Eccouncil Exam 312-39 Topic 7 Question 72 Discussion

Actual exam question for Eccouncil's 312-39 exam

Question #: 72
Topic #: 7

Identify the attack when an attacker by several trial and error can read the contents of a password file present in the restricted etc folder just by manipulating the URL in the browser as shown:

http://www.terabytes.com/process.php./../../../../etc/passwd

ADirectory Traversal Attack

BSQL Injection Attack

CDenial-of-Service Attack

DForm Tampering Attack

Show Suggested Answer

Suggested Answer: A

by Becky at Aug 10, 2023, 05:04 PM

Limited Time Offer

25%

Off

Get Premium 312-39 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Cortney

3 months ago

Wait, wait, wait... Is the attacker trying to find the password to the vending machine in the break room? Clearly a Form Tampering Attack!

upvoted 0 times

Aron

1 months ago

Exactly, by manipulating the URL to access sensitive files like password files.

upvoted 0 times

...

Linwood

1 months ago

Oh, I see. So the attacker is trying to access files outside of the web root directory.

upvoted 0 times

...

Aliza

1 months ago

No, it's actually a Directory Traversal Attack.

upvoted 0 times

...

Clarence

3 months ago

Haha, Denial-of-Service Attack? Really? That's like using a bazooka to swat a fly. This is clearly a Directory Traversal Attack.

upvoted 0 times

Earleen

2 months ago

B) SQL Injection Attack

upvoted 0 times

...

Annmarie

2 months ago

I agree, it's definitely a Directory Traversal Attack.

upvoted 0 times

...

Natalya

2 months ago

A) Directory Traversal Attack

upvoted 0 times

...

Rosio

3 months ago

Come on, this is way too obvious. It's definitely a Directory Traversal Attack. The attacker is just climbing up the directory tree to reach the sensitive /etc/passwd file.

upvoted 0 times