> For the complete documentation index, see [llms.txt](https://tamagosecurity.gitbook.io/notes/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://tamagosecurity.gitbook.io/notes/linux/linux-privilege-escalation/exposed-confidential-info.md).

# Exposed Confidential Info

Look for user environment

```bash
env
```

Enumerate Process with pass

```bash
watch -n 1 "ps -aux | grep pass"
```

Use TCPDump to capture traffic (require root permission)

```bash
sudo tcpdump -i lo -A | grep "pass"
```
