nuclei-templates/http/misconfiguration/symfony-debug.yaml

id: symfony-debug

info:
  name: Symfony Debug Mode
  author: organiccrap,pdteam
  severity: high
  description: A Symfony installations 'debug' interface is enabled, allowing the disclosure and possible execution of arbitrary code.
  reference:
    - https://github.com/synacktiv/eos
  classification:
    cpe: cpe:2.3:a:sensiolabs:symfony:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 4
    vendor: sensiolabs
    product: symfony
    shodan-query: http.html:"symfony Profiler"
  tags: symfony,debug,misconfig

http:
  - method: GET
    path:
      - '{{BaseURL}}'
      - "{{BaseURL}}/admin_dev.php"
      - "{{BaseURL}}/index_dev.php"
      - "{{BaseURL}}/app_dev.php"

    stop-at-first-match: true

    matchers-condition: or
    matchers:
      - type: word
        part: header
        words:
          - 'x-debug-token-link:'
          - '/_profiler/'
        condition: and
        case-insensitive: true

      - type: word
        part: body
        words:
          - 'debug mode</a> is enabled.'
          - 'id="sfWebDebugSymfony"'
        condition: or
# digest: 4a0a0047304502204479127459ede9475e2f0a9f65b61583c0c6899a4571cc840785a332244a3e55022100deb211ec358f37dbf7c1c10eb00b30936ae18be2f2d90a82ca1cda59356c084f:922c64590222798bb761d5b6d8e72950
symfony template update 2022-08-03 11:01:52 +00:00			`id: symfony-debug`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00
updates 2020-07-02 13:53:41 +00:00			`info:`
			`name: Symfony Debug Mode`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00			`author: organiccrap,pdteam`
updates 2020-07-02 13:53:41 +00:00			`severity: high`
Dashboard Content Enhancements (#4157) * Enhancement: exposures/files/joomla-file-listing.yaml by cs * Enhancement: cves/2019/CVE-2019-5418.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2021/CVE-2021-20091.yaml by mp * Enhancement: cves/2021/CVE-2021-20092.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: cves/2017/CVE-2017-9833.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: misconfiguration/symfony-debugmode.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: cves/2021/CVE-2021-31682.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Relocating to CVE folder * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-2628.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2019/CVE-2019-2588.yaml by mp * Enhancement: cves/2021/CVE-2021-31755.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Syntax corrections Added some cve-id fields Removed duplicate dashboard comments * Tag typo Co-authored-by: sullo <sullo@cirt.net> 2022-04-15 16:39:44 +00:00			`description: A Symfony installations 'debug' interface is enabled, allowing the disclosure and possible execution of arbitrary code.`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://github.com/synacktiv/eos`
Fix classification Fix classification 2024-09-10 09:08:16 +00:00			`classification:`
			`cpe: cpe:2.3:a:sensiolabs:symfony::::::::`
Update symfony-debug.yaml 2022-08-03 11:27:34 +00:00			`metadata:`
			`verified: true`
Symfony debug improvements 2023-12-29 11:06:03 +00:00			`max-request: 4`
Add missing cpes Added missing cpes 2024-09-10 08:22:50 +00:00			`vendor: sensiolabs`
Fix classification Fix classification 2024-09-10 09:08:16 +00:00			`product: symfony`
			`shodan-query: http.html:"symfony Profiler"`
add misconfig tag to templates in http/misconfiguration 2023-06-02 23:20:49 +00:00			`tags: symfony,debug,misconfig`
adding tags to misconfiguration 2021-03-12 08:57:14 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
updates 2020-07-02 13:53:41 +00:00			`- method: GET`
			`path:`
BaseURL updates 2021-01-14 14:41:56 +00:00			`- '{{BaseURL}}'`
Symfony debug improvements 2023-12-29 11:06:03 +00:00			`- "{{BaseURL}}/admin_dev.php"`
			`- "{{BaseURL}}/index_dev.php"`
			`- "{{BaseURL}}/app_dev.php"`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00
Symfony debug improvements 2023-12-29 11:10:07 +00:00			`stop-at-first-match: true`
Fix classification Fix classification 2024-09-10 09:08:16 +00:00
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00			`matchers-condition: or`
updates 2020-07-02 13:53:41 +00:00			`matchers:`
			`- type: word`
symfony template update 2022-08-03 11:01:52 +00:00			`part: header`
updates 2020-07-02 13:53:41 +00:00			`words:`
symfony template update 2022-08-03 11:01:52 +00:00			`- 'x-debug-token-link:'`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00			`- '/_profiler/'`
updates 2020-07-02 13:53:41 +00:00			`condition: and`
symfony template update 2022-08-03 11:01:52 +00:00			`case-insensitive: true`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00
			`- type: word`
symfony template update 2022-08-03 11:01:52 +00:00			`part: body`
Additional matcher for Symfony debug mode 2021-07-26 11:51:46 +00:00			`words:`
			`- 'debug mode</a> is enabled.'`
Symfony debug improvements 2023-12-29 11:06:03 +00:00			`- 'id="sfWebDebugSymfony"'`
Update symfony-debug.yaml 2024-01-02 06:22:35 +00:00			`condition: or`
chore: sign templates 🤖 2024-09-12 05:14:01 +00:00			`# digest: 4a0a0047304502204479127459ede9475e2f0a9f65b61583c0c6899a4571cc840785a332244a3e55022100deb211ec358f37dbf7c1c10eb00b30936ae18be2f2d90a82ca1cda59356c084f:922c64590222798bb761d5b6d8e72950`