Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam PT0-003 Topic 2 Question 21 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 21
Topic #: 2
[All PT0-003 Questions]

A penetration tester is trying to get unauthorized access to a web application and executes the following command:

GET /foo/images/file?id=2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

Which of the following web application attacks is the tester performing?

Show Suggested Answer Hide Answer
Suggested Answer: C

The attacker is attempting to access restricted files by navigating directories beyond their intended scope.

Directory Traversal (Option C):

The request uses encoded '../' sequences (%2e%2e%2f = ../) to move up directories and access /etc/passwd.

This is a classic directory traversal attack aimed at accessing system files.


Incorrect options:

Option A (Insecure Direct Object Reference - IDOR): IDOR exploits direct access to objects (e.g., changing user_id=123 to user_id=456), not directory navigation.

Option B (CSRF): CSRF forces users to execute unwanted actions, unrelated to directory access.

by Devorah at Mar 22, 2025, 06:34 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Veronika
5 days ago
Well, this is clearly a directory traversal attempt. The tester is trying to access a sensitive file by using the '../' syntax to move up the directory tree. Not a very subtle approach, but hey, sometimes the direct route works!
upvoted 0 times
...
Ciara
8 days ago
Haha, this tester is just messing around, trying to see what they can get away with. I bet they're hoping for some juicy information in that /etc/passwd file!
upvoted 0 times
...
Ceola
12 days ago
I think this is a local file inclusion attack. The tester is trying to include a local file on the server, which could lead to unauthorized access or even remote code execution.
upvoted 0 times
...
Laurena
16 days ago
Hmm, I'm not so sure. It could also be an insecure direct object reference attack, where the tester is trying to access a sensitive file by manipulating the 'id' parameter.
upvoted 0 times
...
Elden
17 days ago
Whoa, the tester is definitely trying a directory traversal attack here. That URL looks like it's trying to access the /etc/passwd file on the server, which is a classic move.
upvoted 0 times
...
Nobuko
17 days ago
I think it's important for the tester to report this vulnerability to the web application owner for proper mitigation.
upvoted 0 times
...
Gracia
18 days ago
I believe it could also be a Local File Inclusion attack, as the command includes the /etc/passwd file.
upvoted 0 times
...
Martha
23 days ago
I agree with Kristeen, the command looks like it's trying to access files outside the intended directory.
upvoted 0 times
...
Kristeen
24 days ago
I think the penetration tester is performing a Directory Traversal attack.
upvoted 0 times
...

Save Cancel