An administrator discovers the following log entry on a server:
Nov 12 2013 00:23:45 httpd: GET /app2/prod/proc/process.php?input=change;cd
Which of the following attacks is being attempted?
3 Comments on “Which of the following attacks is being attempted?”
This should be Command Injection
Explanation: In this case a command was entered, and the attacker was attempting
to gain access to the password file within the /etc directory. If the
attacker tried to inject code, they would not use commands, but rather PHP,
ASP, or another language. SQL injections are usually run on databases, not
web servers’ HTML forms. Buffer overflows have to do with memory and how
applications utilize it.
A- Command Injection
When I took Sec + in 2013, I spent a week memorizing 300 questions and 20 or so port numbers, and aced the exam first try. This time around it seems like there are no good resources, no valid dumps, and everywhere I try to do practice questions I can’t even trust the answers to be correct… what happened?? I’ve been cramming for 3 weeks now and still don’t feel ready. Should have just jumped through the hoops for CEU’s… at the time, that seemed like more effort than just retesting. Appears I was mistaken.