Bash, the Crucial Exams Chat Bot
AI Bot
Exploitation Techniques and Payloads Flashcards
CompTIA PenTest+ PT0-002 Flashcards
Study our Exploitation Techniques and Payloads flashcards for the CompTIA PenTest+ PT0-002 exam with 15+ flashcards. View as flashcards, a searchable table, or as a fun matching game.
| Front | Back |
| Define reflected cross-site scripting (XSS). | Reflected XSS occurs when user-supplied input is immediately returned by a web server without proper sanitization, leading to script execution in victims’ browsers |
| Describe one method to bypass Data Execution Prevention (DEP). | DEP can be bypassed using ROP techniques to mark pages as executable or by calling VirtualProtect to change memory protections |
| Describe the basic structure of a return-to-libc attack. | A return-to-libc attack hijacks control flow by overwriting return addresses to call existing libc functions like system() with attacker-controlled arguments |
| Explain the concept of Return-Oriented Programming (ROP). | ROP chains together existing small code snippets (gadgets) ending in return instructions to perform arbitrary operations without injecting new code |
| Give an example XSS payload to test for script injection. | <script>alert(document.cookie)</script> |
| How can environment variables be used to escalate privileges? | Attackers can manipulate environment variables like LD_PRELOAD or PATH to load malicious libraries or executables with elevated permissions |
| How does a blind SQL injection differ from traditional SQL injection? | Blind SQL injection provides no direct error or data output, forcing attackers to infer data via true/false responses or time-based delays |
| Name two common Windows privilege escalation vectors. | Unquoted service paths and weak service permissions are frequent vectors for Windows local privilege escalation |
| Provide a simple UNION-based SQL injection payload. | '+ UNION SELECT username, password FROM users-- |
| What is a buffer overflow and how does it enable code execution? | A buffer overflow occurs when input exceeds a program’s buffer capacity, overwriting adjacent memory and allowing an attacker to inject and execute malicious code |
| What is a staged payload in exploitation frameworks? | A staged payload splits the attack into a small initial loader (stager) that fetches and executes a larger second-stage payload on the target |
| What is the purpose of the Metasploit msfvenom tool? | msfvenom creates and encodes custom payloads for various platforms and exploits by combining payload generation and encoding in one tool |
| What SQL injection technique retrieves data via error messages? | Error-based SQL injection leverages verbose database errors to extract information by triggering SQL errors with crafted inputs |
| Which Metasploit tool generates cyclic patterns for offset calculation? | msf-pattern_create generates unique cyclic patterns, and msf-pattern_offset finds the exact overwrite offset |
| Which technique bypasses simple input filters by using Unicode encoding? | Unicode or UTF-8 encoding of special characters can evade character-based input filters like WAFs or application firewalls |