Walla 🔸

Enumeration

Going to webserver port 8091, we are greeted with a user and password login. Using feroxbuster, we find package.json.

If we follow the GitHub link, we can see the default user and password in the installation guide.

We can enter with these credentials.

Going to System, we have a console.

Get the flag.

We can execute a Python script wifi_reset.py.

When executing the script, it can't find the wificontroller module, so we can make one.

Now if we execute it, /bin/bash will have the SUID bit.

Get the flag.