Apache 2.4.41
tcp/443
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e073e478b913e478b913e478b913e478b913e478b91
Symfony profiler enabled: https://54.217.226.7/_profiler/empty/search/results
The application has Symfony profiling enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 407cf4363b0e62fafca67e0768f6b1d068f6b1d068f6b1d068f6b1d068f6b1d0
Symfony profiler enabled: http://54.217.226.7/_profiler/empty/search/results
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: high
Fingerprint: 2580fa947e78dd08e645819ded03389a5bb908cee76417170e83f28b3c170ecf
HTTP/1.1 200 OK Date: Sat, 06 May 2023 10:57:41 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 1170 Connection: close Content-Type: text/html;charset=UTF-8 Page title: Index of / <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"> <html> <head> <title>Index of /</title> </head> <body> <h1>Index of /</h1> <table> <tr><th valign="top"><img src="/icons/blank.gif" alt="[ICO]"></th><th><a href="?C=N;O=D">Name</a></th><th><a href="?C=M;O=A">Last modified</a></th><th><a href="?C=S;O=A">Size</a></th><th><a href="?C=D;O=A">Description</a></th></tr> <tr><th colspan="5"><hr></th></tr> <tr><td valign="top"><img src="/icons/unknown.gif" alt="[ ]"></td><td><a href="environment.php">environment.php</a></td><td align="right">2022-12-14 08:24 </td><td align="right">788 </td><td> </td></tr> <tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="prueba/">prueba/</a></td><td align="right">2023-03-08 07:04 </td><td align="right"> - </td><td> </td></tr> <tr><td valign="top"><img src="/icons/folder.gif" alt="[DIR]"></td><td><a href="reservadesalas/">reservadesalas/</a></td><td align="right">2023-01-18 07:59 </td><td align="right"> - </td><td> </td></tr> <tr><th colspan="5"><hr></th></tr> </table> <address>Apache/2.4.41 (Ubuntu) Server at 54.217.226.7 Port 443</address> </body></html> [core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = ssh://git@83.173.141.241/~/proyectos/migracion.fcc.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522ad41992d
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = ssh://git@83.173.141.241/~/proyectos/migracion.fcc.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
The following URL (usually /.git/config
) is publicly accessible and is leaking source code and repository configuration.
Severity: high
Fingerprint: 2580fa947178c88602b1737db148c044b81b03713d63bb82370a6522ad41992d
[core] repositoryformatversion = 0 filemode = true bare = false logallrefupdates = true [remote "origin"] url = ssh://git@83.173.141.241/~/proyectos/migracion.fcc.git fetch = +refs/heads/*:refs/remotes/origin/* [branch "master"] remote = origin merge = refs/heads/master
Open service 54.217.226.7:443
2024-06-19 20:30
HTTP/1.1 301 Moved Permanently Date: Wed, 19 Jun 2024 20:30:20 GMT Server: Apache/2.4.41 (Ubuntu) X-Debug-Token: 62de42 X-Debug-Token-Link: https://54.217.226.7/_profiler/62de42 X-Robots-Tag: noindex Set-Cookie: sf_redirect=%7B%22token%22%3A%2262de42%22%2C%22route%22%3A%22root%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22Symfony%5C%5CBundle%5C%5CFrameworkBundle%5C%5CController%5C%5CRedirectController%22%2C%22method%22%3A%22redirectAction%22%2C%22file%22%3A%22%5C%2Fserver%5C%2Fwww%5C%2Fhtml%5C%2Fdirectoriodenegocios.jig.es%5C%2Fhttpdocs%5C%2Fdirectorio_negocios%5C%2Fvendor%5C%2Fsymfony%5C%2Fframework-bundle%5C%2FController%5C%2FRedirectController.php%22%2C%22line%22%3A57%7D%2C%22status_code%22%3A301%2C%22status_text%22%3A%22Moved%20Permanently%22%7D; path=/; secure; httponly; samesite=lax Location: https://54.217.226.7/admin Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Page title: Redirecting to https://54.217.226.7/admin <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://54.217.226.7/admin'" /> <title>Redirecting to https://54.217.226.7/admin</title> </head> <body> Redirecting to <a href="https://54.217.226.7/admin">https://54.217.226.7/admin</a>. </body> </html>
Open service 54.217.226.7:443
2024-06-17 20:20
HTTP/1.1 301 Moved Permanently Date: Mon, 17 Jun 2024 20:20:19 GMT Server: Apache/2.4.41 (Ubuntu) X-Debug-Token: 891346 X-Debug-Token-Link: https://54.217.226.7/_profiler/891346 X-Robots-Tag: noindex Set-Cookie: sf_redirect=%7B%22token%22%3A%22891346%22%2C%22route%22%3A%22root%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22Symfony%5C%5CBundle%5C%5CFrameworkBundle%5C%5CController%5C%5CRedirectController%22%2C%22method%22%3A%22redirectAction%22%2C%22file%22%3A%22%5C%2Fserver%5C%2Fwww%5C%2Fhtml%5C%2Fdirectoriodenegocios.jig.es%5C%2Fhttpdocs%5C%2Fdirectorio_negocios%5C%2Fvendor%5C%2Fsymfony%5C%2Fframework-bundle%5C%2FController%5C%2FRedirectController.php%22%2C%22line%22%3A57%7D%2C%22status_code%22%3A301%2C%22status_text%22%3A%22Moved%20Permanently%22%7D; path=/; secure; httponly; samesite=lax Location: https://54.217.226.7/admin Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Page title: Redirecting to https://54.217.226.7/admin <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://54.217.226.7/admin'" /> <title>Redirecting to https://54.217.226.7/admin</title> </head> <body> Redirecting to <a href="https://54.217.226.7/admin">https://54.217.226.7/admin</a>. </body> </html>
Open service 54.217.226.7:443
2024-06-15 01:23
HTTP/1.1 301 Moved Permanently Date: Sat, 15 Jun 2024 01:23:19 GMT Server: Apache/2.4.41 (Ubuntu) X-Debug-Token: 33f806 X-Debug-Token-Link: https://54.217.226.7/_profiler/33f806 X-Robots-Tag: noindex Set-Cookie: sf_redirect=%7B%22token%22%3A%2233f806%22%2C%22route%22%3A%22root%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22Symfony%5C%5CBundle%5C%5CFrameworkBundle%5C%5CController%5C%5CRedirectController%22%2C%22method%22%3A%22redirectAction%22%2C%22file%22%3A%22%5C%2Fserver%5C%2Fwww%5C%2Fhtml%5C%2Fdirectoriodenegocios.jig.es%5C%2Fhttpdocs%5C%2Fdirectorio_negocios%5C%2Fvendor%5C%2Fsymfony%5C%2Fframework-bundle%5C%2FController%5C%2FRedirectController.php%22%2C%22line%22%3A57%7D%2C%22status_code%22%3A301%2C%22status_text%22%3A%22Moved%20Permanently%22%7D; path=/; secure; httponly; samesite=lax Location: https://54.217.226.7/admin Connection: close Transfer-Encoding: chunked Content-Type: text/html; charset=UTF-8 Page title: Redirecting to https://54.217.226.7/admin <!DOCTYPE html> <html> <head> <meta charset="UTF-8" /> <meta http-equiv="refresh" content="0;url='https://54.217.226.7/admin'" /> <title>Redirecting to https://54.217.226.7/admin</title> </head> <body> Redirecting to <a href="https://54.217.226.7/admin">https://54.217.226.7/admin</a>. </body> </html>