Use NMAP to identify the target machine (192.168.2.5) among (192.168.2.0/24)
Use NMAP to identify the service: PHP server on port 80
Discover the vulnerability: RCE via file upload 
Create a php file enabling command execution
Upload the file to the web server
Execute the file reading the flag
Provide the FinalAnswer