update shellshock with simulation of attack

SHELL SHOCK/README.md

@@ -3,31 +3,31 @@ SHELL SHOCK ATTACK
 
 ![logo loading](logo.png)
 
-### 🟡 Introduction:
+### 🟡 Introduction :
 
 Shellshock is a 30-year old bug in the Bash shell that was discovered as a significant threat in 2014. Despite being less risky today, it still poses a threat to enterprises.With recent shifts in security priorities, it's important to examine Shellshock and the factors that contribute to its continued existence.
 
 
 
 * * *
 
-### 🟡 How Does Shellshock Work?
+### 🟡 How Does Shellshock Work ?
 
 Shellshock is a vulnerability that allows unauthorized execution of commands with higher privileges in systems using vulnerable versions of the Bash shell. This vulnerability occurs due to the execution of unintended bash commands from unsanitized environment variables. Attackers can exploit this vulnerability to remotely issue commands on target hosts, as many services like web servers use environment variables for communication with the OS. To prevent exploitation, input data must be sanitized before execution.
 
 
 
 * * *
 
-### 🟡 Reports of attacks
+### 🟡 Reports of attacks :
 
 The Bash vulnerability was quickly exploited after its announcement, resulting in compromised machines. Within a day, these machines were used in DDoS attacks and vulnerability scanning by botnets. Reports showed that the attacks originated from multiple countries, including China and the US. By the end of September, 1.5 million daily attacks and probes related to Shellshock were recorded by CloudFlare. However, it was later disputed whether the Yahoo! server attack was specifically due to Shellshock.
 
 
 
 * * *
 
-### 🟡 Vulnerability:
+### 🟡 Vulnerability :
 
 Shellshock can affect not only web servers, but also email and DNS servers using BASH to communicate with the OS. Unix-based systems are vulnerable, but organizations using Windows-based systems may also be at risk via vulnerable appliances or hardware. BASH is found in home routers, IoT devices, and embedded systems and can even be used to launch DOS attacks. By executing malicious code, attackers can steal confidential data and information stored on the system, launch programs, create connections to their own systems, and execute malicious software. The risk of harmful remote command execution by internet users is high.
 
@@ -82,7 +82,40 @@ To prevent Shellshock exploitation:
 
 * * *
 
-### 🟡 Conclusion:
+### 🟡 Simulation of Attack :
+
+To simulate the shellshock vulnerability, follow these steps:
+
+1. Set up the environment: Start a terminal or shell session in a system with a vulnerable version of Bash (1.0.3-4.3).
+
+2. Create a script file, let's say test.sh, with the following contents:
+
+```bash
+#!/bin/bash
+echo "This is a test script"
+```
+3. Set the environment variable in js: Set an environment variable named "MALICIOUS_VAR" with a value that includes a Bash command, for example:
+
+ ```javascript
+export MALICIOUS_VAR='() { :; };echo "Shellshock vulnerability exploited!"'
+  ```
+4. Modify the script to use the environment variable: Edit the test.sh file to include the following line:
+
+```bash
+echo "The value of MALICIOUS_VAR is $MALICIOUS_VAR"
+```
+5. Run the modified script: Execute the modified script by running the following command:
+
+```bash
+./test.sh
+```
+
+If the shellshock vulnerability is present and the test.sh script does not properly sanitize environment variables before processing them with Bash, the Bash command included in the MALICIOUS_VAR environment variable will be executed. In this case, the message "Shellshock vulnerability exploited!" will be printed to the console.
+
+To protect against the shellshock vulnerability, it is recommended to update to a non-vulnerable version of Bash and to properly sanitize environment variables before processing them in scripts or programs.
+
+***
+### 🟡 Conclusion :
 
 Organizations must employ a vulnerability management framework to detect, assess, and protect against Shellshock and future vulnerabilities. This framework should quickly identify vulnerabilities, determine their severity, and take necessary action. Effective vulnerability management is a key process in ensuring cyber security. A mature organization should treat the resolution of critical vulnerabilities, such as Shellshock, with the same urgency as a serious security incident.