CompTIA PenTest+ (PT0-001) — Question 164

Which of the following commands will allow a tester to enumerate potential unquoted service paths on a host?

Answer options

• A. wmic environment get name, variablevalue, username | findstr /i ג€Pathג€ | findstr /i ג€Serviceג€
• B. wmic service get /format:hform > c:\temp\services.html
• C. wmic startup get caption, location, command |findstr /i ג€serviceג€ |findstr /v /i ג€%ג€
• D. wmic service get name, displayname, pathname, startmode |findstr /i ג€autoג€ |findstr /i /v ג€c:\windows\\ג€ |findstr / i /v ג€ג€ג€

Correct answer: D

Explanation

The correct answer is D because it specifically filters for services that start automatically and excludes paths that are located in the 'c:\windows\' directory, which is crucial for finding unquoted service paths. Options A and C do not directly focus on service paths, while B lists services in an HTML format, which does not help with enumeration of unquoted paths.