Exam SY0-601 topic 1 question 61 discussion

Answer: B. Directory traversal & D. Privilege escalation Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory. If the attempt is successful, the threat actor can view restricted files or execute commands on the server. Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user.

"admin's folder" - Priv escalation, + dir transversal. "database" is thrown in as a decoy for SQL answer.

BC is the correct answer

Anyone who has been a Windows Server Admin for years knows this is B&D.

B. Directory traversal& D. Privilege escalation

Can someone explain how B and D got the culprit in? Why isn't pass-the hash in there via the web server and then privilege escalation would get him into the DB's directory if it wasn't his has and also allow for the deletion of the logs.... I think I'm totally missing something.... the culprit would need the user name with the pass the hash?

1. Directory traversal: In a directory traversal attack, the attacker exploits improper input validation to access files and directories that are outside the intended directory. In this scenario, the attacker used directory traversal to access the database administrator's folder on the web server and download the system configuration notes. 2. Privilege escalation: Privilege escalation involves gaining higher-level privileges on a system to access resources or perform actions beyond the intended scope. In this case, the attacker likely escalated their privileges to gain access to the database administrator's folder and retrieve the system configuration notes.

The two attacks that could explain what occurred are: B. Directory traversal: This attack involves using a specially crafted input to access files or directories that are outside of the intended directory structure. In this scenario, it is possible that the attacker used a directory traversal attack to access the database administrator's folder on the web server and retrieve the system configuration notes. C. SQL injection: This attack involves injecting malicious SQL code into an application's input field, which can then be used to access or modify sensitive data in a database. It is possible that the attacker used a SQL injection attack to access the database administrator's folder on the web server and retrieve the system configuration notes.

The two attacks that explain the scenario are: B. Directory traversal: Directory traversal is an attack in which an attacker can access files and directories that are stored outside the web root folder by manipulating a web application's input parameters, such as file paths or directory names. In this case, the attacker was able to access the system configuration notes by traversing to the database administrator's folder on the web server. D. Privilege escalation: Privilege escalation is an attack in which an attacker gains elevated privileges to a system or network by exploiting a vulnerability or weakness. In this case, the attacker was able to access the database administrator's folder on the web server, which suggests that they may have escalated privileges to gain access to that folder.

Yes B and D sound correct. However, just because they accessed the notes from an admins folder still doesnt mean that a privilege escalation occurred. It does say that it was on the databases admin folder, making it seem as theres a database. Im on the fence between B and D, and B and C.

C & D, - c, the admin notes are stored in "the database", Will require SQLi to interact with DB. - d, need privilege to clear the system logs.

Directory traversal and Privilege escalation.

B&D The simplest example of a directory traversal attack is when an application displays or allows the user to download a file via a URL parameter.

B and C

B & D seem to be correct.