~/.bash_profileand~/.bashrcare executed in a user's context when a new shell opens or when a user logs in so that their environment is set correctly.~/.bash_profileis executed for login shells and~/.bashrcis executed for interactive non-login shells. This means that when a user logs in (via username and password) to the console (either locally or remotely via something like SSH),~/.bash_profileis executed before the initial command prompt is returned to the user. After that, every time a new shell is opened,~/.bashrcis executed. This allows users more fine grained control over when they want certain commands executed.Mac's Terminal.app is a little different in that it runs a login shell by default each time a new terminal window is opened, thus calling
each time instead of/.bash_profile/.bashrc.These files are meant to be written to by the local user to configure their own environment; however, adversaries can also insert code into these files to gain persistence each time a user logs in or opens a new shell (Citation: amnesia malware).
Adds a command to the .bash_profile file of the current user
Supported Platforms: macOS, Linux
| Name | Description | Type | Default Value |
|---|---|---|---|
| command_to_add | Command to add to the .bash_profile file | string | /path/to/script.py |
echo "#{command_to_add}" >> ~/.bash_profile
Adds a command to the .bashrc file of the current user
Supported Platforms: macOS, Linux
| Name | Description | Type | Default Value |
|---|---|---|---|
| command_to_add | Command to add to the .bashrc file | string | /path/to/script.py |
echo "#{command_to_add}" >> ~/.bashrc