A penetration tester has discovered through automated scanning that a Tomcat server allows for the use of default credentials. Using default credentials, the tester is able to upload WAR files to the server. Which of the following is the MOST likely post-exploitation step?

Questions › Category: PT0-001 › A penetration tester has discovered through automated scanning that a Tomcat server allows for the use of default credentials. Using default credentials, the tester is able to upload WAR files to the server. Which of the following is the MOST likely post-exploitation step?

0 Vote Up Vote Down

Admin Staff asked 6 months ago

A penetration tester has discovered through automated scanning that a Tomcat server allows for the use of default credentials. Using default credentials, the tester is able to upload WAR files to the server. Which of the following is the MOST likely post-exploitation step?

A. Upload a customized /etc/shadow file.

B. Monitor network traffic

C. Connect via SSH using default credentials.

D. Install web shell on the server.








 

Suggested Answer: D

Community Answer: D

Reference:
https://pentestlab.blog/2012/03/22/apache-tomcat-exploitation/

This question is in PT0-001 CompTIA PenTest+ Exam
For getting CompTIA PenTest+ Certificate



Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.

A penetration tester has discovered through automated scanning that a Tomcat server allows for the use of default credentials. Using default credentials, the tester is able to upload WAR files to the server. Which of the following is the MOST likely post-exploitation step?

An administrator accidentally deleted the /boot/vmlinuz file and must resolve the issue before the server is rebooted. Which of the following commands should the administrator use to identify the correct version of this file?

Which of the following can be used to perform online password attacks against RDP?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

A penetration tester has discovered through automated scanning that a Tomcat server allows for the use of default credentials. Using default credentials, the tester is able to upload WAR files to the server. Which of the following is the MOST likely post-exploitation step?

An administrator accidentally deleted the /boot/vmlinuz file and must resolve the issue before the server is rebooted. Which of the following commands should the administrator use to identify the correct version of this file?

Which of the following can be used to perform online password attacks against RDP?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password