New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA PT0-003 Exam - Topic 5 Question 5 Discussion

Actual exam question for CompTIA's PT0-003 exam
Question #: 5
Topic #: 5
[All PT0-003 Questions]

During an assessment, a penetration tester obtains a low-privilege shell and then runs the following command:

findstr /SIM /C:"pass" *.txt *.cfg *.xml

Which of the following is the penetration tester trying to enumerate?

Show Suggested Answer Hide Answer
Suggested Answer: D

By running the command findstr /SIM /C:'pass' *.txt *.cfg *.xml, the penetration tester is trying to enumerate secrets.

Command Analysis:

findstr: A command-line utility in Windows used to search for specific strings in files.

/SIM: Combination of options; /S searches for matching files in the current directory and all subdirectories, /I specifies a case-insensitive search, and /M prints only the filenames with matching content.

/C:'pass': Searches for the literal string 'pass'.

***.txt .cfg .xml: Specifies the file types to search within.

Objective:

The command is searching for the string 'pass' within .txt, .cfg, and .xml files, which is indicative of searching for passwords or other sensitive information (secrets).

These file types commonly contain configuration details, credentials, and other sensitive data that might include passwords or secrets.

Other Options:

Configuration files: While .cfg and .xml files can be configuration files, the specific search for 'pass' indicates looking for secrets like passwords.

Permissions: This command does not check or enumerate file permissions.

Virtual hosts: This command is not related to enumerating virtual hosts.

Pentest Reference:

Post-Exploitation: Enumerating sensitive information like passwords is a common post-exploitation activity after gaining initial access.

Credential Discovery: Searching for stored credentials within configuration files and documents to escalate privileges or move laterally within the network.

By running this command, the penetration tester aims to find stored passwords or other secrets that could help in further exploitation of the target system.


by Oliva at Aug 05, 2024, 01:35 PM

Limited Time Offer

25%

Off

Get Premium PT0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Leonor
3 months ago
It's clearly about configuration files, right?
upvoted 0 times
...
Erasmo
3 months ago
Surprised they’re not looking for virtual hosts with that command!
upvoted 0 times
...
Chauncey
3 months ago
I thought it was about permissions at first, but secrets make more sense.
upvoted 0 times
...
Rebeca
4 months ago
Definitely going for secrets, no doubt about it!
upvoted 0 times
...
Salina
4 months ago
Looks like they're searching for secrets in config files.
upvoted 0 times
...
Mollie
4 months ago
I’m confused; I thought it might be about permissions since it’s searching through text files. But now I’m not so sure.
upvoted 0 times
...
Anastacia
4 months ago
I practiced a similar question where we had to identify what kind of data was being searched for. This feels like it's about secrets, so I’d go with D again.
upvoted 0 times
...
Linwood
4 months ago
I'm not entirely sure, but I remember something about configuration files being important too. Could it be A?
upvoted 0 times
...
Tenesha
5 months ago
I think the command is looking for sensitive information, maybe passwords or secrets in those files. So, I would lean towards option D.
upvoted 0 times
...
Cortney
5 months ago
Ah, I see what's going on now. The tester is using a low-privilege shell, so they're likely trying to find any sensitive information or credentials that could help them escalate their privileges. I'd say the answer is D, secrets.
upvoted 0 times
...
Cory
5 months ago
I'm a bit unsure about this one. The command seems to be searching for passwords, but I'm not sure if that means they're looking for permissions, virtual hosts, or something else. I'll have to think this through carefully.
upvoted 0 times
...
Beatriz
5 months ago
Okay, I think the key here is that the command is searching for the word "pass" in various file types. That suggests the tester is trying to enumerate configuration files or other sensitive information.
upvoted 0 times
...
Jesusita
5 months ago
Hmm, this looks like it's trying to find any files containing the word "pass". I'm guessing the penetration tester is looking for secrets or credentials.
upvoted 0 times
...
Lennie
5 months ago
This is a tricky one. I'm not sure if any of the answer choices really capture the "main" advantage. They all seem relevant in different ways. I might need to do some additional research on workflow documentation best practices to feel confident in my answer.
upvoted 0 times
...
Thaddeus
2 years ago
Ah, the good old 'find passwords in config files' trick. Classic move, my dude.
upvoted 0 times
...
Stanford
2 years ago
Hmm, I'm torn between C and D, but I think D is the more likely culprit here. You can't hide your secrets from a determined pen tester!
upvoted 0 times
Annmarie
1 year ago
D) Secrets
upvoted 0 times
...
Stefania
1 year ago
I agree, secrets are usually what pen testers are after.
upvoted 0 times
...
Jaclyn
1 year ago
D) Secrets
upvoted 0 times
...
Kanisha
1 year ago
C) Virtual hosts
upvoted 0 times
...
Clarinda
1 year ago
B) Permissions
upvoted 0 times
...
Sarah
1 year ago
A) Configuration files
upvoted 0 times
...
...
Giuseppe
2 years ago
I agree with Alita, it makes sense to search for passwords in configuration files.
upvoted 0 times
...
Tandra
2 years ago
Gotta love those secret treasures hidden in plain sight. D is the way to go, folks!
upvoted 0 times
...
Gianna
2 years ago
The penetration tester is clearly trying to find passwords or other sensitive information stored in configuration files. That's a classic technique.
upvoted 0 times
Evangelina
2 years ago
D) Secrets
upvoted 0 times
...
Jani
2 years ago
A) Configuration files
upvoted 0 times
...
...
Alita
2 years ago
I believe the penetration tester is looking for passwords in configuration files.
upvoted 0 times
...
Melvin
2 years ago
I think the penetration tester is trying to enumerate secrets.
upvoted 0 times
...

Save Cancel