I have found the service running but I am struggling to upload a shell.
I wanted to add a comment :p
I gave Katana a new look and pwned it the intended way.
First time I pwned it was because someone let a webshell on the webserver :D I thought it was intended but I was wrong.
So please if you put some kind of backdoor on a box use an uncommon name like your nick so everyone can guess it's not part of the CTF.