what is the attacker ultimately trying to achieve as inferred from the log sequence?

seenagapeJuly 5, 2013

After studying the following log entries, what is the attacker ultimately trying to achieve as inferred
from the log sequence?
1. mkdir -p /etc/X11/applnk/Internet/.etc
2. mkdir -p /etc/X11/applnk/Internet/.etcpasswd
3. touch -acmr /etc/passwd /etc/X11/applnk/Internet/.etcpasswd
4. touch -acmr /etc /etc/X11/applnk/Internet/.etc
5. passwd nobody -d
6. /usr/sbin/adduser dns -d/bin -u 0 -g 0 -s/bin/bash

7. passwd dns -d
8. touch -acmr /etc/X11/applnk/Internet/.etcpasswd /etc/passwd
9. touch -acmr /etc/X11/applnk/Internet/.etc /etc

A.
Change password of user nobody

B.
Extract information from a local directory

C.
Change the files Modification Access Creation times

D.
Download rootkits and passwords into a new directory

2 Comments on “what is the attacker ultimately trying to achieve as inferred from the log sequence?”

dungctt says:

June 27, 2015 at 1:53 am

Why C?
I think A

Log in to Reply
claudio says:

August 31, 2017 at 4:33 pm

C, because the question is referred to last command

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

what is the attacker ultimately trying to achieve as inferred from the log sequence?

2 Comments on “what is the attacker ultimately trying to achieve as inferred from the log sequence?”

Leave a Reply Cancel reply