Which of the following attacks is being attempted?

An administrator discovers the following log entry on a server.
Nov 12 2013 00:23:45 httpd[2342]: /app2/prod/process.php?input=change.cd%20./././ect:
cat%20shadow
Which of the following attacks is being attempted?

An administrator discovers the following log entry on a server.
Nov 12 2013 00:23:45 httpd[2342]: /app2/prod/process.php?input=change.cd%20./././ect:
cat%20shadow
Which of the following attacks is being attempted?

A.
Command injection

B.
Password attack

C.
Buffer overflow

D.
Cross-site scripting

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

18 − 2 =

trunguonglua

trunguonglua

Tricky question since the two commands: “change cd” to the /etc folder and “cat” the shadow file which stores passwords are injected in the input field of a http deamon (buffer overflow attack type) in order to display the password file.

Not sure what is the correct one. A or C but not B since password attack are brute force, dictionary, and key logger.

Reply