Collaborate Disseminate
When doing local development, I have to export a token needed for downloading dependencies from a private repository. For example:
export NPM_TOKEN=token_value
I want to make sure that this token is not stored in the shell history (that’s… Continue reading Securely loading private tokens on a local machine
The page at: https://www.freedesktop.org/software/systemd/man/systemd.exec.html#Environment says:
Environment variables set for a unit are exposed to unprivileged clients via D-Bus IPC […]
I don’t have much experience with stuff as low… Continue reading Details: snoop environment variables using D-Bus IPC
In their communication about the april 2022 breach (summary here), Heroku states that environment variables (other than Review apps and CI variables) were safe because they are encrypted at rest.
We also wanted to address a question regar… Continue reading Why are environment variables safe after 2022 Heroku breach?
As normal user, if you open the Edit Environment Variable setting in Windows, you will get this:
As you can see, the %path% variable that available for an user is a combination of %path% set globally as System variables and %path% set loc… Continue reading Can modifying environment variables in Windows cause vulnerability?
As normal user, if you open the Edit Environment Variable setting in Windows, you will get this:
As you can see, the %path% variable that available for an user is a combination of %path% set globally as System variables and %path% set loc… Continue reading Can modifying environment variables in Windows cause vulnerability?
I was browsing the ld.so man page and I saw an entry about Secure-Execution mode:
**Secure-execution mode**
For security reasons, if the dynamic linker determines that a binary
should be run in secure-execution mode, the eff… Continue reading ld.so Secure-execution mode a valid mitigation for polkit CVE-2021-4034?
For school I need to use the buffer overflow in the program below to get the shell to launch. For this exercise we need to perform a data-only attack, i.e. the stack is non-executable and stack canaries are enabled.
#include <stdio.h>… Continue reading Data-only attack using buffer overflow
Background
Currently doing some vulnservers on Offensive Security’s Proving Grounds Practice Labs. A vulnserver is a machine configured with vulnerabilities for testing/audit and research purposes.
I came across a machine that had a cronjo… Continue reading SUID Priv Escalation – LD_LIBRARY_PATH versus ldconfig and /etc/ld.so.conf
I installed zenmap in my Kali Linux but when tried to run it, the terminal gave me the following error telling me to add modules to the PYTHONPATH variable.
┌──(root💀kali)-[/home/kali/Downloads]
└─# zenmap … Continue reading How do I add modules to PYTHONPATH variable for zenmap in Kali Linux [migrated]
Quote https://manpages.debian.org/buster/manpages/ld.so.8.en.html#Secure-execution_mode
Secure-execution mode
For security reasons, the effects of some environment variables are voided or modified if the dynamic linker determines that the… Continue reading How to globally enable ld.so secure-execution mode for all applications?