Someone in the field of forensic investigation is looking at an Apache access log. They're searching for any evidence of a command injection attack. During this process, they find a log entry where the IP address "10.0.0.8" placed a GET request using the command ip=127.0.0.1;ls+/var/www/html. Judging by this data, what might be the individual’s objective behind this attack?

A. The individual behind the attack is attempting a brute-force attack on the host server

B. The individual behind the attack is working towards replacing the target file on the host server

C. The individual behind the attack aims to see what's inside the /var/www/html directory of the host server

D. The individual behind the attack is working to put an XML external entity into the web application








 

Suggested Answer: C





This question is in 312-49V10 EC-Council Computer Hacking Forensic Investigator (CHFI) v10 Exam
For getting EC-Council Computer Hacking Forensic Investigator (CHFI) Certificate







Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council. 
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exams.