Had to get a hint here. All I had to do was add the content length๐คฆโโ๏ธ
Seems to be a user account ariah:NowiseSloopTheory139 for SSH login.
Shell
Found a file that looks interesting: C:\ftp\Infrastructure.pdf
Had to look at how to copy this over since sending it to wwwtree was messing up the file.
PDF is password protected. Cracked it with john.
Tried making a reverse shell with msfvenom here but it kept crashing whenever the shell would come back.
Added ariah to local admin group on the machine and enabled RDP. Both commands had to be URL encoded to send.
