Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CPEH-001 Exam - Topic 3 Question 107 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 107
Topic #: 3
[All CPEH-001 Questions]

What file system vulnerability does the following command take advantage of?

type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

Show Suggested Answer Hide Answer
Suggested Answer: A

Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, it will clobber the canary, making the overflow evident. This is a reference to the historic practice of using canaries in coal mines, since they would be affected by toxic gases earlier than the miners, thus providing a biological warning system.


by Kristofer at Feb 08, 2025, 10:33 AM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Katheryn
6 months ago
Backdoor access isn't the right term here, it's more about file system tricks.
upvoted 0 times
...
Daron
6 months ago
Wait, can you really do that with calc.exe? Sounds fishy.
upvoted 0 times
...
Brendan
6 months ago
Totally agree, it's all about Alternate Data Streams.
upvoted 0 times
...
Ronna
7 months ago
I thought it was NTFS vulnerabilities?
upvoted 0 times
...
Linn
7 months ago
That's definitely exploiting ADS!
upvoted 0 times
...
Brinda
7 months ago
Backdoor access sounds too broad for this question. I lean towards ADS, but I hope I’m not mixing it up with something else!
upvoted 0 times
...
Yolando
7 months ago
I feel like I've seen this command before in a lecture. It might be exploiting ADS, but I can't recall the specifics.
upvoted 0 times
...
Nickolas
7 months ago
I remember practicing a similar question about file systems, and I think it was about NTFS vulnerabilities. But this one seems different.
upvoted 0 times
...
Toi
8 months ago
I think this command is related to Alternate Data Streams, but I'm not entirely sure if that's the right term.
upvoted 0 times
...
Maryann
8 months ago
I'm a bit confused by this question. The command looks like it's trying to create a file called "calc.exe" in the system32 directory, but I'm not sure how that relates to a file system vulnerability. I'll have to do some more research on this before I can answer it.
upvoted 0 times
...
Ettie
8 months ago
Ah, I know this one! The command is using an NTFS feature called Alternate Data Streams (ADS) to create a hidden file. That's the vulnerability it's taking advantage of. I'm confident that's the right answer.
upvoted 0 times
...
Emelda
8 months ago
Hmm, I'm not sure about this one. The command seems to be doing something with a file called "calc.exe" but I'm not sure how that relates to a file system vulnerability. I'll have to think about this one a bit more.
upvoted 0 times
...
Jess
8 months ago
This looks like a question about file system vulnerabilities. I think the command is trying to take advantage of something related to NTFS, so I'll go with that.
upvoted 0 times
...
Marla
1 year ago
I heard the exam proctors are using this question to secretly recruit for the FBI's cybersecurity team. Better choose wisely, folks!
upvoted 0 times
...
Staci
1 year ago
Backdoor access? Really? That's about as subtle as a bull in a china shop. I'm going with the good old ADS option, that's where the real magic happens.
upvoted 0 times
Emelda
11 months ago
Backdoor access might be too obvious, ADS is more subtle.
upvoted 0 times
...
Paola
11 months ago
I agree, ADS can be quite powerful if used correctly.
upvoted 0 times
...
Jade
11 months ago
Yeah, ADS is definitely a clever way to hide things.
upvoted 0 times
...
Yaeko
12 months ago
I think ADS is the way to go, it's a sneaky one.
upvoted 0 times
...
...
Kaitlyn
1 year ago
Wait, is this one of those 'trick questions' where the answer is actually 'all of the above'? I'm not falling for that again!
upvoted 0 times
Lilli
11 months ago
C) NTFS
upvoted 0 times
...
Marica
11 months ago
B) ADS
upvoted 0 times
...
Coleen
12 months ago
A) HFS
upvoted 0 times
...
...
Leontine
1 year ago
Ah, the old Alternate Data Streams trick! Classic NTFS vulnerability, I'd bet my bottom dollar on that one.
upvoted 0 times
Ivette
12 months ago
NTFS is known for having some tricky vulnerabilities, like this one with Alternate Data Streams.
upvoted 0 times
...
Richelle
12 months ago
I remember reading about this vulnerability before. It's a sneaky way to hide malicious files.
upvoted 0 times
...
Hannah
12 months ago
Yes, you're right! It's definitely taking advantage of Alternate Data Streams in NTFS.
upvoted 0 times
...
...
Sherron
1 year ago
Ooh, this looks like an interesting one! I'm pretty sure it's got something to do with NTFS, but I'll have to think it through a bit more.
upvoted 0 times
Mickie
11 months ago
Interesting, I didn't know NTFS had that vulnerability. Thanks for the info!
upvoted 0 times
...
Detra
11 months ago
You're right! NTFS allows for alternate data streams, which can be used to hide files like in this command.
upvoted 0 times
...
Kara
11 months ago
C) NTFS
upvoted 0 times
...
Rosamond
11 months ago
I think it's ADS, because it's using alternate data streams to hide the malicious file.
upvoted 0 times
...
Franklyn
12 months ago
D) Backdoor access
upvoted 0 times
...
Alana
12 months ago
C) NTFS
upvoted 0 times
...
Kathrine
1 year ago
B) ADS
upvoted 0 times
...
Celeste
1 year ago
A) HFS
upvoted 0 times
...
...
Toshia
1 year ago
I believe the vulnerability being exploited here is related to NTFS, which supports ADS.
upvoted 0 times
...
Barb
1 year ago
Yes, I agree. ADS stands for Alternate Data Streams and can be used to hide malicious files.
upvoted 0 times
...
Lindsay
1 year ago
I think the command is taking advantage of ADS.
upvoted 0 times
...

Save Cancel