<?php class Foo { private function __construct() { } public function bar() { echo 'Never gonna give you up' . PHP_EOL; } } $hijacked = 'O:3:"Foo":0:{}'; $instantiated = unserialize($hijacked); $instantiated->bar(); var_dump($instantiated);
You have javascript disabled. You will not be able to edit any code.