Whitepaper called Blind SSRF with Shellshock Exploitation. It
discusses how an attacker can leverage shellshock to also perform
server-side request forgery attacks.
Read more https://packetstormsecurity.com/files/160914/Blind-SSRF-with-Shellshock-Exploitation.pdf