ExamGecko
Search Search Login
Home Home / CompTIA / PT0-003
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

A penetration tester needs to evaluate the order in which the next systems will be selected for testing. Given the following output: Hostname | IP address | CVSS 2.0 | EPSS hrdatabase | 192.168.20.55 | 9.9 | 0.50 financesite | 192.168.15.99 | 8.0 | 0.01 legaldatabase | 192.168.10.2 | 8.2 | 0.60 fileserver | 192.168.125.7 | 7.6 | 0.90 Which of the following targets should the tester select next?
During a security assessment, a penetration tester needs to exploit a vulnerability in a wireless network's authentication mechanism to gain unauthorized access to the network. Which of the following attacks would the tester most likely perform to gain access?
A penetration tester gains initial access to a target system by exploiting a recent RCE vulnerability. The patch for the vulnerability will be deployed at the end of the week. Which of the following utilities would allow the tester to reenter the system remotely after the patch has been deployed? (Select two).
During a security audit, a penetration tester wants to run a process to gather information about a target network's domain structure and associated IP addresses. Which of the following tools should the tester use?
During a penetration test, a junior tester uses Hunter.io for an assessment and plans to review the information that will be collected. Which of the following describes the information the junior tester will receive from the Hunter.io tool?
A penetration tester needs to collect information over the network for further steps in an internal assessment. Which of the following would most likely accomplish this goal?
A penetration tester presents the following findings to stakeholders: Control | Number of findings | Risk | Notes Encryption | 1 | Low | Weak algorithm noted Patching | 8 | Medium | Unsupported systems System hardening | 2 | Low | Baseline drift observed Secure SDLC | 10 | High | Libraries have vulnerabilities Password policy | 0 | Low | No exceptions noted Based on the findings, which of the following recommendations should the tester make? (Select two).
Which of the following describes the process of determining why a vulnerability scanner is not providing results?
Which of the following tasks would ensure the key outputs from a penetration test are not lost as part of the cleanup and restoration activities?
A penetration tester assesses a complex web application and wants to explore potential security weaknesses by searching for subdomains that might have existed in the past. Which of the following tools should the penetration tester use?

Question 20 - PT0-003 discussion

Report
Export

In a file stored in an unprotected source code repository, a penetration tester discovers the following line of code:

<a target='_blank' href='mailto:[email protected]'>sshpass -p donotchange ssh [email protected]</a>

Which of the following should the tester attempt to do next to take advantage of this information? (Select two).

A.
Use Nmap to identify all the SSH systems active on the network.
Answers
A.
Use Nmap to identify all the SSH systems active on the network.
B.
Take a screen capture of the source code repository for documentation purposes.
Answers
B.
Take a screen capture of the source code repository for documentation purposes.
C.
Investigate to find whether other files containing embedded passwords are in the code repository.
Answers
C.
Investigate to find whether other files containing embedded passwords are in the code repository.
D.
Confirm whether the server 192.168.6.14 is up by sending ICMP probes.
Answers
D.
Confirm whether the server 192.168.6.14 is up by sending ICMP probes.
E.
Run a password-spraying attack with Hydra against all the SSH servers.
Answers
E.
Run a password-spraying attack with Hydra against all the SSH servers.
F.
Use an external exploit through Metasploit to compromise host 192.168.6.14.
Answers
F.
Use an external exploit through Metasploit to compromise host 192.168.6.14.
Suggested answer: B, C

Explanation:

When a penetration tester discovers hard-coded credentials in a file within an unprotected source code repository, the next steps should focus on documentation and further investigation to identify additional security issues.

Taking a Screen Capture (Option B):

Documentation: It is essential to document the finding for the final report. A screen capture provides concrete evidence of the discovered hard-coded credentials.

Audit Trail: This ensures that there is a record of the vulnerability and can be used to communicate the issue to stakeholders, such as the development team or the client.

Investigating for Other Embedded Passwords (Option C):

Thorough Search: Finding one hard-coded password suggests there might be others. A thorough investigation can reveal additional credentials, which could further compromise the security of the system.

Automation Tools: Tools like truffleHog, git-secrets, and grep can be used to scan the repository for other instances of hard-coded secrets.

Pentest

Reference:

Initial Discovery: Discovering hard-coded credentials often occurs during source code review or automated scanning of repositories.

Documentation: Keeping detailed records of all findings is a critical part of the penetration testing process. This ensures that all discovered vulnerabilities are reported accurately and comprehensively.

Further Investigation: After finding a hard-coded credential, it is best practice to look for other security issues within the same repository. This might include other credentials, API keys, or sensitive information.

Steps to Perform:

Take a Screen Capture:

Use a screenshot tool to capture the evidence of the hard-coded credentials. Ensure the capture includes the context, such as the file path and relevant code lines.

Investigate Further:

Use tools and manual inspection to search for other embedded passwords.

Commands such as grep can be helpful:

grep -r 'password' /path/to/repository

Tools like truffleHog can search for high entropy strings indicative of secrets:

trufflehog --regex --entropy=True /path/to/repository

By documenting the finding and investigating further, the penetration tester ensures a comprehensive assessment of the repository, identifying and mitigating potential security risks effectively.

Show Answer
asked 02/10/2024
Jeff Silverman
34 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms