Detect Symfony Profiler enabled

What is the "Detect Symfony Profiler enabled?" module?

The "Detect Symfony Profiler enabled" module is designed to identify whether the Symfony profiler is enabled in a Symfony application. The Symfony profiler is a debugging tool that provides detailed information about the inner workings of a Symfony application. This module focuses on detecting the presence of the Symfony profiler and does not perform any modifications or actions on the application.

This module has a severity level of high, indicating that the presence of the Symfony profiler can potentially lead to security vulnerabilities or expose sensitive information.

Impact

If the Symfony profiler is enabled without proper security measures, it can expose sensitive information about the application, including database queries, request parameters, and server environment variables. This information can be valuable to attackers and may aid them in identifying potential vulnerabilities or exploiting the application.

How the module works?

The "Detect Symfony Profiler enabled" module works by sending HTTP requests to specific endpoints commonly associated with the Symfony profiler. It checks the response body for specific keywords, such as "<title>Symfony Profiler</title>" and "symfony/profiler/". If these keywords are found in the response body, it indicates that the Symfony profiler is enabled.

Here is an example of an HTTP request sent by this module:

GET /_profiler/empty/search/results?limit=10

The module also includes global matching conditions that apply to all HTTP requests. These conditions check the response body for the same keywords mentioned above.

By detecting the presence of the Symfony profiler, this module helps identify potential misconfigurations or security risks in Symfony applications.