Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

CompTIA Exam PT0-003 Topic 5 Question 22 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 22
Topic #: 5
[All PT0-003 Questions]

A penetration tester completes a scan and sees the following output on a host:

bash

Copy code

Nmap scan report for victim (10.10.10.10)

Host is up (0.0001s latency)

PORT STATE SERVICE

161/udp open|filtered snmp

445/tcp open microsoft-ds

3389/tcp open microsoft-ds

Running Microsoft Windows 7

OS CPE: cpe:/o:microsoft:windows_7_sp0

The tester wants to obtain shell access. Which of the following related exploits should the tester try first?

Show Suggested Answer Hide Answer
Suggested Answer: C

The ms17_010_eternalblue exploit is the most appropriate choice based on the scenario.

Why MS17-010 EternalBlue?

EternalBlue is a critical vulnerability in SMBv1 (port 445) affecting older versions of Windows, including Windows 7.

The exploit can be used to execute arbitrary code remotely, providing shell access to the target system.

Other Options:

A (psexec): This exploit is a post-exploitation tool that requires valid credentials to execute commands remotely.

B (ms08_067_netapi): A vulnerability targeting older Windows systems (e.g., Windows XP). It is unlikely to work on Windows 7.

D (snmp_login): This is an auxiliary module for enumerating SNMP, not gaining shell access.

CompTIA Pentest+ Reference:

Domain 2.0 (Information Gathering and Vulnerability Identification)

Domain 3.0 (Attacks and Exploits)


by Jess at Apr 09, 2025, 11:31 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Catalina
21 days ago
I'd say C, but only if the tester has a time machine to go back to 2017. These days, you gotta stay on top of the latest vulnerabilities, am I right?
upvoted 0 times
Misty
1 days ago
B: Yeah, that could work. It's worth a shot.
upvoted 0 times
...
Velda
6 days ago
A: Maybe try the EternalBlue exploit for the Windows 7 machine.
upvoted 0 times
...
...
Marguerita
1 months ago
Haha, I bet the tester could try all of them and still end up with a blue screen of death. Windows 7 is like a piñata - just keep swinging until something breaks!
upvoted 0 times
...
Moon
1 months ago
D all the way! Why bother with those complicated SMB exploits when you can just brute-force the SNMP service and get access that way?
upvoted 0 times
Erinn
1 days ago
User1: Yeah, D sounds like the easiest way to go.
upvoted 0 times
...
...
Serina
1 months ago
B seems like the safer bet here. MS08-067 is a well-known vulnerability that's been around for ages, so it's more likely to work.
upvoted 0 times
Fausto
6 days ago
A: Let's give it a try and see if we can get in using that exploit.
upvoted 0 times
...
Ardella
12 days ago
B: Yeah, it's a reliable choice for gaining shell access on Windows systems.
upvoted 0 times
...
Kate
25 days ago
A: I agree, MS08-067 is a classic exploit that often works.
upvoted 0 times
...
...
Emeline
1 months ago
I'm not sure, but I think psexec could also be a good option to try for shell access.
upvoted 0 times
...
Shayne
2 months ago
I agree with Derick. EternalBlue is a known exploit for Windows systems.
upvoted 0 times
...
Derick
2 months ago
I think the tester should try exploit/windows/smb/ms17_010_eternalblue first.
upvoted 0 times
...
Trina
2 months ago
I'd go with C. The EternalBlue exploit is a classic and often works like a charm on Windows 7 machines.
upvoted 0 times
Isidra
5 days ago
B: I'll give it a try then, thanks for the tip!
upvoted 0 times
...
Marya
7 days ago
A: Yes, it's been quite effective in my experience.
upvoted 0 times
...
An
9 days ago
B: Have you used it before?
upvoted 0 times
...
Corrina
27 days ago
Yes, it's definitely worth a try to gain shell access.
upvoted 0 times
...
Deeanna
28 days ago
I agree, EternalBlue is a powerful exploit for Windows 7.
upvoted 0 times
...
Stephania
1 months ago
A: I agree, EternalBlue is a powerful exploit for Windows 7.
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77