From 80e6aa2b9e9d516cd3db00e5ae3c5a221247c373 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Terence=20F=C3=BCrst?= <terence.fuerst@protonmail.com>
Date: Fri, 19 Jul 2024 18:18:48 +0200
Subject: [PATCH] Update README.md

Fixed the link for the web/content-type
---
 pentesting-web/file-upload/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pentesting-web/file-upload/README.md b/pentesting-web/file-upload/README.md
index e452d6aef..918144e83 100644
--- a/pentesting-web/file-upload/README.md
+++ b/pentesting-web/file-upload/README.md
@@ -81,7 +81,7 @@ Other useful extensions:
 ### Bypass Content-Type, Magic Number, Compression & Resizing
 
 * Bypass **Content-Type** checks by setting the **value** of the **Content-Type** **header** to: _image/png_ , _text/plain , application/octet-stream_
-  1. Content-Type **wordlist**: [https://github.com/danielmiessler/SecLists/blob/master/Miscellaneous/web/content-type.txt](https://github.com/danielmiessler/SecLists/blob/master/Miscellaneous/web/content-type.txt)
+  1. Content-Type **wordlist**: [https://github.com/danielmiessler/SecLists/blob/master/Miscellaneous/Web/content-type.txt](https://github.com/danielmiessler/SecLists/blob/master/Miscellaneous/Web/content-type.txt)
 * Bypass **magic number** check by adding at the beginning of the file the **bytes of a real image** (confuse the _file_ command). Or introduce the shell inside the **metadata**:\
   `exiftool -Comment="<?php echo 'Command:'; if($_POST){system($_POST['cmd']);} __halt_compiler();" img.jpg`\
   `\` or you could also **introduce the payload directly** in an image:\