I need to exploit a Solaris vulnerability for class, but we never dealt with Solaris before and I never installed it.
Does Solaris have an equivalent to Linux's /proc/self/environ, exposing a process's environment as a file, that allows local file inclusion attacks?
On Solaris, you get a process environment with these commands:
pargs $$
pargs -e $$
There is no shortcut like /proc/self with Solaris so you need to know the PID of the process, eg.:
/proc/$$/psinfo
Moreover, only the arguments are visible here, the environment is in /proc/pid/as and I doubt this file to be exploitable with LFI as it is kind of a sparse file with which you need to seek to precise locations for the read to succeed.
