You should delete your answer. First of all, /etc/passwd files haven't contained passwords for at least 15 to 20 years now, on most systems. Second of all, the way querystring/form parameters are passed to CGI systems makes it extremely unlikely that your example would work. And third, you're all but answering the question that was asked.
It's just an example, and I chose the example precisely because it can't be used in modern times, and I explained that the example wouldn't work. Why should I offer working examples for black-hat hackers in a public forum?
It graphically shows the vulnerability produced by Shellshock, but without offering a real working example for the script kiddies to emulate.
-- that explains the Shellshock bug, they use the same example I gave -- reading /etc/passwd. And for the same reason -- it's an example of a vulnerability, but won't give black-hats any useful information. They don't explain that this won't actually produce anything useful, but I do.
