CompTIA PenTest+ (PT0-002) — Question 135

A penetration tester is conducting a penetration test. The tester obtains a root-level shell on a Linux server and discovers the following data in a file named password.txt in the /home/svsacct directory:
U3VQZXIkM2NyZXQhCg==
Which of the following commands should the tester use NEXT to decode the contents of the file?

Answer options

• A. echo U3VQZXIkM2NyZXQhCg== | base64 ג€"d
• B. tar zxvf password.txt
• C. hydra ג€"l svsacct ג€"p U3VQZXIkM2NyZXQhCg== ssh://192.168.1.0/24
• D. john --wordlist /usr/share/seclists/rockyou.txt password.txt

Correct answer: A

Explanation

The correct command is option A, which uses base64 decoding to convert the encoded string back to its original form. Option B is incorrect because it attempts to extract files from a tar archive, which is not applicable here. Option C incorrectly uses the encoded string as a password for an SSH brute force attack, and option D is not relevant as it uses a password cracking tool instead of decoding.