Managing the User Environment
Among the areas that Linux newcomers find problematic, managing the user environment variables might be the most obscure. Although Windows operating systems have environment variables, most users seldom--if ever--manage their environment variables. To get the most from our Linux hacking system, you need to both understand and manage environment variables for optimal performance, convenience and possibly, even stealth.
These environment variables are the variables that are used in our particular user environment. In most cases, that environment will be your BASH shell. Each user, including root, has a set of environment variables that are set at default values unless they're changed. You can change these values to make our system work more efficiently and tailor our work environment to best meet our individual needs.
View Our Environment Variables
Let's start by viewing all your environment variables by entering env;
Note that all the environment variables are in all UPPER CASE such as HOME, PATH, SHELL, etc. As you will see later in this chapter, you can create your own user-defined variables (see below) and if you do, it is advisable--but not required--that they also be in all uppercase.
In addition, we can view all the variables AND any user-defined variables or command aliases by entering the command set.
This command lists numerous variables that are unique to our system. In most cases, this list is so long they can't viewed all on one page. To see all these variables line-by-line, you can pipe the output to the more command such as;
Now, the list of variables fills up one screen and stops, waiting for us to hit the ENTER key to advance to the next line. You can do this until we come to any variable we are looking for. If we hit the ENTER key a few times, we will find a variable named HISTSIZE. Hitting the ENTER key will take you through each of these variables, one-by-one. Whenever you use the more command for output, you can use the q to exit or quit and return to the command prompt.
Rather than scrolling through this long list of variables tediously looking for the variable of interest, you can use the filtering command grep to find it. For instance, as you saw above, there is a variable named HISTSIZE. This variable contains the number of commands stored in your command history file. That is, the commands that you have previously typed and can recall by using the UP and DOWN arrows from the BASH shell.
Let's try to find it using set and filtering the output with grep to find the HISTSIZE variable.
As you can see above, this command finds the variable HISTSIZE and displays its value. The default value of this variable is set to 1000 on your system. This means that the HISTSIZE variable stores your last 1000 commands by default.
Viewing Variables Values
The set command displays all your variable names, but if want to see the value stored in the variable, you can use the keyword echo followed by the dollar sign $ and the variable name, such as;
It's important to notice that when you want to use the value stored inside the variable, such as here, we need to put a $ before the variable name. The dollar sign ($) before the variable name indicates you want to work with value inside the variable, rather than the label of the variable.
As I noted above, the HISTSIZE variable contains the value of the number of commands that are stored in our history file. As you can see in this screenshot, the HISTSIZE variable is set to 1000. In some cases, we may NOT want our past commands stored in the history file. This may be because you don't want to leave any evidence of your activity on the system. In that case, you can set your HISTSIZE variable to 0 and the system will NOT store any past commands.
Now, when we try to use the UP or DOWN arrows to recall commands, nothing happens as the system no longer stores our commands. Stealthy,but inconvenient.
Exporting our Environment Variables
When you change an environment variable, it's only for that particular environment. In this case, that environment is the BASH shell. This means that once we close that terminal, any changes that we made to these variables are lost or set back to the default value. If we want the value to remain for our next terminal session and another terminal session, we need to export the variable. Think of it as "exporting" the new value from your current environment (the BASH shell) to the rest of the system so that it is available in every environment.
We can do this by simply entering export and then the variable name such as;
Now, the HISTSIZE variable is set to 0 when we leave this environment and return later. Of course, we can set the HISTSIZE variable back to 1000 by simply entering;
Changing Our Shell Prompt
The default shell prompt in Kali takes the following format;
If you are the root user, this translates to a default prompt of;
We can change the default command prompt by setting the value for the PS1 variable. This variable has a particular set of placeholders for information to be placed in the prompt. These include;
\u =name of the current user
\h = host name
\W= current working directory
Let's have a little fun and change the prompt in our terminal. The environment variable that contains our prompt for the first terminal is PS1. We can change it by typing:
Now, every time you open a terminal you are reminded that you are "World's Best Hacker".
