While conducting an internal penetration test, a consultant gained initial access to a file server. The consultant then configured the compromised server to listen on a specific port so the consultant could reconnect from another workstation. Which tactic best describes this scenario?
An automated data-submission routine that periodically sends information to the assessor's server.
The assessor listens locally, requiring the compromised system to connect outbound.
The compromised system listens on a port and waits for the assessor to connect.
An embedded executable that initiates a remote session only after being manually launched on the host.
In a bind-shell setup, the compromised system opens a port and passively waits for an inbound connection from the attacker. This differs from a reverse shell, where the attacker's machine is listening and the victim connects outbound. The other listed actions involve either a reverse shell, periodic data exfiltration, or a manually launched Trojan rather than a listener awaiting a tester-initiated session.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the difference between a bind shell and a reverse shell?
Open an interactive chat with Bash
What security measures can detect or prevent a bind shell attack?
Open an interactive chat with Bash
How does a Trojan or automated data exfiltration differ from a bind shell?