PenTest+ Practice Tests Book - SYBEX
D. In this scenario, the command chmod 4111 /usr/bin/sudo will misconfigure sudo. Chmod is a command and system call that is used to change the access permissions of file system objects (files and directories). Chmod 4111 (chmod a+rwx, urw, g-rw, o-rw, ug+s, +t, g-s, -t) sets permissions so that (U)ser / owner can’t read, can’t write, and can execute. (G)roup can’t read, can’t write and can execute. (O)thers can’t read, can’t write, and can execute. sudo is a program for Unix-like computer operating systems that allows users to run programs with the security privileges of another user, by default the superuser.
I don't always trust the Sybex book. But, now that I think about it, D might might sense.
The question asks "Which of the following issues may be exploited now?"
Just "Sticky bits" by itself is not an issue to be exploited.
I think CompTIA just pulls arbitrary stuff from the web. Some of their question have little to do with pentesting. For example: question about strings used sanitize input, i.e. ".., \./. sandbox request" Creating complex strings to validate input is hardly the job of the pentester.
Agree. With the new questions which you cannot find anywhere else on the web I think they just create themselves, sometimes very badly worded, and just keep in their internal system. Even tried to find an erratum page from the book (Practice Tests) on the Internet to see if there was any correction from the existing questions but didn't find anything.
The correct answer is D according to the CompTIA Pentest+ Pratice Test, Sybex (Chapter 3: Attacks and Exploits).
Note: Chmod is a command and system call that is used to change the access permissions
of file system objects (files and directories). Chmod 4111 (chmod a+rwx,u-rw,g-rw,
o-rw,ug+s,+t,g-s,-t) sets permissions so that (U)ser / owner can’t read, can’t write, and
can execute. (G)roup can’t read, can’t write and can execute. (O)thers can’t read, can’t write,
and can execute. sudo is a program for Unix-like computer operating systems that allows
users to run programs with the security privileges of another user, by default the superuser.
In this scenario. the command chmod 4111 /usr/bin/sudo will misconfigure sudo.
On an Ubuntu box:
-rwsr-xr-x 1 root root 166056 Jul 15 01:17 /usr/bin/sudo
chmod 4111 /usr/bin/sudo
---s--x--x 1 root root 166056 Jul 15 01:17 /usr/bin/sudo
Sudo already has the Sticky bit, so just will remove some write and read permissions.
Anyways, you'll find on webs people having ---s--x--x for sudo on their OS. I tried and it seems everything still normal. There's no need to write or read the sudo file, just execute it. perhaps just if you are updating sudo version.
The funny thing it's that I found a web where a pentester show 'chmod 41111 /usr/bin/sudo' just to explain what a Sticky bit is. Anything to so with a vulnerability on sudo. The vulnerabilities come with sticky bits on executables that don't require it, so an attacker can exploit it.
https://www.pentestpartners.com/security-blog/exploiting-suid-executables/
In my opinion the Comptia person who wrote this was 'really inspired' and did not read/understand the pentesters' article at all.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mr_robot
Highly Voted 5Â years, 1Â month agoD1960
5Â years agomr_robot
5Â years agoD1960
4Â years, 12Â months agomr_robot
4Â years, 11Â months agokloug
Most Recent 2Â years, 2Â months agomiabe
2Â years, 9Â months agoCock
3Â years, 2Â months agoCybeSecN
3Â years, 9Â months agobyrne
4Â years, 4Â months ago