hacktricks/linux-hardening/linux-environment-variables.md

172 lines
6.8 KiB
Markdown
Raw Normal View History

2022-10-05 22:34:56 +00:00
# Linux Environment Variables
2022-04-28 16:01:33 +00:00
<details>
2024-02-02 12:19:57 +00:00
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-02-02 12:19:57 +00:00
Other ways to support HackTricks:
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
2022-10-05 22:34:56 +00:00
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
2024-02-02 12:19:57 +00:00
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
2022-04-28 16:01:33 +00:00
</details>
2022-10-05 22:34:56 +00:00
## Global variables
2022-02-14 02:21:08 +00:00
The global variables **will be** inherited by **child processes**.
You can create a global variable for your current session doing:
```bash
export MYGLOBAL="hello world"
echo $MYGLOBAL #Prints: hello world
```
This variable will be accessible by your current sessions and its child processes.
You can **remove** a variable doing:
```bash
unset MYGLOBAL
```
2022-10-05 22:34:56 +00:00
## Local variables
The **local variables** can only be **accessed** by the **current shell/script**.
```bash
LOCAL="my local"
echo $LOCAL
unset LOCAL
```
2022-10-05 22:34:56 +00:00
## List current variables
```bash
set
env
printenv
cat /proc/$$/environ
cat /proc/`python -c "import os; print(os.getppid())"`/environ
```
2022-10-05 22:34:56 +00:00
## Persistent Environment variables
2022-10-05 22:34:56 +00:00
#### **Files that affect behavior of every user:**
2022-02-14 02:21:08 +00:00
* _**/etc/bash.bashrc**_: This file is read whenever an interactive shell is started (normal terminal) and all the commands specified in here are executed.
* _**/etc/profile and /etc/profile.d/\***_**:** This file is read every time a user logs in. Thus all the commands executed in here will execute only once at the time of user logging in.
2022-10-05 22:34:56 +00:00
* \*\*Example: \*\*
`/etc/profile.d/somescript.sh`
```bash
#!/bin/bash
TEST=$(cat /var/somefile)
export $TEST
```
2022-10-05 22:34:56 +00:00
#### **Files that affect behavior for only a specific user:**
2022-02-14 02:21:08 +00:00
* _**\~/.bashrc**_: This file behaves the same way _/etc/bash.bashrc_ file works but it is executed only for a specific user. If you want to create an environment for yourself go ahead and modify or create this file in your home directory.
2023-09-25 19:16:51 +00:00
* _**\~/.profile, \~/.bash\_profile, \~/.bash\_login**_: These files are same as _/etc/profile_. The difference comes in the way it is executed. This file is executed only when a user in whose home directory this file exists, logs in.
2021-11-30 16:46:07 +00:00
**Extracted from:** [**here**](https://codeburst.io/linux-environment-variables-53cea0245dc9) **and** [**here**](https://www.gnu.org/software/bash/manual/html\_node/Bash-Startup-Files.html)
2022-10-05 22:34:56 +00:00
## Common variables
From: [https://geek-university.com/linux/common-environment-variables/](https://geek-university.com/linux/common-environment-variables/)
* **DISPLAY** the display used by **X**. This variable is usually set to **:0.0**, which means the first display on the current computer.
* **EDITOR** the users preferred text editor.
* **HISTFILESIZE** the maximum number of lines contained in the history file.
2023-09-25 19:16:51 +00:00
* **HISTSIZE** Number of lines added to the history file when the user finish his session
* **HOME** your home directory.
* **HOSTNAME** the hostname of the computer.
* **LANG** your current language.
* **MAIL** the location of the users mail spool. Usually **/var/spool/mail/USER**.
* **MANPATH** the list of directories to search for manual pages.
* **OSTYPE** the type of operating system.
* **PS1** the default prompt in bash.
2023-09-25 19:16:51 +00:00
* **PATH** stores the path of all the directories which holds binary files you want to execute just by specifying the name of the file and not by relative or absolute path.
* **PWD** the current working directory.
* **SHELL** the path to the current command shell (for example, **/bin/bash**).
* **TERM** the current terminal type (for example, **xterm**).
* **TZ** your time zone.
* **USER** your current username.
2022-10-05 22:34:56 +00:00
## Interesting variables for hacking
2022-10-05 22:34:56 +00:00
### **HISTFILESIZE**
2021-11-05 20:59:42 +00:00
Change the **value of this variable to 0**, so when you **end your session** the **history file** (\~/.bash\_history) **will be deleted**.
```bash
export HISTFILESIZE=0
```
2022-10-05 22:34:56 +00:00
### **HISTSIZE**
2021-11-05 20:59:42 +00:00
Change the **value of this variable to 0**, so when you **end your session** any command will be added to the **history file** (\~/.bash\_history).
```bash
export HISTSIZE=0
```
2023-01-18 13:30:35 +00:00
### http\_proxy & https\_proxy
2023-01-18 13:30:35 +00:00
The processes will use the **proxy** declared here to connect to internet through **http or https**.
```bash
export http_proxy="http://10.10.10.10:8080"
2023-01-18 13:30:35 +00:00
export https_proxy="http://10.10.10.10:8080"
```
2023-01-18 13:30:35 +00:00
### SSL\_CERT\_FILE & SSL\_CERT\_DIR
2023-01-18 13:30:35 +00:00
The processes will trust the certificates indicated in **these env variables**.
```bash
2023-01-18 13:30:35 +00:00
export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificates
```
2022-10-05 22:34:56 +00:00
### PS1
Change how your prompt looks.
2023-01-18 13:30:35 +00:00
I have created [**this one**](https://gist.github.com/carlospolop/43f7cd50f3deea972439af3222b68808) (based on another, read the code).
Root:
![](<../.gitbook/assets/image (87).png>)
Regular user:
2022-12-24 12:23:14 +00:00
![](<../.gitbook/assets/image (88).png>)
One, two and three backgrounded jobs:
![](<../.gitbook/assets/image (89).png>)
One background job, one stopped and last command didn't finish correctly:
2022-12-24 12:23:14 +00:00
![](<../.gitbook/assets/image (90).png>)
2022-04-28 16:01:33 +00:00
<details>
2024-02-02 12:19:57 +00:00
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-02-02 12:19:57 +00:00
Other ways to support HackTricks:
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
2022-10-05 22:34:56 +00:00
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
2024-02-02 12:19:57 +00:00
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
2022-04-28 16:01:33 +00:00
</details>