TL;DR

  • Password for update server published accidentally online by SolarWinds in 2019
  • Key Orion software available online that enabled attackers to study code in order to create methods to hide
  • Exploiting update server easy and highly likely
  • Malicious software communicated via HTTP to third party servers, this is easy for any mature SOC to detect
  • Malicious software has the ability to transfer files, execute files, profile the system, reboot the machine, and disable system services. Again, easy for any mature SOC to detect and should be huge red flags
  • Companies buying from SolarWinds didn’t do comprehensive third party vendor operational security…

Firstly I want to say that I highly recommend https://pwnable.kr/play.php to learn exploit development, the site is full of nice and easy to follow mini-challenges that you can conquer one by one. Best of all you simply ssh so no need to install VMs etc.

I wanted to do a run-through of level 1 for absolute beginners and also those keen to learn about file descriptors.

What are file descriptors?

In Unix and related computer operating systems, a file descriptor (FD, less frequently files) is an abstract indicator (handle) used to access a file or other input/output resource, such as a pipe or network…


Hi everyone, it’s been some time since I last posted but I was just playing IO WARGAME and decided to write some up some solutions in the hope it may help people just starting out.

Firstly, ssh in to the box (password: level1)

ssh level1@io.netgarage.org

Now enter the challenge directory

cd /levels

Now you are here, you’re free to try and run level01, if you do it will ask for a 3 digit passcode.

Enter the 3 digit passcode to enter:

Since I know this box has gdb, I am sure it’s easy to solve there so let’s try. …


As you should know by now, this blog has moved but incase you have missed it, check back to the site daily: https://labs.p64cyber.com

This blog will only post links like below every few days.

Day 83:

What is Modbus? https://labs.p64cyber.com/what-is-modbus/

Day 84:

Linux Privilege Escalation https://labs.p64cyber.com/linux-privilege-escalation/ …

Day 85:

LD_PRELOAD Injection (Load Order Matters, http://AttackDefence.com , Linux Priv. Esc. Intermediate Category) @SecurityTube https://labs.p64cyber.com/ld_preload-injection/ …

Day 86:

Shared Library Injection (Library Chaos 1&2 from https://attackdefense.com/ — Linux Priv. Esc. Intermediate and Hard Categories) https://labs.p64cyber.com/shared-library-injection/ … @SecurityTube


https://labs.p64cyber.com/

Today I am sharing more than one post, the new site, P64. Over time P64 will become the number one online offensive security resource, it was created out of frustration of having hundreds of bookmarks, many open tabs, endless broken links and a lack of consistent ways for displaying information. Inspiration came from GTFOBins, I think it’s a simple yet easy to understand site that does exactly what it needs to and does it well.

It’s still a work in progress but it will be updated not just daily but at every opportunity that I and the few people who…



Have you heard about Hack the Box? I hope so, it’s literally so damn good words can’t express how thankful I am to the creators. If you have not, it’s an online platform to test and advance your skills in penetration testing and cyber security. Awsome.

If you can afford it or work will pay, get the VIP subscription because then you don’t have to deal with nearly half as many pesky resets mid-priv. esc. etc, in fact, mostly none at all as they fill labs nicely and not over pack.

I am about to spend the evening on hackthebox.eu…


I am growing increasingly annoyed at Medium trying to paywall my posts by default, I have a job and don’t care to earn pennies on this so Medium, kindly sod off.

That said, I also have a lot of posts, content and scripts etc which are better suited as a series of posts plus can provide good content/downloads.

Question, should I set up a dedicated site and also invite friends/colleagues to contribute their own posts? I will still post every day, but you also get bonus content.

Should I do this? Yes or No, comment below! Or reply to post.

Z3R0

Security Researcher / 365 Days of PWN

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store