2 writeups tagged with Fuzzing
pfSense 2.1.3 authenticated command injection (CVE-2014-4688). Credentials found via directory fuzzing on the web interface.
phpbash webshell discovered via directory fuzzing. Lateral movement through sudo scriptmanager, cron-based root.