Remember that our prompt will now be "World's Best Hacker" whenever we open the first terminal (PS1), but the second terminal will still be the default command prompt. This means that if we really like this new command prompt and want to keep it, we need to export it so that each time we open this terminal or any terminal, the prompt will be "World's Best Hacker: #"
Changing Our Path Variable
Probably the most important variable in our environment is our PATH variable. This variable controls where your shell looks for the commands you type, such as cd, ls, echo, etc. (they are all usually located in the sbin or bin sub-directories such as /usr/local/sbin or usr/local/bin). If the BASH shell doesn't find the command in one of the directories in our path, it returns an error "command not found" even if it DOES exist in another directory not in our PATH.
Let's take a look at the contents of our PATH variable by echo-ing its contents:
Notice the directories included in our PATH variable. These are usually the various /bin and /sbin directories where our system commands are found. When we type ls, the system knows to look in each of these directories for the ls command and when it does, it executes it.
If we were to download and install a new hacking tool named "newhackingtool" into the /root/newhackingtool directory, we could only use it when we were in that directory. This means that every time we wanted to use that tool you would first have to navigate to /root/newhackingtool. That might be just fine, but a bit inconvenient. To be able to use this new tool from ANY directory, you could just add this directory into a PATH variable.
To add this newhackingtool directory to our PATH variable, you can enter:
In this command, you are saying "take the PATH variable (PATH) and assign it (=) the value of the old PATH variable ($PATH) and add /root/newhackingtool."
It's important to note here that we have appended the /root/newhackingtool directory to your PATH variable. If now you go back and examine the contents of the PATH variable, you will now see that this directory has been appended to the end of the PATH.
This means when you want to run your newhackingtool, you won't need to navigate to the /root/newhackingtool directory. You can now execute newhackingtool applications from anywhere on your system. The BASH shell will now look in that directory for our new tool!
A common mistake made by those new to Linux is to assign the new directory, /root/newhackingtool, to the PATH variable such as;
kali > PATH=/root/newhackingtool
kali > echo $PATH
Now, your PATH command ONLY contains /root/newhackingtool directory and not the system binaries directories such as /bin, /sbin and others. This is NOT good. In this case, when you go to use any of the system commands, you are likely to receive the error "command not found" (unless in the unlikely case you are in the system binaries directories when you execute it).
kali > cd
bash: cd: command not found
Remember, you want to append to the PATH variable, not replace.
This can be a very useful technique for directories that we use often, but be careful to not add too many directories to your PATH variable as the system will have to search through each and every directory in the PATH to find commands and could potentially slow down your terminal and your hacking.
Creating a New User-Defined Variable
You can create your own custom, user-defined variables in Linux by simply assigning a value to your new variable. The syntax is rather straightforward; first the name of your variable, then the assignment symbol "=" and finally the value in the variable such as;
kali > MYNEWVARIABLE = "Hacking is the most valuable skill set in the 21st century"
Now, to see the value in that variable, you can use the echo command followed by the $ and the variable name.
kali > echo $MYNEWVARIABLE
Hacking is the most valuable skill set in the 21st century
If you then wanted to delete this new variable or any system or user-defined variable, you can use the unset command. You probably want to be cautious in deleting a system variable as your system will likely operate much differently afterwards.
kali > unset MYNEWVARIABLE
kali > echo $MYNEWVARIABLE
When you unset MYNEWVARIABLE, you deleted it. Now when you echo that same variable, Linux will return a blank line.
Although the environment variables might seem a bit obscure, they can control the settings and look of your working environment in Linux. You can manage them to tailor our environment to your needs by changing any one of those variables and exporting them. In addition, we can create new variables to help manage your system.
For more on using Linux for hacking, check out my book "Linux Basics for Hackers" now available here on Amazon.