While testing a shared Linux hosting platform, you compromise SiteA and gain shell access as the Apache user (www-data). Each customer owns a separate directory under /home, but Apache is configured with FollowSymLinks and no SymLinksIfOwnerMatch restriction. Which attack would let you retrieve wp-config.php from a neighboring customer's directory without additional network exploits?
Use SQL injection in SiteA to query the other customer's database for the file content.
Place a symbolic link in SiteA's web root that targets /home/otheruser/public_html/wp-config.php, then fetch it over HTTP.
Launch an ARP poisoning attack on the hosting provider's switch to capture the neighbor's HTTP traffic.
Send a forged AXFR request to perform a DNS zone transfer from the neighbor's authoritative server.
Because Apache honors FollowSymLinks for every virtual host, the web server will follow any symbolic link that appears inside a document root-regardless of who owns the target file. By creating a symlink inside SiteA's public_html that points to /home/otheruser/public_html/wp-config.php and then requesting that link over HTTP, the attacker convinces Apache to read the neighbor's file and send its contents back. ARP poisoning, DNS zone transfers, and exploiting SQL injection in SiteA do not grant direct access to files stored in a sibling user's directory and therefore will not expose wp-config.php in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a symbolic link (symlink) in Linux?
Open an interactive chat with Bash
What is the FollowSymLinks configuration in Apache?
Open an interactive chat with Bash
How does the wp-config.php file play into security vulnerabilities?
Open an interactive chat with Bash
What is a symbolic link in Linux?
Open an interactive chat with Bash
How does the FollowSymLinks Apache configuration affect security?
Open an interactive chat with Bash
What is the wp-config.php file, and why is it sensitive?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
Web Application Hacking
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .