In this recipe, we will use Burp to exploit the Shellshock (CVE-2014-6271) vulnerability. If you haven't heard about the Shellshock vulnerability, which is also known as the Bash bug, it was the GNU bash remote code execution vulnerability, which could allow an attacker to gain access over a target machine. Since Bash is being widely used, this vulnerability had a huge attack surface and given the high severity and ease of exploit of this bug, it was one of the highest impact security issues identified in 2014; therefore, we decided to demonstrate how it can be exploited using Burp.