4.Path-abuse
Check PATH variable
echo $PATH
env | grep PATHExample: Create a script in a PATH directory (requires write access)
# echo 'echo "PATH ABUSE!!"' > /usr/local/bin/mycommand
# chmod +x /usr/local/bin/mycommand
# mycommandModify PATH (be cautious, this can break things)
PATH=.:$PATH
export PATH
echo $PATHExample: Create a malicious script and execute it
# echo 'echo "PATH ABUSE!!"' > ls
# chmod +x ls
# lsLast updated