Given this information, which of the following is the MOST likely path of exploitation to achieve root privileges on the machines?
After gaining initial low-privilege access to a Linux system, a penetration tester identifies an interesting binary in a user’s folder titled “changepass”
-sr Cxr -x 1 root root 6443 Oct 18 2017 /home/user/changepass
Using “strings” to print ASCII printable characters from changepass, the tester notes the following:
$ strings changepass
Exit
setuid
strmp
GLINC _2.0
ENV_PATH
%s/changepw
malloc
strlen
Given this information, which of the following is the MOST likely path of exploitation to achieve root privileges on the machines?
A . Copy changepass to a writable directory and export the ENV_PATH environmental variable to the path of a token-stealing binary titled changepw. Then run changepass
B . Create a copy of changepass in the same directory, naming it changpw. Export the ENV_PATH environmental variable to the path “/home/user’. Then run changepass
C . Export the ENV_PATH environmental variable to the path of a writable directory that contains a token-stealing binary title changepw
D . Run changepass within the current directory with sudo after exporting the ENV_PATH environmental variable to the path of ‘/usr/local/bin’
Answer: D
Latest PT0-001 Dumps Valid Version with 248 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund