Abstract
The enhancement of Internet connectivity and the increase of information transmission speed yield the increasing frequency of network attacks. The Shellshock attackers often exploit bash vulnerability to read the content behind the function definition when importing environment variable functions. Then, malicious scripts can be executed in systems and servers, which compromises everything. Therefore, this paper proposes a formal modeling analysis method for the Shellshock Bash basis and automates the analysis of the patched position of the model. The relationship between the established model and the actual attack process is also discussed, which is a feasible reference for exploring unknown vulnerabilities and the location of corresponding patches.