Difficulty: 4/10
There are several configuration files that get executed whenever a user logs in. Their purpose is to configure the terminal to be a friendlier environment. However, attackers can backdoor malicious commands into these files to maintain persistence.
Resources
When and where these files get executed can be very confusing, so here are a few resources explaining them:
Vulnerabilities
Here are some files you should target:
/etc/profile~/.bash_profile~/.bashrc~/.bash_logout~/.inputrcmotd related files- If the system has a specific shell (
zsh or csh), then there are specific config files you can target
One hilariously mean trick I've found is that upon logging in, you can trap users in an infinite loop if you have two users and modify their config files so they su into each other.
How to resolve this issue
You can create a fork of the repo, add the desired vulns, and then submit a pull request. Resources explaining how to add vulnerabilities are present in our documentation, slides, and video
Difficulty: 4/10
There are several configuration files that get executed whenever a user logs in. Their purpose is to configure the terminal to be a friendlier environment. However, attackers can backdoor malicious commands into these files to maintain persistence.
Resources
When and where these files get executed can be very confusing, so here are a few resources explaining them:
Vulnerabilities
Here are some files you should target:
/etc/profile~/.bash_profile~/.bashrc~/.bash_logout~/.inputrcmotdrelated fileszshorcsh), then there are specific config files you can targetOne hilariously mean trick I've found is that upon logging in, you can trap users in an infinite loop if you have two users and modify their config files so they
suinto each other.How to resolve this issue
You can create a fork of the repo, add the desired vulns, and then submit a pull request. Resources explaining how to add vulnerabilities are present in our documentation, slides, and video