In this challenge, we are given a PHP file with contents as shown below:
Challenge is running at: nc 35.242.207.13 1
So, we need to craft an input and send it in order to retrieve the flag.
Observations:
1. Our input will be unserialized.
2. There is a Class called "B" with a __destruct() method.
3. The __destruct() method will echo $flag.
4. $flag contains the contents of the file called flag.
We can send the serialized input as shown below to retrieve the flag:
Flag is: 35C3_php_is_fun_php_is_fun
c0d3inj3cT
Challenge is running at: nc 35.242.207.13 1
So, we need to craft an input and send it in order to retrieve the flag.
Observations:
1. Our input will be unserialized.
2. There is a Class called "B" with a __destruct() method.
3. The __destruct() method will echo $flag.
4. $flag contains the contents of the file called flag.
We can send the serialized input as shown below to retrieve the flag:
Flag is: 35C3_php_is_fun_php_is_fun
c0d3inj3cT
No comments:
Post a comment