Apache
tcp/80
The application has Symfony verbose mode enabled.
It enables an attacker to access the following sensitive content :
Fingerprint: 05ab011344cbe668eba81e5245cdb838b5e18901187e63d6fe8b81c01d7dbf6b
app_ssl_modules: - { module: default } app_ssl_strict: false host_src: ikkatsu-satei.com: { '': fab_ikkatsu-satei, /indexb.php: fab_ikkatsu-satei_lpb, /indexc.php: fab_ikkatsu-satei_lpc, /indexd.php: fab_ikkatsu-satei_lpd, /indexe.php: fab_ikkatsu-satei_lpe, /shauru.php: fab_shauru } auth.ikkatsu-satei.com: { '': fab_ikkatsu-satei_auth } car-howmuch.co: { '': fab_car-howmuch } ichiban-satei.com: { '': fab_ichiban-satei } sf_admin_module_web_dir: /sfPropelPlugin sf_admin_web_dir: /sf/sf_admin sf_app: frontend sf_app_base_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend sf_app_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev sf_app_config_dir: /usr/local/webapp/kaitori.new/apps/frontend/config sf_app_dir: /usr/local/webapp/kaitori.new/apps/frontend sf_app_i18n_dir: /usr/local/webapp/kaitori.new/apps/frontend/i18n sf_app_lib_dir: /usr/local/webapp/kaitori.new/apps/frontend/lib sf_app_module_dir: /usr/local/webapp/kaitori.new/apps/frontend/modules sf_app_template_dir: /usr/local/webapp/kaitori.new/apps/frontend/templates sf_apps_dir: /usr/local/webapp/kaitori.new/apps sf_cache: false sf_cache_dir: /usr/local/webapp/kaitori.new/cache sf_calendar_web_dir: /sf/calendar sf_carview_api_url: 'https://www.kurumaerabi.com/api/kaitori/carview.php' sf_charset: utf-8 sf_check_lock: false sf_check_symfony_version: false sf_compat_10: true sf_compressed: false sf_config_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev/config sf_config_dir: /usr/local/webapp/kaitori.new/config sf_csrf_secret: false sf_data_dir: /usr/local/webapp/kaitori.new/data sf_debug: true sf_default_culture: en sf_default_maildomain: ikkatsu-satei.com sf_doc_dir: /usr/local/webapp/kaitori.new/doc sf_enabled_modules: - default sf_envid: kap sf_environment: dev sf_error_404_action: error404 sf_error_404_module: default sf_error_reporting: 32767 sf_escaping_method: ESC_SPECIALCHARS sf_escaping_strategy: false sf_etag: false sf_i18n: false sf_i18n_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev/i18n sf_inquiry_to: inquiry@media4u.co.jp sf_lazy_cache_key: true sf_lib_dir: /usr/local/webapp/kaitori.new/lib sf_log_dir: /usr/local/webapp/kaitori.new/log sf_logging_enabled: true sf_login_action: login sf_login_module: default sf_mail_from: oshirase@ikkatu-satei.com sf_mail_from_name: null sf_mail_noreturn: no-return@ikkatsu-satei.com sf_max_forwards: 5 sf_module_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev/modules sf_module_disabled_action: disabled sf_module_disabled_module: default sf_no_script_name: false sf_notify_to: m-isoto@media4u.co.jp sf_orm: propel sf_pin_expire_minutes: 30 sf_plugins_dir: /usr/local/webapp/kaitori.new/plugins sf_prototype_web_dir: /sfProtoculousPlugin sf_remember_key: KaitoriProdRememberMe sf_rich_text_js_dir: js/tiny_mce sf_root_dir: /usr/local/webapp/kaitori.new sf_secure_action: secure sf_secure_module: default sf_server_environment: PRO sf_server_mailhost: ikkatsu-satei.com sf_sms_auth_api_check: 'https://sms-auth.fabrica-com.co.jp/api/v1/sms_code_check' sf_sms_auth_api_request: 'https://sms-auth.fabrica-com.co.jp/api/v1/sms_code_request' sf_sms_auth_password: 7mhzKjwuzeKuh2ya sf_sms_auth_username: ikkatsusatei sf_smtp_auth: false sf_smtp_host: ikkatsu-satei.com sf_smtp_port: 25 sf_standard_helpers: - Partial - Cache - Form sf_strip_comments: true sf_symfony_lib_dir: /usr/share/pear/symfony sf_template_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev/template sf_test_cache_dir: /usr/local/webapp/kaitori.new/cache/frontend/dev/test sf_test_dir: /usr/local/webapp/kaitori.new/test sf_timeout: 1800 sf_upload_dir: /usr/local/webapp/kaitori.new/web/uploads sf_use_database: true sf_validation_error_class: form_error sf_validation_error_id_prefix: error_for_ sf_validation_error_prefix: ' ↓ ' sf_validation_error_suffix: ' ↓' sf_web_debug: true sf_web_debug_web_dir: /sf/sf_web_debug sf_web_dir: /usr/local/webapp/kaitori.new/web
Open service 54.65.196.166:80
2024-05-24 11:34
HTTP/1.1 403 Forbidden Date: Fri, 24 May 2024 11:34:39 GMT Server: Apache Accept-Ranges: bytes Content-Length: 4954 Connection: close Content-Type: text/html; charset=UTF-8 Page title: Apache HTTP Server Test Page powered by CentOS <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <head> <title>Apache HTTP Server Test Page powered by CentOS</title> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <style type="text/css"> body { background-color: #fff; color: #000; font-size: 0.9em; font-family: sans-serif,helvetica; margin: 0; padding: 0; } :link { color: #0000FF; } :visited { color: #0000FF; } a:hover { color: #3399FF; } h1 { text-align: center; margin: 0; padding: 0.6em 2em 0.4em; background-color: #3399FF; color: #ffffff; font-weight: normal; font-size: 1.75em; border-bottom: 2px solid #000; } h1 strong { font-weight: bold; } h2 { font-size: 1.1em; font-weight: bold; } .content { padding: 1em 5em; } .content-columns { /* Setting relative positioning allows for absolute positioning for sub-classes */ position: relative; padding-top: 1em; } .content-column-left { /* Value for IE/Win; will be overwritten for other browsers */ width: 47%; padding-right: 3%; float: left; padding-bottom: 2em; } .content-column-right { /* Values for IE/Win; will be overwritten for other browsers */ width: 47%; padding-left: 3%; float: left; padding-bottom: 2em; } .content-columns>.content-column-left, .content-columns>.content-column-right { /* Non-IE/Win */ } img { border: 2px solid #fff; padding: 2px; margin: 2px; } a:hover img { border: 2px solid #3399FF; } </style> </head> <body> <h1>Apache 2 Test Page<br><font size="-1"><strong>powered by</font> CentOS</strong></h1> <div class="content"> <div class="content-middle"> <p>This page is used to test the proper operation of the Apache HTTP server after it has been installed. If you can read this page it means that the Apache HTTP server installed at this site is working properly.</p> </div> <hr /> <div class="content-columns"> <div class="content-column-left"> <h2>If you are a member of the general public:</h2> <p>The fact that you are seeing this page indicates that the website you just visited is either experiencing problems or is undergoing routine maintenance.</p> <p>If you would like to let the administrators of this website know that you've seen this page instead of the page you expected, you should send them e-mail. In general, mail sent to the name "webmaster" and directed to the website's domain should reach the appropriate person.</p> <p>For example, if you experienced problems while visiting www.example.com, you should send e-mail to "webmaster@example.com".</p> </div> <div class="content-column-right"> <h2>If you are the website administrator:</h2> <p>You may now add content to the directory <tt>/var/www/html/</tt>. Note that until you do so, people visiting your website will see this page and not your content. To prevent this page from ever being used, follow the instructions in the file <tt>/etc/httpd/conf.d/welcome.conf</tt>.</p> <p>You are free to use the images below on Apache and CentOS Linux powered HTTP servers. Thanks for using Apache and CentOS!</p> <p><a href="http://httpd.apache.org/"><img src="/icons/apache_pb.gif" alt="[ Powered by Apache ]"/></a> <a href="http://www.centos.org/"><img src="/icons/poweredby.png" alt="[ Powered by CentOS Linux ]" width="88" height="31" /></a></p> </div> </div> </div> <div class="content"> <div class="content-middle"><h2>About CentOS:</h2><b>The Community ENTerprise Operating System</b> (CentOS) Linux is a community-supported enterprise distribution derived from sources freely provided to the public by Red Hat. As such, CentOS Linux aims to be functionally compatible with Red Hat Enterprise Linux. The CentOS Project is the organization that builds CentOS. We mainly change packages to remove upstream vendor branding and artwork.</