nerdexam
GIAC

GCIH · Question #539

Analyze the code snippet below. What is the main purpose of this code?

The correct answer is D. It attempts to overwrite the user's shell history. The code printed will check for the existence of a bash shell history, and then overwrites the contents with /dev/null which returns an empty string. So when the command completes, the .bash_history file will be empty.

Web Application Attacks & Post-Exploitation

Question

Analyze the code snippet below. What is the main purpose of this code?

Exhibit

GCIH question #539 exhibit

Options

  • AIt attempts to create a privileged shell in the user's $HOME
  • BIt attempts to create a covert communication channel
  • CIt attempts to insert a malicious command-shell
  • DIt attempts to overwrite the user's shell history

How the community answered

(43 responses)
  • A
    12% (5)
  • B
    7% (3)
  • C
    33% (14)
  • D
    49% (21)

Explanation

The code printed will check for the existence of a bash shell history, and then overwrites the contents with /dev/null which returns an empty string. So when the command completes, the .bash_history file will be empty.

Topics

#anti-forensics#shell history#log tampering#post-exploitation

Community Discussion

No community discussion yet for this question.

Full GCIH Practice