ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-001 All Questions

View all questions & answers for the PT0-001 exam
Go to Exam

Exam PT0-001 topic 1 question 160 discussion

Actual exam question from CompTIA's PT0-001
Question #: 160
Topic #: 1
[All PT0-001 Questions]

During the exploitation phase of a penetration test, a vulnerability is discovered that allows command execution on a Linux web server. A cursory review confirms the system access is only in a low-privilege user context: www-data. After reviewing, the following output from /etc/sudoers:

Which of the following users should be targeted for privilege escalation?

  • A. Only members of the Linux admin group, OPERATORS, ADMINS, jedwards, and operator can execute privileged commands useful for privilege escalation.
  • B. All users on the machine can execute privileged commands useful for privilege escalation.
  • C. Bfranks, emann, members of the Linux admin group, OPERATORS, and ADMINS can execute commands useful for privilege escalation.
  • D. Jedwards, operator, bfranks, emann, OPERATOR, and ADMINS can execute commands useful for privilege escalation.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by sknath at June 6, 2021, 2:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
miabe
2 years, 10 months ago
Selected Answer: C
looks good to me
upvoted 1 times
...
carlo479
3 years, 9 months ago
This question is in the exam.
upvoted 2 times
g4nt3ng
3 years, 9 months ago
What about the answer? What is C or A on the exam?
upvoted 2 times
Chimpeth
3 years, 6 months ago
I would go C. Jedwards can only operate on the Corp_Linux domain, executing the operator commands through sudo. So shutdown, halt etc.
upvoted 1 times
...
...
...
CapCrunch
3 years, 10 months ago
Thinking D All users can execute privileged commands when using /usr/sbin/1pc or /usr/sbin/1prm NOPASSWD means the tester doesnt need a password to run sudo commands. /usr/sbin/1pc or /usr/sbin/1prm where most likely set this was by admin to allow users to solve printer issues by themself. The pentester can use this to pipe a cammand to call a bash shell with root privilages.
upvoted 2 times
Chimpeth
3 years, 6 months ago
D contains Operator not OPERATORS
upvoted 1 times
...
...
versun
3 years, 10 months ago
Yeah, answer is C
upvoted 3 times
versun
3 years, 10 months ago
targeted is privilege escalation First, we should choose NOPASSWD account to privilege. So, OPERATORS and ADMINS are we need. Second, we should choose root account to privilege if we can. So, ADMIN is we need. SO,answer is C
upvoted 2 times
...
...
sam9710
3 years, 10 months ago
WOULDNT IT BE C? looking at the code its setting bfranks, emann are set to admin and jedward isnt
upvoted 4 times
likeahoss
3 years, 6 months ago
is the emanns line good? ADMINS isn't a RunAsAlias, so I wasn't sure if it was a valid line
upvoted 1 times
...
...
sknath
3 years, 11 months ago
Can anyone be able to explain this?
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago