While performing privilege escalation on a Windows 7 workstation, a penetration tester identifies a service that imports a DLL by name rather than an absolute path. To exploit this vulnerability, which of the following criteria must be met?
A.
Permissions not disabled in the DLL
B.
Weak folder permissions of a directory in the DLL search path
C.
Write permissions in the C:\Windows\System32\imports directory
Unsecure File and Folder Permissions
▪ Older versions of Windows allow administrators to access any non-admin
user’s files and folders
▪ Can lead to DLL hijacking and malicious file installations on a non-admin targeted user
"Weak folder permissions - This issue can be caused by the installation of a third-party application. The installer should take care of that but that’s not always the case so system administrators should pay extra attention to this issue.
Privileged file operation abuse - This issue is due to a flaw in the design of the application. In this case, developpers should review the code in order to prevent such operation on files and folders that can be controlled by normal users or implement impersonation when possible."
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.PT0-001 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
carlo479
Highly Voted 3 years, 11 months agomiabe
Most Recent 2 years, 11 months agobaybay
3 years, 3 months agoDave1212
4 years, 1 month ago