hacktricks/linux-hardening/linux-environment-variables.md
2023-01-18 13:30:35 +00:00

7.4 KiB
Raw Blame History

Linux Environment Variables

🎙️ HackTricks LIVE Twitch Wednesdays 5.30pm (UTC) 🎙️ - 🎥 Youtube 🎥

Global variables

The global variables will be inherited by child processes.

You can create a global variable for your current session doing:

export MYGLOBAL="hello world"
echo $MYGLOBAL #Prints: hello world

This variable will be accessible by your current sessions and its child processes.

You can remove a variable doing:

unset MYGLOBAL

Local variables

The local variables can only be accessed by the current shell/script.

LOCAL="my local"
echo $LOCAL
unset LOCAL

List current variables

set
env
printenv
cat /proc/$$/environ
cat /proc/`python -c "import os; print(os.getppid())"`/environ

Persistent Environment variables

Files that affect behavior of every user:

  • /etc/bash.bashrc: This file is read whenever an interactive shell is started (normal terminal) and all the commands specified in here are executed.
  • /etc/profile and /etc/profile.d/*: This file is read every time a user logs in. Thus all the commands executed in here will execute only once at the time of user logging in.
    • **Example: **

      /etc/profile.d/somescript.sh

      #!/bin/bash
      TEST=$(cat /var/somefile)
      export $TEST
      

Files that affect behavior for only a specific user:

  • ~/.bashrc: This file behaves the same way /etc/bash.bashrc file works but it is executed only for a specific user. If you want to create an environment for yourself go ahead and modify or create this file in your home directory.
  • ~/.profile, ~/.bash_profile, ~/.bash_login: These files are same as /etc/profile. The difference comes in the way it is executed. This file is executed only when a user in whose home directory this file exists, logs in.

Extracted from: here and here

Common variables

From: https://geek-university.com/linux/common-environment-variables/

  • DISPLAY the display used by X. This variable is usually set to :0.0, which means the first display on the current computer.
  • EDITOR the users preferred text editor.
  • HISTFILESIZE the maximum number of lines contained in the history file.
  • **HISTSIZE - **Number of lines added to the history file when the user finish his session
  • HOME your home directory.
  • HOSTNAME the hostname of the computer.
  • LANG your current language.
  • MAIL the location of the users mail spool. Usually /var/spool/mail/USER.
  • MANPATH the list of directories to search for manual pages.
  • OSTYPE the type of operating system.
  • PS1 the default prompt in bash.
  • **PATH - **stores the path of all the directories which holds binary files you want to execute just by specifying the name of the file and not by relative or absolute path.
  • PWD the current working directory.
  • SHELL the path to the current command shell (for example, /bin/bash).
  • TERM the current terminal type (for example, xterm).
  • TZ your time zone.
  • USER your current username.

Interesting variables for hacking

HISTFILESIZE

Change the value of this variable to 0, so when you end your session the history file (~/.bash_history) will be deleted.

export HISTFILESIZE=0

HISTSIZE

Change the value of this variable to 0, so when you end your session any command will be added to the history file (~/.bash_history).

export HISTSIZE=0

http_proxy & https_proxy

The processes will use the proxy declared here to connect to internet through http or https.

export http_proxy="http://10.10.10.10:8080"
export https_proxy="http://10.10.10.10:8080"

SSL_CERT_FILE & SSL_CERT_DIR

The processes will trust the certificates indicated in these env variables.

export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificates

PS1

Change how your prompt looks.

I have created this one (based on another, read the code).

Root:

Regular user:

One, two and three backgrounded jobs:

One background job, one stopped and last command didn't finish correctly:

🎙️ HackTricks LIVE Twitch Wednesdays 5.30pm (UTC) 🎙️ - 🎥 Youtube 🎥