Just like you enter commands like ls,cd into the terminal, you can store data in terminal. How? Through Terminal variables/ shell variables/ Environmental variables.
So a program calling an Environmental variable or depending on such variables is susceptible to exploitation as these variables' values can be changed to malicious shellcode and exported.
So what is a shell code?
A shell code is special set of characters representing commands that run those commands when the compiler compiles it.
So when the compiler prints or executes, a command is run, instead of just reading the data.
Shell-storm.org is a great source for shellcodes.
So an exercise to exploit Environmental Variables now. Narnia Level 1 is all about this.
ssh into narnia1 with the password obtained previously.
ssh narnia1@narnia.labs.overthewire.org -p 2226
Password: efeidiedae
cd /narnia/
cat narnia1.c
The Environmental variable EGG is stored in ret variable using getenv() function and ret() is executed.
ret=getenv("EGG");
ret();
So a shell-code to open /bin/sh with narnia2 privileges would get us the password for narnia2.