It all started by auditing Pornhub, then PHP and ended in breaking both… We have gained remote code execution on pornhub.com and have earned a $20,000 bug bounty on Hackerone. We have found two use-after-free vulnerabilities in PHP's garbage collection algorithm. Those vulnerabilities were remotely exploitable over PHP's unserialize function.