IP Address: 172.25.200.200

Port: 9047

Would you like to run the target Docker image locally?

sudo docker run -d --restart always -p 9047:80 --name Flag-red65-67 joshbeck2024/ctf-php-serialization-part-2-flag-red65

• Object serialization in PHP is the process of converting an object into a storable or transmittable format, typically a string, so it can be saved in a file, sent over a network, or stored in a database. Later, the object can be reconstructed by deserializing it, restoring its state and properties. This is useful for maintaining object state across sessions or during communication between systems.

Lab Objective:

• In Part 1, we looked at the structure of a serialized object and what happens when a data structure is serialized/deserialized.
• In this lab, we’ll tackle 3 flags that are designed to introduce the concept of ‘Magic Methods.’
  • If you know when and under what conditions these special ‘Magic Methods’ are triggered, it makes a huge difference when participating in CTF challenges or conducting real-world static code analysis.

In PHP, Magic Methods are special functions that are automatically triggered by certain events rather than being called manually by your code.

• You can recognize them (in PHP) because they always start with a double underscore (e.g., __construct, __destruct, and __toString).

Lab summary:

• Flag Red65: We’ll look at the __construct() method and determine the conditions under which it is triggered.
• Flag_Red66: We’ll look at the __destruct() method and learn about reference checks.
• Flag_Red67: We’ll look at the __toString() method and determine the conditions under which it is triggered.

Flag Red65:

The Challenge:

• Super Easy, but hopefully informative this time:
  • Hand the application a base64-encoded cookie containing a serialized object with s:5:”color”;s:12:’”give_me_flag”;
    • This syntax should make sense to you after working through Part 1.