Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

CompTIA Exam PT0-003 Topic 5 Question 5 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 5
Topic #: 5
[All PT0-003 Questions]

During an assessment, a penetration tester obtains a low-privilege shell and then runs the following command:

findstr /SIM /C:"pass" *.txt *.cfg *.xml

Which of the following is the penetration tester trying to enumerate?

Show Suggested Answer Hide Answer
Suggested Answer: D

By running the command findstr /SIM /C:'pass' *.txt *.cfg *.xml, the penetration tester is trying to enumerate secrets.

Command Analysis:

findstr: A command-line utility in Windows used to search for specific strings in files.

/SIM: Combination of options; /S searches for matching files in the current directory and all subdirectories, /I specifies a case-insensitive search, and /M prints only the filenames with matching content.

/C:'pass': Searches for the literal string 'pass'.

***.txt .cfg .xml: Specifies the file types to search within.

Objective:

The command is searching for the string 'pass' within .txt, .cfg, and .xml files, which is indicative of searching for passwords or other sensitive information (secrets).

These file types commonly contain configuration details, credentials, and other sensitive data that might include passwords or secrets.

Other Options:

Configuration files: While .cfg and .xml files can be configuration files, the specific search for 'pass' indicates looking for secrets like passwords.

Permissions: This command does not check or enumerate file permissions.

Virtual hosts: This command is not related to enumerating virtual hosts.

Pentest Reference:

Post-Exploitation: Enumerating sensitive information like passwords is a common post-exploitation activity after gaining initial access.

Credential Discovery: Searching for stored credentials within configuration files and documents to escalate privileges or move laterally within the network.

By running this command, the penetration tester aims to find stored passwords or other secrets that could help in further exploitation of the target system.


Contribute your Thoughts:

Thaddeus
4 months ago
Ah, the good old 'find passwords in config files' trick. Classic move, my dude.
upvoted 0 times
...
Stanford
4 months ago
Hmm, I'm torn between C and D, but I think D is the more likely culprit here. You can't hide your secrets from a determined pen tester!
upvoted 0 times
Annmarie
2 months ago
D) Secrets
upvoted 0 times
...
Stefania
2 months ago
I agree, secrets are usually what pen testers are after.
upvoted 0 times
...
Jaclyn
2 months ago
D) Secrets
upvoted 0 times
...
Kanisha
2 months ago
C) Virtual hosts
upvoted 0 times
...
Clarinda
2 months ago
B) Permissions
upvoted 0 times
...
Sarah
3 months ago
A) Configuration files
upvoted 0 times
...
...
Giuseppe
4 months ago
I agree with Alita, it makes sense to search for passwords in configuration files.
upvoted 0 times
...
Tandra
4 months ago
Gotta love those secret treasures hidden in plain sight. D is the way to go, folks!
upvoted 0 times
...
Gianna
4 months ago
The penetration tester is clearly trying to find passwords or other sensitive information stored in configuration files. That's a classic technique.
upvoted 0 times
Evangelina
3 months ago
D) Secrets
upvoted 0 times
...
Jani
4 months ago
A) Configuration files
upvoted 0 times
...
...
Alita
4 months ago
I believe the penetration tester is looking for passwords in configuration files.
upvoted 0 times
...
Melvin
4 months ago
I think the penetration tester is trying to enumerate secrets.
upvoted 0 times
...

Save Cancel