Update README.md

2024-11-10 07:04:22 +00:00 · 2021-09-26 21:28:29 +02:00 · 2021-09-26 21:28:29 +02:00 · 5d846e9b8d
commit 5d846e9b8d
parent e68dc99749
1 changed files with 28 additions and 26 deletions
--- a/Injection/README.md
+++ b/Injection/README.md
@ -6,32 +6,21 @@

 * [Tools](#tools)
 * [Methodology](#methodology)
-* [Ruby](#ruby)
-  * [Basic injections](#ruby---basic-injections)
-  * [Retrieve /etc/passwd](#ruby---retrieve-etcpasswd)
-  * [List files and directories](#ruby---list-files-and-directories)
+* [ASP.NET Razor](#aspnet-razor)
+  * [Basic injection](#aspnet-razor---basic-injection)
+  * [Command execution](#aspnet-razor---command-execution)
+* [Expression Language EL](#expression-language-el)
+  * [Basic injection](#expression-language-el---basic-injection)
+  * [Code execution](#expression-language-el---code-execution)
+* [Freemarker](#freemarker)
+  * [Basic injection](#freemarker---basic-injection)
+  * [Code execution](#freemarker---code-execution)
+* [Handlebars](#handlebars)
+* [Jade / Codepen](#jade--codepen)
 * [Java](#java)
  * [Basic injection](#java---basic-injection)
  * [Retrieve the system’s environment variables](#java---retrieve-the-systems-environment-variables)
  * [Retrieve /etc/passwd](#java---retrieve-etcpasswd)
-* [Expression Language EL](#expression-language-el)
-  * [Basic injection](#expression-language-el---basic-injection)
-  * [Code execution](#expression-language-el---code-execution)
-* [Twig](#twig)
-  * [Basic injection](#twig---basic-injection)
-  * [Template format](#twig---template-format)
-  * [Arbitrary File Reading](#twig---arbitrary-file-reading)
-  * [Code execution](#twig---code-execution)
-* [Smarty](#smarty)
-* [Freemarker](#freemarker)
-  * [Basic injection](#freemarker---basic-injection)
-  * [Code execution](#freemarker---code-execution)
-* [Pebble](#pebble)
-  * [Basic injection](#pebble---basic-injection)
-  * [Code execution](#pebble---code-execution)
-* [Jade / Codepen](#jade--codepen)
-* [Velocity](#velocity)
-* [Mako](#mako)
 * [Jinja2](#jinja2)
  * [Basic injection](#jinja2---basic-injection)
  * [Template format](#jinja2---template-format)
@ -45,11 +34,22 @@
 * [Jinjava](#jinjava)
  * [Basic injection](#jinjava---basic-injection)
  * [Command execution](#jinjava---command-execution)
-* [Handlebars](#handlebars)
-* [ASP.NET Razor](#aspnet-razor)
-  * [Basic injection](#aspnet-razor---basic-injection)
-  * [Command execution](#aspnet-razor---command-execution)
 * [Lessjs](#lessjs)
+* [Mako](#mako)
+* [Pebble](#pebble)
+  * [Basic injection](#pebble---basic-injection)
+  * [Code execution](#pebble---code-execution)
+* [Ruby](#ruby)
+  * [Basic injections](#ruby---basic-injections)
+  * [Retrieve /etc/passwd](#ruby---retrieve-etcpasswd)
+  * [List files and directories](#ruby---list-files-and-directories)
+* [Smarty](#smarty)
+* [Twig](#twig)
+  * [Basic injection](#twig---basic-injection)
+  * [Template format](#twig---template-format)
+  * [Arbitrary File Reading](#twig---arbitrary-file-reading)
+  * [Code execution](#twig---code-execution)
+* [Velocity](#velocity)
 * [References](#references)

 ## Tools
@ -67,6 +67,8 @@ python2.7 ./tplmap.py -u "http://192.168.56.101:3000/ti?user=InjectHere*&comment

 ![SSTI cheatsheet workflow](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Server%20Side%20Template%20Injection/Images/serverside.png?raw=true)

+---
+
 ## Ruby

 ### Ruby - Basic injections