I'm not critiquing the author because they are awesome!  However, I would say that dc-3 seems easier than dc-2 and if someone were to do these in order, this one would be later, not sooner.  That being said, I believe dc-6 was also easier and dc-5 is on my weekend list because it is different than the others.  Or perhaps at first glance, I missed something obvious with dc-5.  Time will tell.  

This machine was cool and it would definitely make a beginner think outside of the box.  It incorporates tools and technologies that you might not see every day.  I'm obviously trying not to spoil -- if someone is here just looking for a hint.  

I took a brief look at DC: 5 and I can read into the file system but it's definitely not obvious taking the next step.  Meanwhile, I just wrapped up DC: 3 and according to part of the description:

"For those with experience doing CTF and Boot2Root challenges, this probably won't take you long at all (in fact, it could take you less than 20 minutes easily)."

It didn't take long but it did take more than 20 minutes because I decided to learn how to write a Joomla reverse shell plugin.  When I wrote the WordPress Plugin : Reverse Shell, the thought occurred to me to do the same for Joomla but I didn't bother.  Given the easier target, it seemed like a good time.  And I learned something and that's what really matters.

I don't do a lot of brute force attacks because other than some low-end products that allow for that kind of thing, most real world devices, services, etc., won't tolerate it.  When I do end up using brute force, it's either with Hydra or Burp but with write-ups, I shy away from pay products only because these tools might not be available to everyone.  Today, I used Hydra, I learned something new, and that makes this write-up worth it or more than one level.

Continuing on with the DC series of boxes, our next target is DC: 4

Kicking off with an Nmap scan: