Based on https://www.synacktiv.com/posts/pentest/looting-symfony-with-eos.html. Symfony is a popular open source PHP framework to create web applications. When configured with development parameters, Symfony exposes a sensitive component: the web profiler. This interface implements debug features to help developers identifying bugs while working on the application. However, as an attacker, multiple pieces of information are available to loot: configuration files, user credentials and even the application source code.
Exposing such features in a production environment is very dangerous and to gather all this intel, Synacktiv recently developed an open source tool named EOS (https://github.com/synacktiv/eos).
In this presentation, I would like to describe the different features provided by the profiler and how EOS exploits them to extract the valuable information.
Matthieu Barjole (Synacktiv)
Security Ninja @ Synacktiv