King's
@kingCrest0
Followers
8
Following
107
Media
21
Statuses
75
Cybersecurity analyst || Aspiring Penetration Tester || lSC2 CC || Tech Studio Academy Alumni
Joined July 2022
Day 22–23/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Owned Metasploitable w/MySQL injection🔥 Used netdiscover→found IP→logged in admin:password→tested 1'→ SQL error→viewed JS source→injected ' OR one equals one in userid→full access Learned error-SQLi
1
0
3
Day 21/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Still on TryHackMe EasyPeasy🔥 Dirbuster → hidden → base64 → echo = FLAG 1. Gobuster 65524 → robots.txt → hash → https://t.co/ULsbSo9dwW cracked FLAG 2! Stego + online hash tools = speedrun! #CyberSec
0
0
1
Day 20/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 @cyberjeremiah Started working on TryHackMe EasyPeasy Scanned all ports w/ nmap, gobuster →hidden dir→ weird pic → dirbuster deeper → FLAG 1 found Learned gobuster wordlists + image stego hints = fast wins
0
0
7
Day 19/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 @cyberjeremiah ROOTED mKingdom🎉 pspy64 → cron → overwrote https://t.co/2eHvVPfRsw w/ rev shell → echo tun0 into /home/mario/mkingdom → python3 web 85 → nc -lvnp 9999 → root! cp root.txt /tmp && cat it.
1
2
6
Day 18/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 @cyberjeremiah Completed HackTheBox Appointment!🎉 Scanned w/ nmap, gobuster → hidden page, reverse-image-searched pic, SQLi login admin'# + dummy pwd. Learned SQL injection basics & image OSINT! #CyberSec
0
1
8
Day 16–17/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Still working on TryHackMe mKingdom🔥 https://t.co/8FPWTJerDI → toad pwd → su toad → base64 note → echo decoded mario pwd → su mario → cp user.txt /tmp && cat it. Learned linpeas & base64! #CyberSec
0
0
6
Day 15/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Completed HackTheBox Redeemer!🎉 Scanned w/ nmap -T4 -sV -p- <IP>, connected via redis-cli -h <IP>, used info, keys *, & get flag to open flag. Learned Redis enumeration & unauthenticated access! #CyberSec
0
0
2
Day 14/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 @cyberjeremiah Completed HackTheBox Dancing!🎉 In SMB share, cd james.J, ls → flag.txt, used get flag.txt to download, then cat flag.txt. Learned null session access & SMB file exfiltration! #CyberSec
0
2
9
Day 13/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Tackled HackTheBox Dancing (SMB)!🔥 Scanned IP with nmap, used smbclient -L <IP> to list shares, & accessed workshares anonymously via smbclient \\\\<IP>\\workshares. Ran ls → found Amy.J & james.J! #CyberSec
1
2
7
Day 12/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Completed HackTheBox Meow!🎉 After telnet login as root, used whoami to confirm user, ls to find flag.txt, & cat flag.txt to read the flag. Learned open telnet + default creds = instant root access #CyberSec
1
0
4
I would prefer to patronize an organization that has been breached but demonstrated transparency, accountability, and improved security afterward, rather than one that has never been breached but hides behind the illusion of safety.
Day 27/31 The Vault’s Silent Raid (LastPass, 2022) In 2022, attackers gained access to LastPass’s development environment through a compromised developer account, stealing portions of source code and internal technical information. Few months later, the attackers used the
0
1
4
Day 11/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Working on HackTheBox Meow!🔥 Scanned IP with nmap, logged in via telnet (telnet 10.129.136.139) using root as username & password. Learned telnet basics & default cred risks. Hunting for the flag! #CyberSec
1
2
12
Day 10/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Completed HackTheBox Fawn🎉 Used ftp -? to check FTP, logged in anonymously with ftp -a, listed files with ls (flag.txt), downloaded with get flag.txt, & viewed it with cat flag.txt from downloads. #CyberSec
1
1
9
Day 9/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Completed HackTheBox Cap🎉 Scanned ports w/ nmap, got data via HTTP (/data/0). Used Wireshark for FTP creds, SSH’d as nathan, found python3 vuln w/ https://t.co/8FPWTJerDI, & got root via gtfobins! #CyberSec
1
0
5
Day 8/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Still on TryHackMe MKingdom🔥 Scanned ports w/ nmap, found app w/ gobuster, logged in (admin:pwd). Added php extension, uploaded reverse shell, set listener (nc -nlvp 2222), & opened shell in new tab. #CyberSec
0
0
9
Day 7/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Started TryHackMe mKingdom today🔥🔥 Scanned all ports w/ nmap, brute-forced URLs w/ gobuster to find app. Logged in as admin:password, accessed systems & settings, checked file types. More to come! #CyberSec
0
1
6
Day 6/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Done w/ TryHackMe Vulnversity🎉 Scanned ports w/ nmap, found hidden dir w/ gobuster, got username w/ enum4linux, cracked pwd w/ hydra, https://t.co/8FPWTJerDI for SUID (systemctl) Uploaded php shell & got roots
2
0
11
Day 5/100 #100DaysOfCyberSecurity @ireteeh @segoslavia @damnsec1 Completed TryHackMe Basic Pentesting. Used nmap to scan ports, gobuster for hidden dir, enum4linux for username, hydra for pwd, & cracked SSH key pwd (beeswax) with john after https://t.co/8FPWTJeZtg scan.
0
2
6
Day 4/100 #100DaysOfCyberSecurity
@ireteeh @segoslavia @cyberjeremiah Today. I learned how to get a reverse shell from a web server with file upload vulnerability on TryHackMe machine. please is for educational purpose only. #TryHackME #Reverseshell #infosec
0
0
5
Day 3/100 #100DaysOfCyberSecurity
@ireteeh @segoslavia @cyberjeremiah Today, i focused on utilizing Gobuster on Tryhackme machine, a powerful tool for directory and file enumeration on web servers. please is for educational purposes only. #Tryhackme #Gobuster #infosec
0
0
5