CompTIA PenTest+ (PT0-003) — Question 98

A penetration tester enumerates a legacy Windows host on the same subnet. The tester needs to select exploit methods that will have the least impact on the host's operating stability. Which of the following commands should the tester try first?

Answer options

• A. responder -I eth0 john responder_output.txt
• B. hydra -L administrator -P /path/to/pwlist.txt -t 100 rdp://
• C. msf > use msf > set msf > set PAYLOAD windows/meterpreter/reverse_tcp msf > run
• D. python3 ./buffer_overflow_with_shellcode.py445

Correct answer: A

Explanation

The correct answer, A, involves using Responder, which is a tool designed for network-based attacks and has a lower chance of causing instability on the host. Options B, C, and D utilize more aggressive methods that can significantly disrupt the target system, making them less suitable for a stability-conscious approach.