Want to run this Docker Container Locally?

docker run -d -p 9045:80 --name flag-red64 --restart always joshbeck2024/ctf-php-serialization-explained-flag-red64

What is Serialization?

• Simply Put: It’s a way to convert a program object (data structures) into a string that can be transmitted via GET/POST requests or cookie values.
• Already completed Part 1? —> Here is Part 2: Magic Methods

Consider this Basic Object written using PHP:

class House {
    public $color;
    public $rooms;
    public $price;

    // The constructor helps us build the house with specific details
    public function __construct($color, $rooms, $price) {
        $this->color = $color;
        $this->rooms = $rooms;
        $this->price = $price;
    }
}

// Creating the instance
$myHouse = new House("blue", 3, 150000);

// Converting it to a string
echo serialize($myHouse);

We have an object (House) with properties:

• $color
• $rooms
• $price

We create an instance of this object called $myhouse And we populate this instance with the values below:

• (The price listed is a completely unreasonable expectation. If you are trying to buy in today’s market, you are basically burned! —I digress!)
• "blue"
• 3
• 150000

The serialized or string equivalent of this object would look like what I have in the code block below:

• It’s easy to understand what’s happening with the string below once you know what to look for.
• In this lab, we’ll manipulate serialized data, as shown below, to obtain flag access.