Exposed Confidential Information

Understand user history files
Inspect user trails for credential harvesting
Inspect system trails for credential harvesting

Inspecting User Trails

┌──(kali㉿kali)-[~]
└─$ env
COLORFGBG=15;0
COLORTERM=truecolor
COMMAND_NOT_FOUND_INSTALL_PROMPT=1
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
DESKTOP_SESSION=lightdm-xsession
DISPLAY=:0.0
DOTNET_CLI_TELEMETRY_OPTOUT=1
GDMSESSION=lightdm-xsession
GTK_MODULES=gail:atk-bridge
HOME=/home/kali

Inspenting .bashrc and .bash_history

john@privesc:~$ cat .bashrc
# ~/.bashrc: executed by bash(1) for non-login shells.
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
# for examples
# If not running interactively, don't do anything
case $- in
 *i*) ;;
 *) return;;
esac
# don't put duplicate lines or lines starting with space in the history.
# See bash(1) for more options
export SCRIPT_CREDENTIALS="lab"
HISTCONTROL=ignoreboth
...

PreviousManual Enumeration NextService/Network Footprinting

Last updated 1 year ago