Machine Synopsis

Chaos is a "medium" difficulty box which provides an array of challenges to deal with. It requires a fair amount enumeration of the web server as well as enumerating vhosts which leads to a wordpress site which provides a file containing credentials for an IMAP server. The drafts folder contained sensitive information which needed cryptographical knowledge to decipher. The decrypted information leads to a page hosting a vulnerable Latex application which helps to gain a foothold. Password reuse helps to land a shell as a user but in a restricted shell which can be bypassed by abusing a GTFObin. Escaping the shell gives access to the user's firefox folder containing saved logins which on decrypting gives access to a webadmin console and the root shell.