GCIH Question #44: Real Exam Question with Answer & Explanation

The correct answer is A: escapeshellarg(). Shell injection attacks are mitigated by sanitizing input passed to shell commands using PHP's escapeshellarg() and escapeshellcmd() functions. These two functions sanitize different parts of a shell call - arguments and the command itself - providing complete protection against

Web Application Attacks & Post-Exploitation

Question

Which of the following functions can be used as a countermeasure to a Shell Injection attack? Each correct answer represents a complete solution. Choose all that apply.

Options

Aescapeshellarg()
Bmysql_real_escape_string()
Cregenerateid()
Descapeshellcmd()

Explanation

Shell injection attacks are mitigated by sanitizing input passed to shell commands using PHP's escapeshellarg() and escapeshellcmd() functions. These two functions sanitize different parts of a shell call - arguments and the command itself - providing complete protection against shell metacharacter injection.

Common mistakes.

B. mysql_real_escape_string() is a MySQL-specific function designed to prevent SQL injection by escaping special characters for database queries; it provides no protection against OS shell injection.
C. regenerateid() is not a standard PHP function; session_regenerate_id() is used to prevent session fixation attacks and has no relevance to shell injection countermeasures.

Concept tested. PHP shell injection prevention with escapeshellarg and escapeshellcmd

Reference. https://www.php.net/manual/en/function.escapeshellarg.php

Topics

#shell injection#input sanitization#escapeshellarg#escapeshellcmd

Community Discussion

No community discussion yet for this question.

Full GCIH Practice