Skip to Content

CompTIA PT0-002: What Type of Attack is Attempted with the URI “http://test.comptia.com/../../../../etc/shadow”?

By: Author Alex Lim

Posted on  - Last updated:

Categories Exam

Learn about the attack technique used when a penetration tester enters the URI “http://test.comptia.com/../../../../etc/shadow” during a web application security test. Discover how this specific URI pattern can potentially expose sensitive system files and compromise the application’s security.

Table of Contents

Question

While conducting a penetration test of a web application, the penetration tester enters the following URI:

http://test.comptia.com/../../../../etc/shadow

Which of the following attacks is the tester attempting?

A. XML injection
B. SQL injection
C. Directory traversal
D. Buffer overflow

Answer

C. Directory traversal

Explanation

When the penetration tester enters the URI “http://test.comptia.com/../../../../etc/shadow”, they are attempting a directory traversal attack, also known as a path traversal attack.

Directory traversal attacks exploit insufficient input validation and sanitization in web applications. The attacker manipulates the URL by using special characters, such as “../” (dot-dot-slash), to navigate outside the intended web directory and access sensitive files or directories on the server’s file system.

In this specific example, the tester is using multiple “../” sequences to traverse from the web application’s directory to the root directory of the server, and then attempting to access the “/etc/shadow” file. The “/etc/shadow” file is a sensitive system file on Unix-based systems that stores hashed user passwords and is typically restricted from public access.

If the web application does not properly validate and sanitize the user-supplied input in the URL, it may allow the attacker to access files outside the intended scope, potentially leading to unauthorized access to sensitive information or system files.

The other options mentioned are different types of attacks:

  • A. XML injection targets vulnerabilities in XML parsers and attempts to inject malicious XML content.
  • B. SQL injection exploits vulnerabilities in database queries to manipulate the database and extract sensitive information.
  • D. Buffer overflow attacks attempt to write data beyond the allocated memory buffer, potentially allowing arbitrary code execution.

In summary, the penetration tester is attempting a directory traversal attack by manipulating the URI to access the sensitive “/etc/shadow” file, which is typically restricted and outside the intended web application directory.

CompTIA PT0-002 certification exam assessment practice question and answer (Q&A) dump including multiple choice questions (MCQ) and objective type questions, with detail explanation and reference available free, helpful to pass the CompTIA PT0-002 exam and earn CompTIA PT0-002 certification.