One such example is the Symfony PHP framework, where appending `/app_dev.php/_profiler/open?file=app/config/parameters.yml` to the target URL may reveal database credentials, API keys, and other critical data.
Now, browse any page of your application in the development environment to let the profiler collect information. Then, click on any element of the debug toolbar injected at the bottom of your pages to open the web interface of the Symfony Profiler, which will look like this:
By fuzzing endpoints like `/app_dev.php` and /app_dev.php/_profiler, you can uncover sensitive information such as profiler tokens, database credentials, and server configurations.
Now open dirsearch and scan your website example.com. I have found an interesting file which is ” app_dev.php “. Note: Dirsearch is an advanced tool, it allows hackers to perform a complex web directories discovery, with a customized wordlist, impressive performance, speed, high accuracy, advanced correction, and modern brute-force techniques with relevant outputs.
The WebProfilerBundle is a development tool that provides detailed technical information about each request execution and displays it in both the web debug toolbar and the profiler. All these options are configured under the web_profiler key in your application configuration.
I would like to know if there is any way for a call to the api in dev mode (app_dev.php) from the browser (corresponding to a Accept: text/html,application/xhtml+xml header) to display the response in the “specified format”, wrapped in html with the profiler provided by symfony. It would allow to debug calls to the api directly in the browser.
Now i start directory enumeration using Dirsearch and found an interesting file which is ” app_dev.php “. It indicates there might be Debug mode is enabled for Symfony web framework.
The symfony web profiler component exposes sensitive information of the web application that attackers can abuse. Then why do developers enable Debug Component? The Debug component provides tools to ease debugging PHP code. It offers several tools to help debugging PHP code. This component helps developer a lot in the development stage.
Im using Symfony2 (const version=”2.5.10″) and using xampp with PHP version 5.5.19. I got a problem that in my dev environment the profiler didn’t show up.What could be the problem?
Introduction CVE-2024-50340 is a critical vulnerability (CVSS: 7.3) affecting Symfony applications when the PHP directive register_argc_argv is enabled. By appending ?+–env=dev to a URL, attackers can force the application into the dev environment, granting remote access to the Symfony profiler.