当前位置:网站首页>Attack and defense world web advanced area unserialize3

Attack and defense world web advanced area unserialize3

2022-07-02 09:44:00 hangshao0.0

subject

Insert picture description here

Related content

In fact, a deserialization article has been recorded before .

PHP Deserialization -(web_php_unserialize)

The topic of deserialization , It's more complicated than this .

Since I haven't practiced for a long time , And I saw this in the offensive and defensive world unserialize3 The subject of , Just review deserialization .

The problem solving steps

First new An object , And then serialize it , The code is as follows :
Insert picture description here

The result of serialization is as follows :

Insert picture description here
"xctf":1: There is only one attribute in the serialized object , If the string to be deserialized , The number of attributes does not conform to the actual , be __wakeup() invalid .

therefore , take "xctf":1: Change it to "xctf":2: Bypass __wakeup() .

The results of parameter transmission are as follows :

Insert picture description here

原网站

版权声明
本文为[hangshao0.0]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/183/202207020624336290.html

边栏推荐

猜你喜欢

随机推荐