Solar Flare - Pulling apart SolarWinds ORION - Rob Fuller BSides Philadelphia 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)
Solar Flare - Pulling apart SolarWinds ORION
Rob Fuller
@mubix
BSides Philadelphia 2016

Ever run into a password hash or encrypted password that you couldn't figure out? This talk a a journey of my failures and successes when attempting to reverse engineer passwords found and used in the SolarWinds ORION product. TL;DR - SolarWinds did a great job, but there are a number of gotchas that can make operational use of the product a bit dicey.

Rob has over 11 years of experience covering all facets of information security. He has been behind the lines helping to design, build, and defend the US Marine Corps, US Senate, and Pentagon networks - as well as performing penetration tests and Red Team assessments against those same networks. More recently, Rob has performed numerous successful Red Team assessments against commercial Fortune 50 companies representing some of the best defensive teams in the industry. Rob’s experience and expertise ranges from embedded and wireless devices in industrial control system networks to standard corporate IT infrastructures and domains. He is a frequent speaker at a number of well-known security conferences, including ShmooCon, DefCon, DerbyCon, CarolinaCon, Area41, RVASec, and HackCon; and teaches both the Metasploit Basics and Mastery classes at BlackHat USA. He has also served as a technical advisor for HBO’s show Silicon Valley and hosts his own show for Hak5 (Discovery Channel). Rob has acquired a number of certifications and awards over the years, but the ones he holds above the rest are father, husband, and United States Marine.

Recorded at BSides Philly 2016

Back to BSides Philly video list



If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek