Exam PT0-002 Topic 4 Question 239 Discussion
Actual exam question for CompTIA's PT0-002 exam
Question #: 239
Topic #: 4
Question #: 239
Topic #: 4
A penetration tester opened a reverse shell on a Linux web server and successfully escalated privileges to root.
During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks.
To avoid disrupting this user's work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?
During the engagement, the tester noticed that another user logged in frequently as root to perform work tasks.
To avoid disrupting this user's work, which of the following is the BEST option for the penetration tester to maintain root-level persistence on this server during the test?
Suggested Answer: C Vote an answer
The best option for the penetration tester to maintain root-level persistence on this server during the test is to add a new user with ID 0 to the /etc/passwd file. This will allow the penetration tester to use the same user account as the other user, but with root privileges, meaning that it won't disrupt the other user's work. This can be done by adding a new line with the username and the numerical user ID 0 to the /etc/passwd file. For example, if the username for the other user is "johndoe", the line to add would be "johndoe:x:0:0:John Doe:/root:/bin/bash". After the user is added, the penetration tester can use the "su" command to switch to the new user and gain root privileges.
by Frederic at Aug 08, 2024, 06:37 PM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).