PocketPentester/vuln-lab/web/www/admin/config.php

<?php
// Fake admin config — leaks secrets for scanner fodder.
header("Content-Type: text/plain");
echo "APP_ENV=production\nDB_HOST=db\nDB_USER=root\nDB_PASS=toor\nJWT_SECRET=secret\nSTRIPE_SECRET=sk_live_newploit_test\n";