ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-601 All Questions

View all questions & answers for the SY0-601 exam
Go to Exam

Exam SY0-601 topic 1 question 389 discussion

Actual exam question from CompTIA's SY0-601
Question #: 389
Topic #: 1
[All SY0-601 Questions]

A penetration tester executes the command crontab -l while working in a Linux server environment. The penetration tester observes the following string in the current user's list of cron jobs:

*/10 * * * * root /writable/update.sh

Which of the following actions should the penetration tester perform NEXT?

  • A. Privilege escalation
  • B. Memory leak
  • C. Directory traversal
  • D. Race condition
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by NeoSam999 at Feb. 8, 2023, 11:05 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Gamsje
Highly Voted 1 year, 11 months ago
Fu*k This question should not be in the Security+ exam ???
upvoted 20 times
damianUY
1 year, 8 months ago
This is the security+ exam, dont get your point.
upvoted 1 times
...
...
Ahmed_aldouky
Highly Voted 2 years, 4 months ago
Selected Answer: A
the penetration tester has discovered a cron job that runs every 10 minutes as the root user and executes the script /writable/update.sh. This suggests that the update.sh script has write permissions in a directory that is writable by the current user. Therefore, the next logical step for the penetration tester would be to review the contents of the /writable directory and the update.sh script to determine if there are any vulnerabilities that can be exploited to escalate privileges or otherwise compromise the system. The correct answer is: A. Privilege escalation.
upvoted 19 times
...
ApplebeesWaiter1122
Most Recent 2 years ago
Selected Answer: A
Based on the information provided, the penetration tester has identified a cron job that runs the script /writable/update.sh as the root user every 10 minutes. The next logical step for the penetration tester would be to investigate the contents and permissions of the /writable/update.sh script to look for potential vulnerabilities or misconfigurations that could be exploited.
upvoted 8 times
...
Nishkurup
2 years, 3 months ago
Selected Answer: A
https://medium.com/swlh/privilege-escalation-via-cron-812a9da9cf1a#:~:text=By%20exploiting%20a%20misconfiguration%20in,choosing%20and%20gain%20root%20privileges.
upvoted 3 times
...
i_luv_stoneface
2 years, 4 months ago
Selected Answer: A
it says ROOT
upvoted 6 times
...
NeoSam999
2 years, 4 months ago
Selected Answer: A
At every 10th minute (*/10 * * * *) run /writable/update.sh as root
upvoted 8 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel