From f8ab0ca3bb67fbac4a72854701bfddd8a70fb255 Mon Sep 17 00:00:00 2001
From: romisfrag <romisfrag@gmail.com>
Date: Sat, 26 Nov 2022 14:28:06 +0100
Subject: [PATCH] Update PHP.md

Fixed the payload (was not working because guess is size 5 instead of 4.
Changed the name of Object to ObjectExample because Object class name is reserved
---
 Insecure Deserialization/PHP.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Insecure Deserialization/PHP.md b/Insecure Deserialization/PHP.md
index f6a39f9..87083c6 100644
--- a/Insecure Deserialization/PHP.md	
+++ b/Insecure Deserialization/PHP.md	
@@ -88,7 +88,7 @@ Vulnerable code:
 
 ```php
 <?php
-class Object
+class ObjectExample
 {
   var $guess;
   var $secretCode;
@@ -108,7 +108,7 @@ if($obj) {
 Payload:
 
 ```php
-O:6:"Object":2:{s:10:"secretCode";N;s:4:"guess";R:2;}
+O:13:"ObjectExample":2:{s:10:"secretCode";N;s:5:"guess";R:2;}
 ```
 
 We can do an array like this: