An administrator discovers the following log entry on a server:
Nov 12 2013 00:23:45 httpd[2342]: GET /app2/prod/proc/process.php?input=change;cd
%20../../../etc;cat%20shadow
Which of the following attacks is being attempted?
A.
Command injection
B.
Password attack
C.
Buffer overflow
D.
Cross-site scripting
This should be Command Injection
31
0
Explanation: In this case a command was entered, and the attacker was attempting
to gain access to the password file within the /etc directory. If the
attacker tried to inject code, they would not use commands, but rather PHP,
ASP, or another language. SQL injections are usually run on databases, not
web servers’ HTML forms. Buffer overflows have to do with memory and how
applications utilize it.
A- Command Injection
4
0
When I took Sec + in 2013, I spent a week memorizing 300 questions and 20 or so port numbers, and aced the exam first try. This time around it seems like there are no good resources, no valid dumps, and everywhere I try to do practice questions I can’t even trust the answers to be correct… what happened?? I’ve been cramming for 3 weeks now and still don’t feel ready. Should have just jumped through the hoops for CEU’s… at the time, that seemed like more effort than just retesting. Appears I was mistaken.
5
0