CompTIA Exam PT0-003 Topic 2 Question 21 Discussion

Actual exam question for CompTIA's PT0-003 exam

Question #: 21
Topic #: 2

[All PT0-003 Questions]

A penetration tester is trying to get unauthorized access to a web application and executes the following command:

GET /foo/images/file?id=2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

Which of the following web application attacks is the tester performing?

AInsecure Direct Object Reference

BCross-Site Request Forgery

CDirectory Traversal

DLocal File Inclusion

Show Suggested Answer

Suggested Answer: C

The attacker is attempting to access restricted files by navigating directories beyond their intended scope.

Directory Traversal (Option C):

The request uses encoded '../' sequences (%2e%2e%2f = ../) to move up directories and access /etc/passwd.

This is a classic directory traversal attack aimed at accessing system files.

Incorrect options:

Option A (Insecure Direct Object Reference - IDOR): IDOR exploits direct access to objects (e.g., changing user_id=123 to user_id=456), not directory navigation.

Option B (CSRF): CSRF forces users to execute unwanted actions, unrelated to directory access.

by Devorah at Mar 22, 2025, 06:34 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ceola

31 minutes ago

I think this is a local file inclusion attack. The tester is trying to include a local file on the server, which could lead to unauthorized access or even remote code execution.

upvoted 0 times

...

Laurena

4 days ago

Hmm, I'm not so sure. It could also be an insecure direct object reference attack, where the tester is trying to access a sensitive file by manipulating the 'id' parameter.

upvoted 0 times

...

Elden

5 days ago

Whoa, the tester is definitely trying a directory traversal attack here. That URL looks like it's trying to access the /etc/passwd file on the server, which is a classic move.

upvoted 0 times

...