New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CPEH-001 Exam - Topic 3 Question 107 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 107
Topic #: 3
[All CPEH-001 Questions]

What file system vulnerability does the following command take advantage of?

type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

Show Suggested Answer Hide Answer
Suggested Answer: A

Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, it will clobber the canary, making the overflow evident. This is a reference to the historic practice of using canaries in coal mines, since they would be affected by toxic gases earlier than the miners, thus providing a biological warning system.


by Kristofer at Feb 08, 2025, 10:33 AM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Katheryn
3 months ago
Backdoor access isn't the right term here, it's more about file system tricks.
upvoted 0 times
...
Daron
3 months ago
Wait, can you really do that with calc.exe? Sounds fishy.
upvoted 0 times
...
Brendan
3 months ago
Totally agree, it's all about Alternate Data Streams.
upvoted 0 times
...
Ronna
4 months ago
I thought it was NTFS vulnerabilities?
upvoted 0 times
...
Linn
4 months ago
That's definitely exploiting ADS!
upvoted 0 times
...
Brinda
4 months ago
Backdoor access sounds too broad for this question. I lean towards ADS, but I hope I’m not mixing it up with something else!
upvoted 0 times
...
Yolando
4 months ago
I feel like I've seen this command before in a lecture. It might be exploiting ADS, but I can't recall the specifics.
upvoted 0 times
...
Nickolas
4 months ago
I remember practicing a similar question about file systems, and I think it was about NTFS vulnerabilities. But this one seems different.
upvoted 0 times
...
Toi
5 months ago
I think this command is related to Alternate Data Streams, but I'm not entirely sure if that's the right term.
upvoted 0 times
...
Maryann
5 months ago
I'm a bit confused by this question. The command looks like it's trying to create a file called "calc.exe" in the system32 directory, but I'm not sure how that relates to a file system vulnerability. I'll have to do some more research on this before I can answer it.
upvoted 0 times
...
Ettie
5 months ago
Ah, I know this one! The command is using an NTFS feature called Alternate Data Streams (ADS) to create a hidden file. That's the vulnerability it's taking advantage of. I'm confident that's the right answer.
upvoted 0 times
...
Emelda
5 months ago
Hmm, I'm not sure about this one. The command seems to be doing something with a file called "calc.exe" but I'm not sure how that relates to a file system vulnerability. I'll have to think about this one a bit more.
upvoted 0 times
...
Jess
5 months ago
This looks like a question about file system vulnerabilities. I think the command is trying to take advantage of something related to NTFS, so I'll go with that.
upvoted 0 times
...
Marla
9 months ago
I heard the exam proctors are using this question to secretly recruit for the FBI's cybersecurity team. Better choose wisely, folks!
upvoted 0 times
...
Staci
9 months ago
Backdoor access? Really? That's about as subtle as a bull in a china shop. I'm going with the good old ADS option, that's where the real magic happens.
upvoted 0 times
Emelda
8 months ago
Backdoor access might be too obvious, ADS is more subtle.
upvoted 0 times
...
Paola
8 months ago
I agree, ADS can be quite powerful if used correctly.
upvoted 0 times
...
Jade
8 months ago
Yeah, ADS is definitely a clever way to hide things.
upvoted 0 times
...
Yaeko
9 months ago
I think ADS is the way to go, it's a sneaky one.
upvoted 0 times
...
...
Kaitlyn
9 months ago
Wait, is this one of those 'trick questions' where the answer is actually 'all of the above'? I'm not falling for that again!
upvoted 0 times
Lilli
8 months ago
C) NTFS
upvoted 0 times
...
Marica
8 months ago
B) ADS
upvoted 0 times
...
Coleen
9 months ago
A) HFS
upvoted 0 times
...
...
Leontine
10 months ago
Ah, the old Alternate Data Streams trick! Classic NTFS vulnerability, I'd bet my bottom dollar on that one.
upvoted 0 times
Ivette
9 months ago
NTFS is known for having some tricky vulnerabilities, like this one with Alternate Data Streams.
upvoted 0 times
...
Richelle
9 months ago
I remember reading about this vulnerability before. It's a sneaky way to hide malicious files.
upvoted 0 times
...
Hannah
9 months ago
Yes, you're right! It's definitely taking advantage of Alternate Data Streams in NTFS.
upvoted 0 times
...
...
Sherron
10 months ago
Ooh, this looks like an interesting one! I'm pretty sure it's got something to do with NTFS, but I'll have to think it through a bit more.
upvoted 0 times
Mickie
8 months ago
Interesting, I didn't know NTFS had that vulnerability. Thanks for the info!
upvoted 0 times
...
Detra
8 months ago
You're right! NTFS allows for alternate data streams, which can be used to hide files like in this command.
upvoted 0 times
...
Kara
8 months ago
C) NTFS
upvoted 0 times
...
Rosamond
8 months ago
I think it's ADS, because it's using alternate data streams to hide the malicious file.
upvoted 0 times
...
Franklyn
9 months ago
D) Backdoor access
upvoted 0 times
...
Alana
9 months ago
C) NTFS
upvoted 0 times
...
Kathrine
9 months ago
B) ADS
upvoted 0 times
...
Celeste
10 months ago
A) HFS
upvoted 0 times
...
...
Toshia
10 months ago
I believe the vulnerability being exploited here is related to NTFS, which supports ADS.
upvoted 0 times
...
Barb
11 months ago
Yes, I agree. ADS stands for Alternate Data Streams and can be used to hide malicious files.
upvoted 0 times
...
Lindsay
11 months ago
I think the command is taking advantage of ADS.
upvoted 0 times
...

Save Cancel