I mean now that you've got it open you could run a check against all the running services for known XSS and root exploits to see if any have open exploits that could be used to get in from the normal firmware, i mean.. you cheated but hey if they left the image decrypted ... is it really cheating