During a penetration test, you have successfully exploited a vulnerability on a target system. Which of the following options is the BEST method to establish a persistent and covert remote access channel?
You selected this option
Deploy a reverse shell with a listener on the attacker's machine
You selected this option
Set up an SSH server on the target system for remote access
You selected this option
Install a new remote desktop software package on the target system
You selected this option
Configure a VPN connection back to the attacker’s machine
The correct answer is 'Deploy a reverse shell with a listener on the attacker's machine'. A reverse shell is designed to bypass firewall restrictions by initiating the connection from within the target network back to the attacker's controlled environment. This type of connection is less likely to be flagged by security systems compared to a bind shell, which requires the attacker to connect directly into the compromised system, thus triggering firewalls or intrusion detection systems. A VPN can provide secure communications but is not designed for establishing covert remote access from an exploited system. SSH is a secure method for remote administration but does not inherently grant persistence or stealth. Lastly, installing a new software package increases the footprint on the system and could be very conspicuous to system administrators.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What exactly is a reverse shell?
Open an interactive chat with Bash
Why are bind shells less effective than reverse shells for persistence?
Open an interactive chat with Bash
How does a listener work in the context of a penetration test?