nerdexam
GIAC

GPEN · Question #471

GPEN Question #471: Real Exam Question with Answer & Explanation

The correct answer is B. Bind.tcp. The Bind.tcp stager instructs the target system to open and listen on a specified TCP port, allowing the attacker to connect inbound using netcat or a similar tool.

Question

You are pen testing a system and want to use Metasploit 3.X to open a listening port on the system so you can access it via a netcat shell. Which stager would you use to have the system listen on TCP port 50000?

Options

  • AReverse.tcp
  • BBind.tcp
  • CFincltag.ord
  • DPassivex

Explanation

The Bind.tcp stager instructs the target system to open and listen on a specified TCP port, allowing the attacker to connect inbound using netcat or a similar tool.

Common mistakes.

  • A. Reverse.tcp configures the target to initiate a connection back to the attacker's machine, meaning the attacker's system listens rather than the target.
  • C. Fincltag.ord is not a recognized or valid Metasploit stager.
  • D. Passivex is a Metasploit stager that tunnels communications through HTTP using ActiveX controls, not a direct TCP listener on the target.

Concept tested. Metasploit bind vs reverse shell stager selection

Reference. https://docs.rapid7.com/metasploit/metasploit-basics/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice