CompTIA
PT0-001 · Question #44
PT0-001 Question #44: Real Exam Question with Answer & Explanation
Sign in or unlock PT0-001 to reveal the answer and full explanation for question #44. The question stem and answer options stay visible for context.
Post-exploitation and lateral movement
Question
After gaining initial low-privilege access to a Linux system, a penetration tester identifies an interesting binary in a user's home folder titled ''changepass." -sr-xr-x 1 root root 6443 Oct 18 2017 /home/user/changepass Using "strings" to print ASCII printable characters from changepass, the tester notes the following: $ strings changepass exit setuid strcmp GLIBC_2.0 ENV_PATH %s/changepw malloc strlen Given this information, which of the following is the MOST likely path of exploitation to achieve root privileges on the machine?
Options
- ACopy changepass to a writable directory and export the ENV_PATH environmental variable to the
- BCreate a copy of changepass in the same directory, naming it changepw. Export the ENV_PATH
- CExport the ENV_PATH environmental variable to the path of a writable directory that contains a
- DRun changepass within the current directory with sudo after exporting the ENV_PATH
Unlock PT0-001 to see the answer
You've previewed enough free PT0-001 questions. Unlock PT0-001 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#SUID exploitation#PATH hijacking#privilege escalation#Linux