New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA PT0-003 Exam - Topic 2 Question 21 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 21
Topic #: 2
[All PT0-003 Questions]

A penetration tester is trying to get unauthorized access to a web application and executes the following command:

GET /foo/images/file?id=2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e%2fetc%2fpasswd

Which of the following web application attacks is the tester performing?

Show Suggested Answer Hide Answer
Suggested Answer: C

The attacker is attempting to access restricted files by navigating directories beyond their intended scope.

Directory Traversal (Option C):

The request uses encoded '../' sequences (%2e%2e%2f = ../) to move up directories and access /etc/passwd.

This is a classic directory traversal attack aimed at accessing system files.


Incorrect options:

Option A (Insecure Direct Object Reference - IDOR): IDOR exploits direct access to objects (e.g., changing user_id=123 to user_id=456), not directory navigation.

Option B (CSRF): CSRF forces users to execute unwanted actions, unrelated to directory access.

by Devorah at Mar 22, 2025, 06:34 AM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tarra
2 months ago
This seems a bit too straightforward, are we missing something?
upvoted 0 times
...
Hannah
2 months ago
Totally agree, it's about accessing restricted files!
upvoted 0 times
...
Lenna
3 months ago
Wait, are we sure it's not Insecure Direct Object Reference?
upvoted 0 times
...
Laquanda
3 months ago
I thought it was Local File Inclusion at first.
upvoted 0 times
...
Alesia
3 months ago
That's definitely a Directory Traversal attack.
upvoted 0 times
...
An
3 months ago
I’m a bit confused; could it also be Insecure Direct Object Reference? But the path traversal seems more likely to me.
upvoted 0 times
...
Georgeanna
4 months ago
I remember practicing similar questions, and I think Directory Traversal fits best here since it’s manipulating the file path.
upvoted 0 times
...
Mignon
4 months ago
I'm not entirely sure, but it seems like it could also be Local File Inclusion because it's trying to include a file from the server.
upvoted 0 times
...
Tyisha
4 months ago
I think this might be related to Directory Traversal since the command is trying to access files outside the intended directory.
upvoted 0 times
...
Harrison
4 months ago
I think this is a directory traversal attack, but I'm not 100% certain. The URL is trying to access a sensitive file, so that's a good indicator. I'll make sure to review the other answer choices before submitting my final answer.
upvoted 0 times
...
Brendan
4 months ago
Okay, so the tester is trying to access a file outside of the web application's root directory. That sounds like a directory traversal attack to me. I'm pretty sure this is the right answer, but I'll double-check the other options just to be sure.
upvoted 0 times
...
Truman
5 months ago
Hmm, I'm not sure about this one. The URL looks a bit strange, but I'm not sure if it's a directory traversal or something else. I'll have to think this through carefully.
upvoted 0 times
...
Cecil
5 months ago
This looks like a classic directory traversal attack. The URL is trying to access the /etc/passwd file, which is a sensitive system file. I'm pretty confident this is the right answer.
upvoted 0 times
...
Veronika
11 months ago
Well, this is clearly a directory traversal attempt. The tester is trying to access a sensitive file by using the '../' syntax to move up the directory tree. Not a very subtle approach, but hey, sometimes the direct route works!
upvoted 0 times
Mose
10 months ago
Directory Traversal
upvoted 0 times
...
Matt
10 months ago
Cross-Site Scripting
upvoted 0 times
...
Ettie
10 months ago
SQL Injection
upvoted 0 times
...
...
Ciara
11 months ago
Haha, this tester is just messing around, trying to see what they can get away with. I bet they're hoping for some juicy information in that /etc/passwd file!
upvoted 0 times
Kaycee
9 months ago
Cross-site Request Forgery (CSRF)
upvoted 0 times
...
Yuki
9 months ago
Directory Traversal
upvoted 0 times
...
Denae
10 months ago
Cross-site Scripting (XSS)
upvoted 0 times
...
Salley
10 months ago
SQL Injection
upvoted 0 times
...
...
Ceola
11 months ago
I think this is a local file inclusion attack. The tester is trying to include a local file on the server, which could lead to unauthorized access or even remote code execution.
upvoted 0 times
...
Laurena
11 months ago
Hmm, I'm not so sure. It could also be an insecure direct object reference attack, where the tester is trying to access a sensitive file by manipulating the 'id' parameter.
upvoted 0 times
...
Elden
11 months ago
Whoa, the tester is definitely trying a directory traversal attack here. That URL looks like it's trying to access the /etc/passwd file on the server, which is a classic move.
upvoted 0 times
Latonia
10 months ago
The web application should have proper input validation to prevent these types of attacks. It's important to always be vigilant against security threats.
upvoted 0 times
...
Jamal
10 months ago
It's a common tactic to try to access the /etc/passwd file to gather information about the server and its users.
upvoted 0 times
...
Samuel
10 months ago
That's right, it's a directory traversal attack. The tester is trying to move up multiple directories to access sensitive files.
upvoted 0 times
...
...
Nobuko
11 months ago
I think it's important for the tester to report this vulnerability to the web application owner for proper mitigation.
upvoted 0 times
...
Gracia
11 months ago
I believe it could also be a Local File Inclusion attack, as the command includes the /etc/passwd file.
upvoted 0 times
...
Martha
11 months ago
I agree with Kristeen, the command looks like it's trying to access files outside the intended directory.
upvoted 0 times
...
Kristeen
11 months ago
I think the penetration tester is performing a Directory Traversal attack.
upvoted 0 times
...

Save Cancel