hacktricks/linux-hardening/linux-environment-variables.md
Carlos Polop 43da32d5b8 a
2024-02-07 05:06:18 +01:00

148 lines
5.5 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Linux Environment Variables
<details>
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Other ways to support HackTricks:
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>
## Global variables
The global variables **will be** inherited by **child processes**.
You can create a global variable for your current session doing:
```bash
export MYGLOBAL="hello world"
echo $MYGLOBAL #Prints: hello world
```
This variable will be accessible by your current sessions and its child processes.
You can **remove** a variable doing:
```bash
unset MYGLOBAL
```
## Local variables
The **local variables** can only be **accessed** by the **current shell/script**.
```bash
LOCAL="my local"
echo $LOCAL
unset LOCAL
```
## List current variables
```bash
set
env
printenv
cat /proc/$$/environ
cat /proc/`python -c "import os; print(os.getppid())"`/environ
```
## Common variables
From: [https://geek-university.com/linux/common-environment-variables/](https://geek-university.com/linux/common-environment-variables/)
* **DISPLAY** the display used by **X**. This variable is usually set to **:0.0**, which means the first display on the current computer.
* **EDITOR** the users preferred text editor.
* **HISTFILESIZE** the maximum number of lines contained in the history file.
* **HISTSIZE** Number of lines added to the history file when the user finish his session
* **HOME** your home directory.
* **HOSTNAME** the hostname of the computer.
* **LANG** your current language.
* **MAIL** the location of the users mail spool. Usually **/var/spool/mail/USER**.
* **MANPATH** the list of directories to search for manual pages.
* **OSTYPE** the type of operating system.
* **PS1** the default prompt in bash.
* **PATH** stores the path of all the directories which holds binary files you want to execute just by specifying the name of the file and not by relative or absolute path.
* **PWD** the current working directory.
* **SHELL** the path to the current command shell (for example, **/bin/bash**).
* **TERM** the current terminal type (for example, **xterm**).
* **TZ** your time zone.
* **USER** your current username.
## Interesting variables for hacking
### **HISTFILESIZE**
Change the **value of this variable to 0**, so when you **end your session** the **history file** (\~/.bash\_history) **will be deleted**.
```bash
export HISTFILESIZE=0
```
### **HISTSIZE**
Change the **value of this variable to 0**, so when you **end your session** any command will be added to the **history file** (\~/.bash\_history).
```bash
export HISTSIZE=0
```
### http\_proxy & https\_proxy
The processes will use the **proxy** declared here to connect to internet through **http or https**.
```bash
export http_proxy="http://10.10.10.10:8080"
export https_proxy="http://10.10.10.10:8080"
```
### SSL\_CERT\_FILE & SSL\_CERT\_DIR
The processes will trust the certificates indicated in **these env variables**.
```bash
export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificates
```
### PS1
Change how your prompt looks.
[**This is an example**](https://gist.github.com/carlospolop/43f7cd50f3deea972439af3222b68808)
Root:
![](<../.gitbook/assets/image (87).png>)
Regular user:
![](<../.gitbook/assets/image (88).png>)
One, two and three backgrounded jobs:
![](<../.gitbook/assets/image (89).png>)
One background job, one stopped and last command didn't finish correctly:
![](<../.gitbook/assets/image (90).png>)
<details>
<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
Other ways to support HackTricks:
* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
</details>