Official discussion thread for TornadoService. Please do not post any spoilers or big hints.
For anyone coming here stuck, you’re probly on the right cors, keep it ‘simple’ (think about what OPTIONS the server allows and doesn’t). And don’t go down exsessive rabbit holes!
Feel free to DM for nudges.
@floak Could you please provide a hint? I am stuck. I have tried SSTI, directory traversal on GET and POST methods, and encoded payloads as well on /get_tornados and /update_tornado.
Without any luck, any help would be appreciated.
Review the source code, and files. Pay attn to how the application works, and what Calls are made. Standard get and post Requests wont work For you in this case.
DM for nudges
hey!I totally agree with you; don’t fall into traps and keep it simple.Often the simplest options are the best, and overanalyzing can just create confusion.its also importan to pay atention to what methods are alowed by the server.
hey!I totally agree with you; don’t fall into traps and keep it simple.Often the simplest options are the best, and overanalyzing can just create confusion.its also importan to pay atention to what methods are alowed by the server.
hey you bro, can help me a little bit, i am really lost!
hello bro, can you give me a little help?
Sure, how far did you get?
report_tornado redirect to update_tornado、bypass pna
Hi
I have success exploit on local but when switch to remote it doesn’t work
It still reach my server but i don’t know but the payload didn’t execute
Could you hint me on this ?