PT0-002 Question #254: Real Exam Question with Answer & Explanation

The correct answer is B: Use privilege escalation.. The file .scripts/daily_log_backup.sh has permissions set to 777, meaning that anyone can read, write, or execute the file. Since it's owned by the root user and the penetration tester has access to the system with a non-privileged account, this could be a potential avenue for pr

Post-exploitation and lateral movement

Question

After gaining access to a Linux system with a non-privileged account, a penetration tester identifies the following file: Which of the following actions should the tester perform FIRST?

Options

AChange the file permissions.
BUse privilege escalation.
CCover tracks.
DStart a reverse shell.

Explanation

The file .scripts/daily_log_backup.sh has permissions set to 777, meaning that anyone can read, write, or execute the file. Since it's owned by the root user and the penetration tester has access to the system with a non-privileged account, this could be a potential avenue for privilege escalation. In a penetration test, after finding such a file, the tester would likely want to explore it and see if it can be leveraged to gain higher privileges. This is often done by inserting malicious code or commands into the script if it's being executed with higher privileges, such as root in this

Topics

#Privilege escalation#Post-exploitation#Linux security#Penetration testing methodology

Community Discussion

No community discussion yet for this question.

Full PT0-002 Practice Browse All PT0-002 Questions