During an internal engagement, a penetration tester needs to copy infiltration scripts from one compromised Windows workstation to another. To reduce detection, the client requires the tester to use only native Windows executables whose primary purpose is moving files, without deploying additional tools. Which planned action BEST satisfies this requirement?
Automate ftp.exe with a batch file that passes a -s command script to upload the infiltration scripts
Create a BITSAdmin job that retrieves the scripts over HTTP in the background
Run an Invoke-WebRequest command in PowerShell to copy the scripts from an SMB share
Schedule a certutil.exe -urlcache command to download the scripts from an internal HTTP share
A batch script that calls ftp.exe in non-interactive (-s) mode fulfills the client's instruction to use only built-in software whose sole role is file transfer. ftp.exe ships with Windows, supports scripted command files, and is routinely used by administrators for routine file movement, so its use is unlikely to appear unusual. The other actions either add third-party malware or rely on native tools-certutil, BITSAdmin, or PowerShell-whose core purposes are certificate management, background update scheduling, or general automation, not dedicated file transfer clients.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is ftp.exe, and why is it commonly used?
Open an interactive chat with Bash
What is non-interactive mode (-s) in ftp.exe, and how does it work?
Open an interactive chat with Bash
Why wouldn't tools like certutil.exe or PowerShell be appropriate for file transfer in this scenario?