nerdexam
ExamsPT0-001Questions#210
CompTIA

PT0-001 · Question #210

PT0-001 Question #210: Real Exam Question with Answer & Explanation

The correct answer is B: nc -nvlp 4423 -?/bin/bash. To let an attacker connect inbound to a compromised host, the compromised system must run netcat in listen mode to create a bind shell.

Question

A penetration tester has compromised a system and wishes to connect to a port on it from the attacking machine to control the system Which of the following commands should the tester run on the compromised system?

Options

  • Anc looalhot 4423
  • Bnc -nvlp 4423 -?/bin/bash
  • Cnc 10.0.0.1 4423
  • Dnc 127.0.0.1 4423 -e /bin/bash

Explanation

To let an attacker connect inbound to a compromised host, the compromised system must run netcat in listen mode to create a bind shell.

Common mistakes.

  • A. Connecting to 'localhost 4423' only attempts an outbound connection to the machine's own loopback interface, establishing no externally accessible listener for the attacker.
  • C. Running 'nc 10.0.0.1 4423' makes the compromised system initiate an outbound connection to the attacker's IP, which is a reverse shell pattern - the opposite of what is needed when the attacker wants to connect inbound to the target.
  • D. Targeting 127.0.0.1 (loopback) means the connection attempt never leaves the compromised host, making it unreachable from the attacker's external machine.

Concept tested. Netcat bind shell listener on compromised system

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-001 Practice