Black-Hat Bash scripting part 11

Chapter 8: Local Information Gathering

Hello, been a while since I last wrote on here…I got a bit distracted…anyways it is recon time.

The shell environment- it can reveal information such as where the system looks for executables to run, custom applications can add new directory paths , you may also fund creds and other info in the custom configs.

environment variables- Admins tend to store creds here to avoid writing creds to files on disk.

sensitive info in bash profiles

If you are in bug bounty sensitive info is a pretty lucrative discovery, it’s more known as sensitive info disclosure (an example of it here: https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704,) its listed as a critical find so expect a nice reward for finding it. In propinquity to bash sys admins can easily include creds in scripts as ~./bashrc maybe cause they are feeling lazy and not wanting to manually supply creds on the command-line. you can also be on the look out for /etc.profile, /etc/bashrc, ~./profile, ~/.bash_profile, ~/.env, ~/.bash_login and ~/.bash_logout. in propinquity to Z shell, look for files such as: etc/zprofile, /etc/zshrc, ~/.zprofile and ~/.zshrc.

Users and Groups

script is checking whether a user can read etc/passwd and if they can read the contents and other things

Processes

For an important step in recon it is prevalent to enumerate processes as it helps a hacker know what code that a system is running, giving us a decision on what to focus on.

Taking a break, i can’t force myself to write

That was a long ass intercession… a week or two of no bash(i don’t really remember lol) but if you read the small series I wrote, it was to not think technically and it was good for me as a person to do, as i still worked just gave myself time to focus on something else will continue when i feel burnt-out mentally. Anyway back on the grind….

Exercise 12: Writing an os script

this was before i looked at the example the book gave, it’s so simple but i feel like it has some inconsistencies

it’s the same stuff i wrote earlier just arranged in a beautiful manner

After this exercise, my neural pathways are starting to build up as i was doing this exercise honestly i was panicking thinking of how am I still not getting this, but really it’s just doing it, doing it terrible, from there the learning really begins, it’s really just like investing, let me not get ahead of myself i hope the next exercise i get even better so that once i start working on personal projects on bash I will see some progress as i document it.

I am a bit happy so let me end this one one a happy feeling as this chapter is not close to being finished and i do not want to force myself to learn like i did in the past, i want to enjoy learning

Till next time,

Be blessed

References:

https://github.com/mdeacey/universal-os-detector