Review Questions
You can find the answers in the Appendix.
-
Scott wants to crawl his penetration testing target’s website and then build a wordlist using the data he recovers to help with his password cracking efforts. Which of the following tools should he use?
- DirBuster
- CeWL
- OLLY
- Grep-o-matic
-
Michelle wants to attack the underlying hypervisor for a virtual machine. What type of attack is most likely to be successful?
- Container escape
- Compromise the administrative interface
- Hypervisor DoS
- VM escape
-
Jacob runs ls -l on a file and sees the following listing. What does he know about chsh?
-rwsr-xr-x 1 root root 40432 Sep 27 2017 chsh
- It can be used for privilege escalation.
- It allows a reverse shell.
- It is a SUID executable.
- None of the above.
-
Chris wants to acquire a copy of the Windows SAM database from a system that he has compromised and is running the Metasploit Meterpreter on. What Mimikatz command will allow him to do this?
- meterpreter> mimikatz_command...