Update README.md

This commit is contained in:
Podalirius 2021-09-26 21:28:29 +02:00 committed by GitHub
parent e68dc99749
commit 5d846e9b8d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -6,32 +6,21 @@
* [Tools](#tools) * [Tools](#tools)
* [Methodology](#methodology) * [Methodology](#methodology)
* [Ruby](#ruby) * [ASP.NET Razor](#aspnet-razor)
* [Basic injections](#ruby---basic-injections) * [Basic injection](#aspnet-razor---basic-injection)
* [Retrieve /etc/passwd](#ruby---retrieve-etcpasswd) * [Command execution](#aspnet-razor---command-execution)
* [List files and directories](#ruby---list-files-and-directories) * [Expression Language EL](#expression-language-el)
* [Basic injection](#expression-language-el---basic-injection)
* [Code execution](#expression-language-el---code-execution)
* [Freemarker](#freemarker)
* [Basic injection](#freemarker---basic-injection)
* [Code execution](#freemarker---code-execution)
* [Handlebars](#handlebars)
* [Jade / Codepen](#jade--codepen)
* [Java](#java) * [Java](#java)
* [Basic injection](#java---basic-injection) * [Basic injection](#java---basic-injection)
* [Retrieve the systems environment variables](#java---retrieve-the-systems-environment-variables) * [Retrieve the systems environment variables](#java---retrieve-the-systems-environment-variables)
* [Retrieve /etc/passwd](#java---retrieve-etcpasswd) * [Retrieve /etc/passwd](#java---retrieve-etcpasswd)
* [Expression Language EL](#expression-language-el)
* [Basic injection](#expression-language-el---basic-injection)
* [Code execution](#expression-language-el---code-execution)
* [Twig](#twig)
* [Basic injection](#twig---basic-injection)
* [Template format](#twig---template-format)
* [Arbitrary File Reading](#twig---arbitrary-file-reading)
* [Code execution](#twig---code-execution)
* [Smarty](#smarty)
* [Freemarker](#freemarker)
* [Basic injection](#freemarker---basic-injection)
* [Code execution](#freemarker---code-execution)
* [Pebble](#pebble)
* [Basic injection](#pebble---basic-injection)
* [Code execution](#pebble---code-execution)
* [Jade / Codepen](#jade--codepen)
* [Velocity](#velocity)
* [Mako](#mako)
* [Jinja2](#jinja2) * [Jinja2](#jinja2)
* [Basic injection](#jinja2---basic-injection) * [Basic injection](#jinja2---basic-injection)
* [Template format](#jinja2---template-format) * [Template format](#jinja2---template-format)
@ -45,11 +34,22 @@
* [Jinjava](#jinjava) * [Jinjava](#jinjava)
* [Basic injection](#jinjava---basic-injection) * [Basic injection](#jinjava---basic-injection)
* [Command execution](#jinjava---command-execution) * [Command execution](#jinjava---command-execution)
* [Handlebars](#handlebars)
* [ASP.NET Razor](#aspnet-razor)
* [Basic injection](#aspnet-razor---basic-injection)
* [Command execution](#aspnet-razor---command-execution)
* [Lessjs](#lessjs) * [Lessjs](#lessjs)
* [Mako](#mako)
* [Pebble](#pebble)
* [Basic injection](#pebble---basic-injection)
* [Code execution](#pebble---code-execution)
* [Ruby](#ruby)
* [Basic injections](#ruby---basic-injections)
* [Retrieve /etc/passwd](#ruby---retrieve-etcpasswd)
* [List files and directories](#ruby---list-files-and-directories)
* [Smarty](#smarty)
* [Twig](#twig)
* [Basic injection](#twig---basic-injection)
* [Template format](#twig---template-format)
* [Arbitrary File Reading](#twig---arbitrary-file-reading)
* [Code execution](#twig---code-execution)
* [Velocity](#velocity)
* [References](#references) * [References](#references)
## Tools ## Tools
@ -67,6 +67,8 @@ python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=InjectHere*&comment
![SSTI cheatsheet workflow](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Images/serverside.png?raw=true) ![SSTI cheatsheet workflow](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Images/serverside.png?raw=true)
---
## Ruby ## Ruby
### Ruby - Basic injections ### Ruby - Basic injections