The skill floor for Linux server administration is pretty low in my experience, which makes it one of my favorite places to land in a red team engagement. I can find all kinds of weird, convoluted ways to stay on the machine long after you’ve stopped looking.
My friend Jordan Mussman found a novel way of abusing regular
functionality in the less binary to maintain persistence as
a regular user OR root. Go read his
research (opens in new tab),
and maybe give your environment variables a look while you’re at it.