CVE-2021-25275

SolarWinds Orion Platform before 2020.2.4, as used by various SolarWinds products, installs and uses a SQL Server backend, and stores database credentials to access this backend in a file readable by unprivileged users. As a result, any user having access to the filesystem can read database login...

Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility

Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/ Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================================ | Collecting RabbitMQ...