CompTIA PenTest+ (PT0-001) — Question 180

A penetration tester discovers an anonymous FTP server that is sharing the C:\drive. Which of the following is the BEST exploit?

Answer options

• A. Place a batch script in the startup folder for all users.
• B. Change a service binary location path to point to the tester's own payload.
• C. Escalate the tester's privileges to SYSTEM using the at.exe command.
• D. Download, modify, and reupload a compromised registry to obtain code execution.

Correct answer: B

Explanation

The best exploit in this situation is option B, as changing a service binary location path can allow the tester to execute their own payload with the necessary permissions. Options A and D do not guarantee privilege escalation and rely on other conditions being met, while option C is not feasible without prior access to a user account with sufficient rights.