Overview#

A security lab exploring environment variable vulnerabilities, specifically how manipulating the PATH variable can hijack program execution. Demonstrates the danger of Set-UID programs calling external commands without absolute paths.

Key Concepts#

• Analyzed environment variable inheritance between parent and child processes
• Demonstrated Set-UID privilege escalation via PATH manipulation
• Created proof-of-concept malicious program that detects elevated privileges
• Documented security implications of calling external programs from privileged code

Technologies#

C, Linux Security, Environment Variables, Set-UID, Privilege Escalation, Process Inheritance

Related Skills#

• Cybersecurity
• C