ENVIRONMENT VARS

these are additional ways or alternative methods users are able to provide input to a program specially in the context of buffer overflow vulnerabilities.

environment variables are publicly accessible variables in the OS that any software can interact with. environment variables control different aspect of the system

#WINDOWS
PS C:\> Get-ChildItem Env:
 Name                           Value
 ----                           -----
 ALLUSERSPROFILE                C:\ProgramData
 APPDATA                        C:\Users\**********.MIL\AppData\Roaming
 CommonProgramFiles             C:\Program Files\Common Files
 CommonProgramFiles(x86)        C:\Program Files (x86)\Common Files
 CommonProgramW6432             C:\Program Files\Common Files
 COMPUTERNAME                   EISEW3U216NB102
 ComSpec                        C:\WINDOWS\system32\cmd.exe
 DEFLOGDIR                      C:\ProgramData\McAfee\Endpoint Security\Logs
 DriverData                     C:\Windows\System32\Drivers\DriverData
 EFC_3592                       1
 HOMEDRIVE                      C:
 HOMEPATH                       \Users\**********.MIL
 LOCALAPPDATA                   C:\Users\**********.MIL\AppData\Local
 LOGONSERVER                    \\EISEW3U216NB102
 NUMBER_OF_PROCESSORS           12
 OneDrive                       C:\Users\**********.MIL\OneDrive - US Army
 OneDriveCommercial             C:\Users\**********.MIL\OneDrive - US Army
 OS                             Windows_NT
 Path                           C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPo...
 PATHEXT                        .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC;.CPL
 PROCESSOR_ARCHITECTURE         AMD64
 PROCESSOR_IDENTIFIER           Intel64 Family 6 Model 186 Stepping 3, GenuineIntel
 PROCESSOR_LEVEL                6
 PROCESSOR_REVISION             ba03
 ProgramData                    C:\ProgramData
 ProgramFiles                   C:\Program Files
 ProgramFiles(x86)              C:\Program Files (x86)
 ProgramW6432                   C:\Program Files
 PSModulePath                   C:\Users\**********.MIL\OneDrive - US Army\Documents\WindowsPowerShell\Modules;C:\Pro...
 PUBLIC                         C:\Users\Public
 SESSIONNAME                    Console
 SystemDrive                    C:
 SystemRoot                     C:\WINDOWS
 TEMP                           C:\Users\******~1.MIL\AppData\Local\Temp
 TMP                            C:\Users\******~1.MIL\AppData\Local\Temp
 USERDNSDOMAIN                  ecuf.ds.deas.mil
 USERDOMAIN                     ECUF
 USERDOMAIN_ROAMINGPROFILE      ECUF
 USERNAME                       **********.MIL
 USERPROFILE                    C:\Users\**********.MIL
 windir                         C:\WINDOWS
 ZES_ENABLE_SYSMAN              1

#modification


#LINUX
remnux@remnux:~$ printenv
 ...
 
 * display environment variables
 
remnux@remnux:~$ printenv HOME
 /home/remnux

if you are able to determine that an application has access to the environment variable, a red team can manipulate it

Last updated