About

I have over 15 years experience in information technology and security. Experienced in network, wireless, and web application penetration testing, vulnerability management, networking, firewalls, AAA, Active Directory, application and server virtualization… I’ve worked with most of the enterprise IT stack over my career. My certifications: GXPN, OSCP, OSWP, Security+, CCNA (Expired), CCA

I’m a retired Navy Aviation Electrician, and have worked on P-3 Orion aircraft as well as various models of H-60 helo’s. I started out as an Undesignated Airman, and once I decided on becoming an Aviation Electrician, I worked in the AE shop during my spare time and learned electronics by reading the Navy Electricity and Electronics Training Series (NEETS) guides. One of my best attributes is the ability to pick up a book, (or these days use my google-fu) and figure out how to get things done.

In my spare time I enjoy learning and doing infosec labs, riding my Harley and being outdoors with my beautiful wife.

My favorite quote is from H.D. Moore: “If you don’t think you’re a n00b, you’re not trying hard enough.”

The one thing that had the greatest affect on my success is “interest vs. committment”. If you’re interested in doing something, you’ll most likely fail unless your goals are really easy and insignificant. To acheive your goals and change your life you must be committed. When you’re committed, you don’t make nor accept excuses. If you goal is to lose 20 pounds and you say that you’re going to wake up early and exercise, you don’t hit the snooze button when your alarm goes off, or try to justify to yourself why it’s ok to eat just this one junkfood snack. If your goal is to earn an infsec certification or learn a skill but you’re too tired to study or lab at night because of long working hours or family committments, set your alarm to wake up early.

Contact info:

Email: sdcampbell68 at live dot com

LinkedIn Profile

GitHub

CVE’s/Vulnerabilities Discovered:

CVE-2019-5648/R7-2019-39 (8.7 High) LDAP bind credential exposure in Barracuda Email Security Gateway, Web Application Firewall. https://blog.rapid7.com/2020/03/05/r7-2019-39-cve-2019-5648-ldap-credential-exposure-in-barracuda-load-balancer-adc-fixed/

CVE-2018-5550 (6.1 Medium) Epson AirPrint XSS

CVE-2016-10108 (9.8 Critical) Western Digital MyCloud Remote Command Injection

CVE-2016-10107 (9.8 Critical) Western Digital MyCloud Remote Command Injection.

Insecure Direct Object Reference (IDOR) - www.navycollege.navy.mil, 2005. Steven identified an IDOR vulnerability which exposed the PII of Navy and Marine Corps personnel to the Internet.