Welcome!
I am a hacker from Hungary, my name is Matek Kamilló (k4m1ll0).
I occasionally perform vulnerability tests, penetration tests, source code reviews, and related work (phishing simulation) for various companies.
In addition to all these tasks, I usually teach practical training on ethical hacking and log analysis to small groups.
I like to create specifically offensive code. My favorite topics are reverse engineering and exploit development.
In most cases, I cannot talk about my work because of confidentiality contracts, except for my public works. I created this page to make these of my works available.
If you need an Ethical Hacker, do not hesitate to contact me.
Contact Information
- Email: k4m1ll0@protonmail.com
- Discord: k4m1ll0
- Hackthebox profile
Certifications
- Hackthebox Pro Lab - Dante (2023)
- OSWE - Offensive Security Web Expert (2021)
- OSCP - Offensive Security Certified Professional (2020)
- OSWP - Offensive Security Wireless Professional (2019)
- KCEH - Etikus Hacker Képzés - Cyber Institute (2018)
My CVE-s and Advisories
| Forcepoint DLP One - Hidden Python Console - Initial access - Redteam | Forcepoint DLP One - Hidden Python Console - Initial access - Redteam |
| Microsoft Shift F10 Bypass + Autopilot privesc | Microsoft Shift F10 Bypass + Autopilot privesc |
| TP-Link TLWR840n euv620 password reset CVE-2021-46122 | TP-Link TLWR840n euv620 password reset CVE-2021-46122 |
| CVE-2022-29402 | TP-Link TLWR840N EU V5 and V6.20 UART shell |
| CVE-2021-41653 | TP-Link TLWR840N EU V5 Remote Code Execution |
| CVE-2021-36697 CVE-2021-36698 | Pandora FMS 755 - Chained Remote Code Execution - HTACCESS |
| CVE-2021-34075 | Pandora FMS 754 - Sensitive info on the client side |
| CVE-2021-35501 CVE-2021-34074 | Pandora FMS 754 XSS - Chained Remote Code Execution |
| CVE-2020-8497 | Pandora FMS 742 File Repository Chat history |
| CVE-2020-7935 | Pandora FMS 742 File Manager + Remote Code Execution 2 |
| CVE-2020-8511 | Pandora FMS 742 File Repository + Remote Code Execution |
| CVE-2020-8500 | Pandora FMS 743 Online/Offline Updater/Extension PHP upload + Remote Code Execution |
| CVE-2019-20050 | Pandora FMS 742 Remote Code Execution File Manager "MimeType" |
| CVE-2019-19968 | Pandora FMS 7.xx multiple XSS vulnerabilities |
| CVE-2019-19681 | Pandora FMS Remote Code Execution (Alert Manager) |
You can support my research with a coffee if you find it interesting:
BTC: bc1qxza23cdutkf4pjujy8yfpqp6rd4w4k3wntpp79
Press
- https://www.fortinet.com/blog/threat-research/manga-aka-dark-mirai-based-campaign-targets-new-tp-link-router-rce-vulnerability
- https://securityaffairs.co/wordpress/125450/malware/dark-mirai-botnet-tp-link.html
- https://www.bleepingcomputer.com/news/security/dark-mirai-botnet-targeting-rce-on-popular-tp-link-router/
- https://www.inforisktoday.com/new-mirai-based-campaign-targets-unpatched-tp-link-router-a-18098?utm_source=LinkedIn&utm_medium=CollateralSM&utm_campaign=editorial_post
- https://portswigger.net/daily-swig/pandora-monitoring-system-pwned-by-chained-vulnerability-exploit
Press (Hungarian)
- https://www.napi.hu/tech/tp-link-router-tech-kiberbunozes-hacker.754001.html
- https://hvg.hu/tudomany/20220609_tp_link_router_sebezhetoseg_felhasznaloi_adatok_vedelme
- https://24.hu/tech/2022/06/09/tp-link-tlwr840n-eu-v6-20-router-serulekenyseg-frissites-kpmg-matek-kamillo/
- https://hvg.hu/tudomany/20211213_tp_link_router_tl_wr840n_sebezhetoseg_hacker_firmware
- https://itbusiness.hu/technology/security_n/serulekeny-egy-nepszeru-lakossagi-wifi-router
- https://24.hu/tech/2021/12/13/tp-link-tl-wr840n-router-serulekenyseg-frissites-manga-dark-kpmg/
- https://virusirto.hu/blogbejegyzesek/2021/12/10/tp-link-routerekbe-bujt-a-dark-mirai-botnet/
- https://itbusiness.hu/technology/security_n/magyar-etikus-hacker-fedezte-fel-a-monitorozo-rendszer-kritikus-serulekenysegeit
- https://www.napi.hu/tech/pandora-matek-kamillo-kpmg-kritikus-serulekenyseg-etikus-hacker.733702.html
- https://biztonsagpiac.hu/magyar-etikus-hacker-talalt-sulyos-9-8-as-erossegu-serulekenyseget/
Hackersuli (Hungarian)
© 2019-2023 Kamilló Matek (k4m1ll0) All Rights Reserved