Tags: deserialization 

Rating:

TL;DR: Deserialization vulnerability with phars.

[View writeup here](https://github.com/ryan-cd/ctf/tree/master/2021/tenablectf/phar_out)

Original writeup (https://github.com/ryan-cd/ctf/tree/master/2021/tenablectf/phar_out).