hacktricks/linux-hardening/linux-environment-variables.md
Carlos Polop 910ce9c7c8 a
2024-02-02 13:19:57 +01:00

6.8 KiB
Raw Blame History

Linux Environment Variables

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks:

Global variables

The global variables will be inherited by child processes.

You can create a global variable for your current session doing:

export MYGLOBAL="hello world"
echo $MYGLOBAL #Prints: hello world

This variable will be accessible by your current sessions and its child processes.

You can remove a variable doing:

unset MYGLOBAL

Local variables

The local variables can only be accessed by the current shell/script.

LOCAL="my local"
echo $LOCAL
unset LOCAL

List current variables

set
env
printenv
cat /proc/$$/environ
cat /proc/`python -c "import os; print(os.getppid())"`/environ

Persistent Environment variables

Files that affect behavior of every user:

  • /etc/bash.bashrc: This file is read whenever an interactive shell is started (normal terminal) and all the commands specified in here are executed.
  • /etc/profile and /etc/profile.d/*: This file is read every time a user logs in. Thus all the commands executed in here will execute only once at the time of user logging in.
    • **Example: **

      /etc/profile.d/somescript.sh

      #!/bin/bash
      TEST=$(cat /var/somefile)
      export $TEST
      

Files that affect behavior for only a specific user:

  • ~/.bashrc: This file behaves the same way /etc/bash.bashrc file works but it is executed only for a specific user. If you want to create an environment for yourself go ahead and modify or create this file in your home directory.
  • ~/.profile, ~/.bash_profile, ~/.bash_login: These files are same as /etc/profile. The difference comes in the way it is executed. This file is executed only when a user in whose home directory this file exists, logs in.

Extracted from: here and here

Common variables

From: https://geek-university.com/linux/common-environment-variables/

  • DISPLAY the display used by X. This variable is usually set to :0.0, which means the first display on the current computer.
  • EDITOR the users preferred text editor.
  • HISTFILESIZE the maximum number of lines contained in the history file.
  • HISTSIZE Number of lines added to the history file when the user finish his session
  • HOME your home directory.
  • HOSTNAME the hostname of the computer.
  • LANG your current language.
  • MAIL the location of the users mail spool. Usually /var/spool/mail/USER.
  • MANPATH the list of directories to search for manual pages.
  • OSTYPE the type of operating system.
  • PS1 the default prompt in bash.
  • PATH stores the path of all the directories which holds binary files you want to execute just by specifying the name of the file and not by relative or absolute path.
  • PWD the current working directory.
  • SHELL the path to the current command shell (for example, /bin/bash).
  • TERM the current terminal type (for example, xterm).
  • TZ your time zone.
  • USER your current username.

Interesting variables for hacking

HISTFILESIZE

Change the value of this variable to 0, so when you end your session the history file (~/.bash_history) will be deleted.

export HISTFILESIZE=0

HISTSIZE

Change the value of this variable to 0, so when you end your session any command will be added to the history file (~/.bash_history).

export HISTSIZE=0

http_proxy & https_proxy

The processes will use the proxy declared here to connect to internet through http or https.

export http_proxy="http://10.10.10.10:8080"
export https_proxy="http://10.10.10.10:8080"

SSL_CERT_FILE & SSL_CERT_DIR

The processes will trust the certificates indicated in these env variables.

export SSL_CERT_FILE=/path/to/ca-bundle.pem
export SSL_CERT_DIR=/path/to/ca-certificates

PS1

Change how your prompt looks.

I have created this one (based on another, read the code).

Root:

Regular user:

One, two and three backgrounded jobs:

One background job, one stopped and last command didn't finish correctly:

Learn AWS hacking from zero to hero with htARTE (HackTricks AWS Red Team Expert)!

Other ways to support HackTricks: