hack the box ctf

In short: Anonymous FTP login, password-protected zip-file with a database storing the password, contents of zip-file were an email with password for telnet, use of runas /savecred to escalate.