Update PHP.md

Fixed the payload (was not working because guess is size 5 instead of 4. Changed the name of Object to ObjectExample because Object class name is reserved
2024-12-18 10:26:09 +00:00 · 2022-11-26 14:28:06 +01:00 · 2022-11-26 14:28:06 +01:00 · f8ab0ca3bb
commit f8ab0ca3bb
parent cbb2137f3b
1 changed files with 2 additions and 2 deletions
--- a/Deserialization/PHP.md
+++ b/Deserialization/PHP.md
@ -88,7 +88,7 @@ Vulnerable code:

 ```php
 <?php
-class Object
+class ObjectExample
 {
  var $guess;
  var $secretCode;
@ -108,7 +108,7 @@ if($obj) {
 Payload:

 ```php
-O:6:"Object":2:{s:10:"secretCode";N;s:4:"guess";R:2;}
+O:13:"ObjectExample":2:{s:10:"secretCode";N;s:5:"guess";R:2;}
 ```

 We can do an array like this: