Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Symfony Profiler

By kannthu

High
Vidoc logoVidoc Module
#config#exposure#symfony
Description

Symfony Profiler Module

What is the Symfony Profiler?

The Symfony Profiler module is designed to detect misconfigurations and vulnerabilities related to the Symfony Profiler software. It is a high severity module that helps identify potential security issues in Symfony applications.

This module was authored by pdteam.

Impact

The Symfony Profiler module scans for misconfigurations and vulnerabilities in the Symfony Profiler software. If any issues are found, it could potentially expose sensitive information or allow unauthorized access to the application.

How the module works?

The Symfony Profiler module works by sending HTTP requests to specific endpoints related to the Symfony Profiler. It checks the response body for the presence of the "Symfony Profiler" keyword. If the keyword is found, it indicates that the Symfony Profiler is enabled and accessible.

Example HTTP request:

GET /_profiler/empty/search/results?limit=10

The module uses a matching condition that checks if the response body contains the keyword "Symfony Profiler". If the condition is met, the module reports a potential vulnerability or misconfiguration.

Note: The Symfony Profiler module is a part of the Vidoc platform, which uses multiple modules to perform scanning and testing for various security issues.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/_profiler/empty/sea.../app_dev.php/_profil...
Matching conditions
word: Symfony Profiler
Passive global matcher
No matching conditions.
On match action
Report vulnerability