Bash History Breadcrumb

This breadcrumb works by modifying your ~/.bash_history file. We randomly place the generated command containing hints to your trapster inside the file so that it appears when an attacker is filtering the file for strings that appear to include passwords or IP addresses.

Installation

If you are following this example, our downloaded file is named script.sh.

When running the following commands it is important to leave a space before the command. This makes sure it won't be recorded in bash history. After downloading the bash script file, first you must give yourself permission to run the file using:

$ chmod +x script.sh

You can then run the script using:

$ ./script.sh