CompTIA PenTest+ PT0-002 Practice Question
As you establish a foothold within a network during an internal penetration test, you've identified a server with a strict outbound firewall policy that prevents reverse shells from connecting to your machine. Your next step is to maintain access with a bind shell. Due to the firewall restrictions, which of the following techniques would allow the compromised server to listen for your connection while minimizing the risk of detection by the network intrusion detection system?
Wrap the bind shell traffic with SSL and use a port allowed by the firewall policy.
Configure the shell to listen on a commonly monitored port like 4444, expecting penetration testers to use it.
Bind the shell to a common port like 80/http to blend in with normal traffic, relying on the obscurity for protection.
Avoid using a shell by relying solely on periodic command execution to achieve a similar outcome.