Several hints can be found when enumerating the services, the idea is to understand how a vulnerable API can be exploited, you can contact me on twitter @sidchn_20 for giving any feedback regarding the machine
https://t.co/4eyrZhEcWh