GIAC
GCIH · Question #467
An attacker issues the command shown below. Which of the following best describes what the attacker is attempting to do? C:\> nc.exe '"L '"p 43567 '"e cmd.exe
The correct answer is A. Start a netcat listener on port 43567 that when connected to will provide access to the Windows. This command, when executed, will activate Netcat so that it listens persistently (-L) on TCP port 43567. When someone connects, the Netcat listener will run cmd.exe.
Vulnerability Exploitation & Privilege Escalation
Question
An attacker issues the command shown below. Which of the following best describes what the attacker is attempting to do? C:> nc.exe '"L '"p 43567 '"e cmd.exe
Options
- AStart a netcat listener on port 43567 that when connected to will provide access to the Windows
- BConnect to a netcat listener with a process id of 43567 and subsequently receive access to the
- CConnect to a netcat listener on port 43567 and subsequently receive access to the Windows
- DStart a netcat listener with a process id of 43567 that when connected to will provide access to
How the community answered
(28 responses)- A89% (25)
- C7% (2)
- D4% (1)
Explanation
This command, when executed, will activate Netcat so that it listens persistently (-L) on TCP port 43567. When someone connects, the Netcat listener will run cmd.exe.
Topics
#netcat#bind shell#command execution#backdoor
Community Discussion
No community discussion yet for this question.