wpscan for vulns, get local shell as www-data, get root ssh key from DB.

Original writeup (https://www.nevivur.net/writeups/2019/02/tamuctf-19/#wordpress).