A penetration testing team deploys a specifically crafted payload to a web server, which results in opening a new session as the web server daemon.
This session has full read/write access to the file system and the admin console.
Which of the following BEST describes the attack?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
The BEST description of the attack described in the question is "Privilege escalation."
Privilege escalation is a type of attack where an attacker exploits a vulnerability in a system or application to gain access to resources or levels of access beyond what they are authorized for. In this case, the penetration testing team has used a specifically crafted payload to gain full read/write access to the file system and the admin console of the web server, which means they have escalated their privileges beyond what a normal user or daemon would have.
Domain hijacking involves taking control of a domain name, typically for the purpose of redirecting traffic or stealing sensitive information. Injection involves inserting malicious code or data into a system or application, often to exploit a vulnerability or gain access to sensitive information. Buffer overflow involves exploiting a vulnerability in a program or system by overflowing a buffer or memory space with too much data, often leading to a crash or other unintended behavior.
In summary, the attack described in the question involves gaining unauthorized access to a system or application by exploiting a vulnerability, which is characteristic of privilege escalation.