nerdexam
GIAC

GCIH · Question #467

An attacker issues the command shown below. Which of the following best describes what the attacker is attempting to do? C:\> nc.exe '"L '"p 43567 '"e cmd.exe

The correct answer is A. Start a netcat listener on port 43567 that when connected to will provide access to the Windows. This command, when executed, will activate Netcat so that it listens persistently (-L) on TCP port 43567. When someone connects, the Netcat listener will run cmd.exe.

Vulnerability Exploitation & Privilege Escalation

Question

An attacker issues the command shown below. Which of the following best describes what the attacker is attempting to do? C:> nc.exe '"L '"p 43567 '"e cmd.exe

Options

  • AStart a netcat listener on port 43567 that when connected to will provide access to the Windows
  • BConnect to a netcat listener with a process id of 43567 and subsequently receive access to the
  • CConnect to a netcat listener on port 43567 and subsequently receive access to the Windows
  • DStart a netcat listener with a process id of 43567 that when connected to will provide access to

How the community answered

(28 responses)
  • A
    89% (25)
  • C
    7% (2)
  • D
    4% (1)

Explanation

This command, when executed, will activate Netcat so that it listens persistently (-L) on TCP port 43567. When someone connects, the Netcat listener will run cmd.exe.

Topics

#netcat#bind shell#command execution#backdoor

Community Discussion

No community discussion yet for this question.

Full GCIH Practice