CompTIA PenTest+ (PT1-002) — Question 22

A penetration tester has obtained root access to a Linux-based file server and would like to maintain persistence after reboot. Which of the following techniques would BEST support this objective?

Answer options

• A. Create a one-shot systemd service to establish a reverse shell.
• B. Obtain /etc/shadow and brute force the root password.
• C. Run the nc -e /bin/sh <...> command.
• D. Move laterally to create a user account on LDAP

Correct answer: A

Explanation

Creating a one-shot systemd service is an effective way to maintain persistence as it ensures that the reverse shell is established automatically upon system boot. The other options, such as brute forcing the root password or using netcat, do not provide a reliable method of persistence across reboots, and moving laterally to create a user account on LDAP does not directly address maintaining access on the original server.