CompTIA PenTest+ (PT0-003) — Question 111

During an assessment, a penetration tester exploits an SQLi vulnerability. Which of the following commands would allow the penetration tester to enumerate password hashes?

Answer options

• A. sqlmap -u www.example.com/?id=1 --search -T user
• B. sqlmap -u www.example.com/?id=1 --dump -D accounts -T users -C cred
• C. sqlmap -u www.example.com/?id=1 --tables -D accounts
• D. sqlmap —u www.example.com/?id=1 --schema --current-user --current-db

Correct answer: B

Explanation

The correct answer is B because the --dump option is specifically used to extract data from the database, including password hashes. Option A only searches for a table, option C lists tables without retrieving data, and option D provides schema and user information but does not extract password hashes.