A tester who is performing a penetration test on a website receives the following output: Warning: mysql_fetch_array() expects parameter 1 to be resource, boolean given in /var/www/search.php on line 62 Which of the following commands can be used to further attack the website?
A) <script>var adr= '../evil.php?test=' + escape(document.cookie) ;</script>
B) ../../../../../../../../../../etc/passwd
C) /var/www/html/index.php;whoami
D) 1 UNION SELECT 1, DATABASE() ,3--
Correct Answer:
Verified
Q51: Which of the following should a penetration
Q52: A penetration tester conducted a vulnerability scan
Q53: Running a vulnerability scanner on a hybrid
Q54: A penetration tester runs the unshadow command
Q55: A penetration tester performs the following command:
Q57: A company that developers embedded software for
Q58: A penetration tester recently performed a social-engineering
Q59: A penetration tester ran an Nmap scan
Q60: The results of an Nmap scan are
Q61: During a penetration-testing engagement, a consultant performs
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents