Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Eccouncil Exam 312-39 Topic 7 Question 72 Discussion

Actual exam question for Eccouncil's 312-39 exam
Question #: 72
Topic #: 7
[All 312-39 Questions]

Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown:

http://www.terabytes.com/process.php./../../../../etc/passwd

Show Suggested Answer Hide Answer
Suggested Answer: A


by Becky at Aug 10, 2023, 05:04 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Cortney
1 months ago
Wait, wait, wait... Is the attacker trying to find the password to the vending machine in the break room? Clearly a Form Tampering Attack!
upvoted 0 times
Aliza
6 days ago
No, it's actually a Directory Traversal Attack.
upvoted 0 times
...
...
Clarence
1 months ago
Haha, Denial-of-Service Attack? Really? That's like using a bazooka to swat a fly. This is clearly a Directory Traversal Attack.
upvoted 0 times
Earleen
7 days ago
B) SQL Injection Attack
upvoted 0 times
...
Annmarie
19 days ago
I agree, it's definitely a Directory Traversal Attack.
upvoted 0 times
...
Natalya
29 days ago
A) Directory Traversal Attack
upvoted 0 times
...
...
Rosio
2 months ago
Come on, this is way too obvious. It's definitely a Directory Traversal Attack. The attacker is just climbing up the directory tree to reach the sensitive /etc/passwd file.
upvoted 0 times
Mitzie
I agree, it's a Directory Traversal Attack.
upvoted 0 times
...
Valentin
6 days ago
It's important to secure file paths to prevent such attacks.
upvoted 0 times
...
Valentin
10 days ago
Yeah, the attacker is exploiting the vulnerability to access the password file.
upvoted 0 times
...
Valentin
18 days ago
I agree, it's a Directory Traversal Attack.
upvoted 0 times
...
...
Deeanna
2 months ago
Hmm, I'm not sure. Could it be a SQL Injection Attack? Manipulating the URL to access the password file seems like a database-related issue.
upvoted 0 times
...
Shaun
2 months ago
I think this is clearly a Directory Traversal Attack. The URL manipulation allows the attacker to access restricted files outside the web root.
upvoted 0 times
...
Ceola
2 months ago
I agree with both of you, it's definitely a Directory Traversal Attack.
upvoted 0 times
...
Una
2 months ago
I think it's A too, because the URL manipulation allows the attacker to access files outside the web root directory.
upvoted 0 times
...
Cyndy
2 months ago
A) Directory Traversal Attack
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77