Which of the following attacks is the tester performing?
A penetration tester is evaluating a SCADA system. The tester receives local access to a workstation that is running a single application. While navigating through the application, the tester opens a terminal window and gains access to the underlying operating system.
Which of the following attacks is the tester performing?
A . Kiosk escape
B . Arbitrary code execution
C . Process hollowing
D . Library injection
Answer: A
Explanation:
A kiosk escape involves breaking out of a restricted environment, such as a kiosk or a single application interface, to access the underlying operating system.
Here ’ s why option A is correct: Kiosk Escape: This attack targets environments where user access is intentionally limited, such as a kiosk or a dedicated application. The goal is to break out of these restrictions and gain access to the full operating system.
Arbitrary Code Execution: This involves running unauthorized code on the system, but the scenario described is more about escaping a restricted environment.
Process Hollowing: This technique involves injecting code into a legitimate process, making it appear benign while executing malicious activities.
Library Injection: This involves injecting malicious code into a running process by loading a malicious
library, which is not the focus in this scenario.
Reference from Pentest:
Forge HTB: Demonstrates techniques to escape restricted environments and gain broader access to the system.
Horizontall HTB: Shows methods to break out of limited access environments, aligning with the
concept of kiosk escape.
Conclusion:
Option A, Kiosk escape, accurately describes the type of attack where a tester breaks out of a restricted environment to access the underlying operating system.
Latest PT0-003 Dumps Valid Version with 131 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund