🔐
Sentnl
  • Stay Secure
  • SSH
    • Bash History
  • Git
    • GitHub credential caching no no
    • Removing your GitHub commit history
  • Community
    • Tips on identifying scammers on Telegram
  • Linux security
    • Install Wiregaurd on Ubuntu 18.04
    • Ubuntu automated security updates
  • Hacking Demos
    • Getting passwords of logged in users
  • Wordpress Remote Code Execution
  • Grafana SSRF exploit
  • CVE Query API Examples
    • Wordpress + plugins CVE query
    • Hyperion CVE Query
    • Atomic API CVE query
Powered by GitBook
On this page
  • Bash history is a wonderful tool.
  • So what is the problem?
  • What things could they find?
  • TIP and TRICKS

Was this helpful?

  1. SSH

Bash History

Bash history can be a dangerous thing.

Bash history is a wonderful tool.

Bash history can be a wonderful tool reminding us of all those previous commands we may have forgotten. Gosh some shells like Fish go even further and provides auto suggestions based on previously typed commands.

So what is the problem?

The problem is that if an unathorized person managhes to gain access to your servers he will try and elevate his permissions to other users and look at their bash history.

What things could they find?

  1. Wallet Passords

./cleos.sh wallet unlock --password PW5Hxd53uNnSZR1g13F2tW55mEKzaq3h8gFCd9fvqzMmEZ5nbErqz

2. EOS Private keys

./cleos.sh create key --to-console 
Private key: 5HqWNReenpa6iusjfwVjqfeMjWoxDRvgB5eFzB9KBvmFgZT6fEs 
Public key: EOS6X8cXGQjvdD1Ph4zBfVTfNFfx4oChHZmwZRrUzjzexmCE4BLx4

TIP and TRICKS

When logging out of your SSH shell, exit using the following command, which will delete all your history for your current session and any previous sessions.

cat /dev/null > ~/.bash_history && history -c && exit

You can make life even easier by creating an alias for this command.

alias secureexit="cat /dev/null > ~/.bash_history && history -c && exit"
PreviousStay SecureNextGitHub credential caching no no

Last updated 4 years ago

Was this helpful?