in a web application running on the target, which allows the user to upload a Python CGI script which executes OS commands.
This is used to run a reverse shell command providing initial access.
From here, the user explores the file system, finding a database containing an MD5 hashed user password, which is brute-forced, granting low-privileged access.
Using netstat, the user then identifies a service running on port 8888, which is forwarded over an SSH tunnel to the local machine, and explored.
A vulnerability in the software is then exploited to allow the user to traverse the file system, ultimately leading to the root SSH key, which is used to achieve root access on the target.