Photographer 1: Vulnhub Walkthrough
Photographer contains multiple exploits and misconfigurations. Starting with retrieving credentials from Samba shares then exploiting Koken CMS to gain a reverse shell. LinPEAS revealed MySQL credentials and a SUID PHP binary, enabling privilege escalation to root.